www.sideshow.com Open in urlscan Pro
2606:4700::6813:9e35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.sideshow.com/u/nrd.php?p=fEHqPpFRzg_168208_1909527_1_2&ems_l=3978023&i=1&d=MTAyOTY3MTk3%7CZkVIcVBwRlJ6Zw%3D%3...
Effective URL:
https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&...
Submission: On December 17 via api (December 17th 2020, 3:23:00 pm UTC) from US

Summary HTTP 101 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 22 domains to perform 101 HTTP transactions. The main IP is 2606:4700::6813:9e35, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sideshow.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on July 28th 2020. Valid for: 2 years.

This is the only time www.sideshow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
1 44	2606:4700::68... 2606:4700::6813:9e35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
11	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	143.204.90.21 143.204.90.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	194.75.186.148 194.75.186.148	2856 (BT-UK-AS ...) (BT-UK-AS BTnet UK Regional network)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	65.9.68.95 65.9.68.95	16509 (AMAZON-02) (AMAZON-02)
2	65.9.68.89 65.9.68.89	16509 (AMAZON-02) (AMAZON-02)
1	13.226.154.82 13.226.154.82	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	3.225.8.3 3.225.8.3	14618 (AMAZON-AES) (AMAZON-AES)
1	18.215.138.148 18.215.138.148	14618 (AMAZON-AES) (AMAZON-AES)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.209.100.148 34.209.100.148	16509 (AMAZON-02) (AMAZON-02)
1	54.161.26.9 54.161.26.9	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
101	32

1 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

link.sideshow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700::6813:9e35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sideshow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sideshow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.90.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-21.fra50.r.cloudfront.net

cdn.searchspring.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.75.186.148 (United Kingdom)

ASN2856 (BT-UK-AS BTnet UK Regional network, GB)
PTR: services.postcodeanywhere.co.uk

sides11111.pcapredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn1.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)

api-cf.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.68.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)

www.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-82.dus51.r.cloudfront.net

js.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.8.3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-8-3.compute-1.amazonaws.com

fingerprint.gointerpay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.138.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-138-148.compute-1.amazonaws.com

checkout.gointerpay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

sideshow.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.100.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-100-148.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.26.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-26-9.compute-1.amazonaws.com

stats.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	sideshow.com 1 redirects link.sideshow.com sideshow.com www.sideshow.com	2 MB
12	zdassets.com static.zdassets.com ekr.zdassets.com	561 KB
7	searchspring.net cdn.searchspring.net	99 KB
6	cookielaw.org cdn.cookielaw.org	109 KB
4	affirm.com cdn1.affirm.com api-cf.affirm.com www.affirm.com	83 KB
3	zendesk.com sideshow.zendesk.com	2 KB
3	gointerpay.net 1 redirects fingerprint.gointerpay.net checkout.gointerpay.net	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	159 KB
3	google.com www.google.com	975 B
2	pusher.com js.pusher.com stats.pusher.com	16 KB
2	polyfill.io cdn.polyfill.io	922 B
2	googletagmanager.com www.googletagmanager.com	83 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	69 KB
1	nr-data.net bam-cell.nr-data.net	647 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	kaptcha.com ssl.kaptcha.com
1	onetrust.com geolocation.onetrust.com	538 B
1	google.de www.google.de	108 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	pcapredict.com sides11111.pcapredict.com	14 KB
1	googleapis.com fonts.googleapis.com	517 B
101	22

	Domain	Requested by
43	www.sideshow.com	www.sideshow.com
11	static.zdassets.com	www.sideshow.com static.zdassets.com
7	cdn.searchspring.net	www.sideshow.com cdn.searchspring.net
6	cdn.cookielaw.org	www.googletagmanager.com www.sideshow.com cdn.cookielaw.org
3	sideshow.zendesk.com	www.sideshow.com static.zdassets.com
3	www.google.com	www.sideshow.com www.gstatic.com
2	fingerprint.gointerpay.net	1 redirects www.sideshow.com
2	www.affirm.com	www.sideshow.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.polyfill.io	www.sideshow.com
2	www.googletagmanager.com	www.sideshow.com
2	maxcdn.bootstrapcdn.com	www.sideshow.com maxcdn.bootstrapcdn.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.sideshow.com
1	stats.pusher.com	js.pusher.com
1	ssl.kaptcha.com	fingerprint.gointerpay.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google.de	www.sideshow.com
1	checkout.gointerpay.net	www.sideshow.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.pusher.com	www.sideshow.com
1	api-cf.affirm.com	www.sideshow.com
1	www.googleadservices.com	www.googletagmanager.com
1	ekr.zdassets.com	www.sideshow.com
1	cdn1.affirm.com	www.sideshow.com
1	sides11111.pcapredict.com	www.sideshow.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	www.sideshow.com
1	sideshow.com	1 redirects
1	link.sideshow.com
101	30

This site contains links to these domains. Also see Links.

Domain
originals.sideshow.com
atomicmisfit.sideshow.com
www.courtofthedead.com
unruly.sideshow.com
courtofthedead.com
geek.sideshow.com
help.sideshow.com
sideshow.zendesk.com
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.pinterest.com
www.linkedin.com
side.sh
www.bbb.org
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
link.sideshow.com Let's Encrypt Authority X3	`2020-11-30` - `2021-02-28`	3 months	crt.sh
www.sideshow.com Sectigo RSA Extended Validation Secure Server CA	`2020-07-28` - `2022-02-28`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
cdn.searchspring.net Amazon	`2020-07-19` - `2021-08-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.pcapredict.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-01` - `2021-09-01`	a year	crt.sh
cdn1.affirm.com Let's Encrypt Authority X3	`2020-10-24` - `2021-01-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
affirm.com DigiCert SHA2 Extended Validation Server CA	`2019-05-14` - `2021-06-03`	2 years	crt.sh
js.pusher.com Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gointerpay.net Amazon	`2020-09-12` - `2021-10-14`	a year	crt.sh
gointerpay.net Amazon	`2020-09-27` - `2021-10-29`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
sideshow.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
ssl.kaptcha.com Thawte TLS RSA CA G1	`2019-10-01` - `2021-11-29`	2 years	crt.sh
*.pusher.com Gandi Standard SSL CA 2	`2020-01-09` - `2021-04-21`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Frame ID: 17947D21441DDE266836750D937B12A8
Requests: 88 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfUlNcUAAAAAGdBZafOynEBfL6GRMDvi8L639P2&co=aHR0cHM6Ly93d3cuc2lkZXNob3cuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=gea92mhxn795
Frame ID: 9F7287ABCEC038963ECA4346EA9EA504
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.c2839d69e85022a84eed.js
Frame ID: D2EC2ACB77FD785B025B968BC7C66417
Requests: 12 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=130000&s=754808a741e04a4db2a947845e8a6d59
Frame ID: 41BC0D328AB72EEE29578F33A2045E39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://link.sideshow.com/u/nrd.php?p=fEHqPpFRzg_168208_1909527_1_2&ems_l=3978023&i=1&d=MTAyOTY3MTk3%7... Page URL
https://sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_e... HTTP 301
https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_e... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

101
Requests

100 %
HTTPS

42 %
IPv6

22
Domains

30
Subdomains

32
IPs

5
Countries

3765 kB
Transfer

9631 kB
Size

10
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://originals.sideshow.com/

Search URL Search Domain Scan URL

URL: https://atomicmisfit.sideshow.com/

Search URL Search Domain Scan URL

URL: https://www.courtofthedead.com/

Search URL Search Domain Scan URL

URL: https://unruly.sideshow.com/

Search URL Search Domain Scan URL

URL: https://courtofthedead.com/
Title: Court of the Dead

Search URL Search Domain Scan URL

URL: https://geek.sideshow.com/
Title: Let Your Geek SideShow

Search URL Search Domain Scan URL

URL: https://help.sideshow.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://sideshow.zendesk.com/hc/en-us/categories/201551668-Returns-Exchanges
Title: Returns & Exchanges

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sideshowcollectibles
Title: facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/collectsideshow
Title: twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/sideshowcollectibles
Title: instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/SideshowCollecting
Title: youtube

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/collectsideshow
Title: pinterest

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/sideshowent
Title: linkedin

Search URL Search Domain Scan URL

URL: https://side.sh/affiliates
Title: Affiliate Program

Search URL Search Domain Scan URL

URL: http://www.bbb.org/santa-barbara/business-reviews/collectibles/sideshow-collectibles-in-thousand-oaks-ca-92000502

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.sideshow.com/u/nrd.php?p=fEHqPpFRzg_168208_1909527_1_2&ems_l=3978023&i=1&d=MTAyOTY3MTk3%7CZkVIcVBwRlJ6Zw%3D%3D%7CMjJiN2Q5Y2NiMDAwNTEwNzE%3D%7Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%3D%7C Page URL
https://sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org HTTP 301
https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://fingerprint.gointerpay.net/pixel/6948ea98-6c96-4385-a9a7-87ee2ef20caa/cb415c17-f570-4258-9a8d-3f8108061e14.htm HTTP 303
https://ssl.kaptcha.com/logo.htm?m=130000&s=754808a741e04a4db2a947845e8a6d59

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK nrd.php Show response
link.sideshow.com/u/ 739 B
1 KB 472ms
372ms Document
text/html 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://link.sideshow.com/u/nrd.php?p=fEHqPpFRzg_168208_1909527_1_2&ems_l=3978023&i=1&d=MTAyOTY3MTk3%7CZkVIcVBwRlJ6Zw%3D%3D%7CMjJiN2Q5Y2NiMDAwNTEwNzE%3D%7Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%3D%7C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0e4024ac942719fc52e637f8f0262e6bc2d55050eb7072c171e73fb4eb9dda1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: link.sideshow.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 15:22:42 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: PWS/8.3.1.0.8
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-af: suite24-web2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
x-hf: suite-haproxy01c
Content-Encoding: gzip
Via: 1.1 PSdgflkfFRA1cs210:0 (W), 1.1 PShlamstdAMS1lb17:9 (W), 1.1 PSdgflkfFRA2sg74:10 (W)
X-Px: ms PSdgflkfFRA2sg74FRA,ms PShlamstdAMS1lb17AMS,ms PSdgflkfFRA1cs210FRA(origin)
X-Ws-Request-Id: 5fdb77c1_PSdgflkfFRA2po7_57848-50946

GET
H2

200

Primary Request / Show response
www.sideshow.com/
Redirect Chain

https://sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

141 KB
25 KB

1493ms
1485ms

Document
text/html

2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bd047ed097688a3fc65e612496e75faf41c966f76e5e187f4464ec5f338812

Request headers

:method: GET
:authority: www.sideshow.com
:scheme: https
:path: /?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://link.sideshow.com/u/nrd.php?p=fEHqPpFRzg_168208_1909527_1_2&ems_l=3978023&i=1&d=MTAyOTY3MTk3%7CZkVIcVBwRlJ6Zw%3D%3D%7CMjJiN2Q5Y2NiMDAwNTEwNzE%3D%7Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%3D%7C
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d9307268ebcea24079d0cca740f96e9851608218562
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://link.sideshow.com/u/nrd.php?p=fEHqPpFRzg_168208_1909527_1_2&ems_l=3978023&i=1&d=MTAyOTY3MTk3%7CZkVIcVBwRlJ6Zw%3D%3D%7CMjJiN2Q5Y2NiMDAwNTEwNzE%3D%7Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%3D%7C

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-type: text/html; charset=UTF-8
link: <https://www.sideshow.com/wp-json/>; rel="https://api.w.org/" <https://www.sideshow.com/>; rel=shortlink
set-cookie: sideshow_session_multi=eyJpdiI6IjJrak9DWjBqRk1udGpXbzd0UXg2SUE9PSIsInZhbHVlIjoiNWZOSUY2aDdVanBTakFlMzh2S3JQSG16dDJUWjlJMHNHdFRaV1hrN2x2dmdqSUt0bE1YSXJjTDU0dUNXN2FnNSIsIm1hYyI6IjA0MDQ5MDMzZGNlYjUyMmVmYjNjZjI4YzcwYTZlYTk4YTk1ZDZmNTQ3ZDRmM2JjZmViNGI0ODhmNGZkYzA3OTcifQ%3D%3D; path=/; domain=.sideshow.com; HttpOnly;HttpOnly;Secure XSRF-TOKEN=eyJpdiI6Imlnc0puV1QzRmxza2ptOStTSFJiWVE9PSIsInZhbHVlIjoiVGVLanRtaksyRHVPdEwxeEtiZVpzZz09IiwibWFjIjoiOWFkNGRkODUwYzkyNzBhZmEwNzM0NTYwOWUyNDQ1MmQ3OWNiNGM4MzIwM2JiNDJmNmY4NGExZDJhNjVkYmQxYSJ9; expires=Fri, 01-Jan-2021 15:22:43 GMT; Max-Age=1296000; path=/; domain=.sideshow.com;HttpOnly;Secure __cflb=02DiuJJXa5FXZVz7wPmZaDXBZaCXtRDbB2p4gH6qxuzvp; SameSite=Lax; path=/; expires=Fri, 18-Dec-20 14:22:44 GMT; HttpOnly
cf-cache-status: DYNAMIC
cf-request-id: 0712e4e8920000d72d0998e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6031a420ec9fd72d-FRA
content-encoding: br

Redirect headers

date: Thu, 17 Dec 2020 15:22:42 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d9307268ebcea24079d0cca740f96e9851608218562; expires=Sat, 16-Jan-21 15:22:42 GMT; path=/; domain=.sideshow.com; HttpOnly; SameSite=Lax __cflb=02DiuJJXa5FXZVz7wPmZaDXBZaCXtRDbB2p4gH6qxuzvp; SameSite=Lax; path=/; expires=Fri, 18-Dec-20 14:22:42 GMT; HttpOnly
location: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
cf-cache-status: DYNAMIC
cf-request-id: 0712e4e6b60000d72dcc21b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6031a41deee1d72d-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
517 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c50acf54e17870e9a5ebe944f589ecc5e1d947426519c6a969ae9db93040c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Dec 2020 14:45:49 GMT
server: ESF
date: Thu, 17 Dec 2020 15:22:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Dec 2020 15:22:44 GMT

GET
H2 200 app.css
www.sideshow.com/css/ 988 KB
230 KB 28ms
26ms Stylesheet
text/css 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3379f81619770b709a561047fef71176a61c8cd024852994f5656c77b710e80

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2020 21:12:49 GMT
server: cloudflare
age: 65276
etag: W/"f70e1-5b69b5661f640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6031a42ad9a8d72d-FRA
cf-request-id: 0712e4eeca0000d72d09a01000000001
expires: Sat, 16 Jan 2021 15:22:44 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 394ms
32ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H2 200 modernizr.js Show response
www.sideshow.com/js/ 11 KB
4 KB 23ms
21ms Script
application/javascript 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/js/modernizr.js
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe6bda33882a6e67e3cc4e5811dffeccc46961d6e0bdd93061db7e8d646ff01

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Dec 2020 19:43:52 GMT
server: cloudflare
age: 825682
etag: W/"2b4c-5b5e50bb36e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6031a42ad9a9d72d-FRA
cf-request-id: 0712e4eecb0000d72df4930000000001
expires: Sat, 16 Jan 2021 15:22:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1064746620

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9999973f984144200c93cdb2996a0465a8b7bd85a01480011242be12e64b5a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38976
x-xss-protection: 0
last-modified: Thu, 17 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Dec 2020 15:22:44 GMT

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 407 B
672 B 21ms
6ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdebc5b850b5ca47dfdc39a4632d114e1efee839e8b52df6a5e9762289325323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2459152
detected-user-agent: Chrome Mobile/83.0.4103
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 202
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Nov 2020 12:42:30 GMT
date: Thu, 17 Dec 2020 15:22:44 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
677 B 20ms
19ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfUlNcUAAAAAGdBZafOynEBfL6GRMDvi8L639P2

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cbe224074d892d9c129411c8cee625272d62b5a2dd1b97b763d2486c7a7bdd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 17 Dec 2020 15:22:44 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 84ms
36ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 29
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 236D466861EBD015
x-amz-id-2: YdMppmiiAZGDoyTTfJePxDeeEYxO+2y97Qi+QQUT+Wh5c16aPYlnm6n6er2ThXFnZJnV2ebIrdU=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 0712e4eefd000032aa2fa00000000001
cf-ray: 6031a42b291a32aa-CDG

GET
H2 200 sideshow-s-holiday-2020.svg
www.sideshow.com/images/ 147 KB
18 KB 30ms
29ms Image
image/svg+xml 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/sideshow-s-holiday-2020.svg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff877df576a0ff89ebec1f7d32f897f7d56623efc4562fce10bb549e59911b38

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
server: cloudflare
age: 46765
etag: W/"24b67-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6031a42b9b33d72d-FRA
cf-request-id: 0712e4ef3f0000d72ddbb13000000001
expires: Fri, 17 Dec 2021 15:22:44 GMT

GET
H2 200 ribbon-logos-s-2021.png
www.sideshow.com/images/ 412 B
661 B 24ms
23ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/ribbon-logos-s-2021.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3ccfb1a555b4d43828823084f5f5565e0f12e19b76bebf98ff4ea6ff584e44

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=1861
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="ribbon-logos-s-2021.webp"
content-length: 412
cf-request-id: 0712e4ef5e0000d72daf9c6000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "745-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42bcb99d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 ribbon-logos-originals.png
www.sideshow.com/images/ 1006 B
1 KB 31ms
31ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/ribbon-logos-originals.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d3c1530f4e4509d9de49fbf50b56ddfcd63d29ed464a95e72c48027c365b38

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=2799
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="ribbon-logos-originals.webp"
content-length: 1006
cf-request-id: 0712e4ef770000d72d9faa6000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "aef-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42bfbf1d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 ribbon-logos-atomic-misfit.png
www.sideshow.com/images/ 956 B
1 KB 24ms
18ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/ribbon-logos-atomic-misfit.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2023c03c326f7ed84e2ccd664e9f0e3ed31d3f1356312f1b136a7f0c20aa7a13

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=3058
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="ribbon-logos-atomic-misfit.webp"
content-length: 956
cf-request-id: 0712e4f09f0000d72daf9e0000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "bf2-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dcf83d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 ribbon-logos-cotd.png
www.sideshow.com/images/ 944 B
1 KB 29ms
23ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/ribbon-logos-cotd.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fb52e8a2c8d872cc5a2de48fe11cbca932fa8f0712f32525bfe91f78484feb

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=2687
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="ribbon-logos-cotd.webp"
content-length: 944
cf-request-id: 0712e4f09e0000d72d9fabf000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a7f-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dcf84d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 ribbon-logos-unruly.png
www.sideshow.com/images/ 890 B
1 KB 32ms
27ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/ribbon-logos-unruly.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869d41d2d5da139df089daf68e58cd3f4694e2af804f2b01a9a8ec79e15a32c8

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=2573
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="ribbon-logos-unruly.webp"
content-length: 890
cf-request-id: 0712e4f09e0000d72dc2a71000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a0d-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dcf87d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 ribbon-logos-geek.png
www.sideshow.com/images/ 390 B
610 B 36ms
30ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/ribbon-logos-geek.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce984d49d1c262d8d80db9223313ee4ad495aeda0749cbc5febd8bfd666f5d7

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=1787
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="ribbon-logos-geek.webp"
content-length: 390
cf-request-id: 0712e4f0a00000d72ddd3ff000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6fb-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dcf89d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 header-logo-sideshow-holiday-2020.svg
www.sideshow.com/images/ 132 KB
18 KB 33ms
28ms Image
image/svg+xml 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/header-logo-sideshow-holiday-2020.svg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e8ff1acd5dd6f94fb7e9667cf19485448f4a8667115517c0339eb83d97af7cc

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Dec 2020 22:16:58 GMT
server: cloudflare
age: 234245
etag: W/"21133-5b6740024499a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6031a42dcf8bd72d-FRA
cf-request-id: 0712e4f09f0000d72de1be9000000001
expires: Fri, 17 Dec 2021 15:22:44 GMT

GET
H2 200 400304
www.sideshow.com/photo/ 69 KB
69 KB 33ms
32ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/400304
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a6b5853012c77ec3ccfdad80288dbd95ba8ab8be2214bdf44a30f15d7eb983f

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 5490
cf-polished: origFmt=jpeg, origSize=123983
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42defcbd72d-FRA
content-length: 70298
cf-request-id: 0712e4f0b50000d72da8a22000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 905743
www.sideshow.com/photo/ 53 KB
53 KB 54ms
51ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/905743
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ecf2f2f02cc4587d76cbec35f2d22d6aacdb334e374f9669d22c55f313131b4

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 4866
cf-polished: origFmt=jpeg, origSize=111656
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dffe0d72d-FRA
content-length: 54394
cf-request-id: 0712e4f0bb0000d72da0b45000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 903697
www.sideshow.com/photo/ 28 KB
29 KB 20ms
18ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/903697
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb33fc761a8505ccbdd58ed7fa3defb0eb3e45d668baed8bd02deb902b99e503

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 3732
cf-polished: origSize=29269, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dffe4d72d-FRA
content-length: 29155
cf-request-id: 0712e4f0bb0000d72dd111e000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 9034301
www.sideshow.com/photo/ 40 KB
40 KB 622ms
621ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/9034301
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd9eea270cf8d326dfe1b81b2b61355479ecb610cc00dc5f24041e8ce578c475

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dffe7d72d-FRA
content-length: 41182
cf-request-id: 0712e4f0bc0000d72dc1ab0000000001
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 907478
www.sideshow.com/photo/ 31 KB
31 KB 27ms
26ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/907478
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b2730ec6f3d121936e60ebb4b98c65a3aa0b7c1d76afc31e7b020741deae3d

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 1997
cf-polished: origSize=32027, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dffe9d72d-FRA
content-length: 31389
cf-request-id: 0712e4f0bd0000d72dd70f4000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 907402
www.sideshow.com/photo/ 22 KB
22 KB 25ms
24ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/907402
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6402d01baf27b46cd4163848080f98d8709411c1894627eada32696278ff508d

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6596
cf-polished: origSize=24029, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e1831d72d-FRA
content-length: 22663
cf-request-id: 0712e4f0d00000d72ddbb2d000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 907463
www.sideshow.com/photo/ 26 KB
26 KB 22ms
22ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/907463
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bca49fddd344c6600128b9d79e3b016c624656165db191715e1d767ce643962

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6596
cf-polished: origSize=27485, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e285bd72d-FRA
content-length: 26953
cf-request-id: 0712e4f0db0000d72daf9e9000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 907476
www.sideshow.com/photo/ 39 KB
39 KB 64ms
64ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/907476
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690ba7e8a0ca59c665e09f36c9b80d6a701c88a6de3a2386ca59f3bd27190cbb

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 1997
cf-polished: origSize=41929, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e2862d72d-FRA
content-length: 40027
cf-request-id: 0712e4f0d80000d72df3a6b000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 907448
www.sideshow.com/photo/ 34 KB
34 KB 33ms
32ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/907448
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a011676786c466cbcb9018449b8223b9ec0880f410694e50d9da860b0d61cb

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6596
cf-polished: origSize=35964, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e388ad72d-FRA
content-length: 34434
cf-request-id: 0712e4f0e60000d72dc1ab6000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 907450
www.sideshow.com/photo/ 34 KB
34 KB 25ms
24ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/907450
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d433ee93f6626bdd187ba8b9b84c21790dcb9829257f647ed895d06cafeb31f5

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6596
cf-polished: origSize=36629, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e489bd72d-FRA
content-length: 34778
cf-request-id: 0712e4f0ea0000d72dc1ab7000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 500871U
www.sideshow.com/photo/ 21 KB
21 KB 30ms
30ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/500871U
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18fd1a7789f795687fbf320f954bcd14925c0c0bfae3e996024a7ba0d2f9b1c

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6596
cf-polished: origSize=23573, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e48a6d72d-FRA
content-length: 21739
cf-request-id: 0712e4f0f00000d72d089a2000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 100439
www.sideshow.com/photo/ 26 KB
26 KB 17ms
17ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/100439
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b1f42a0e37d551aacc13ef120976b3a805258b2e6c671aae8866813de609c9

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6596
cf-polished: origSize=28097, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e48afd72d-FRA
content-length: 26787
cf-request-id: 0712e4f0ef0000d72ddd003000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 sideshow-horiz-white-2021.svg
www.sideshow.com/images/ 3 KB
1 KB 42ms
21ms Image
image/svg+xml 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/sideshow-horiz-white-2021.svg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf82e7467f969ed6a2485063df48f02ac70744e400452c4ed15b5208ab845f5

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Dec 2020 19:53:45 GMT
server: cloudflare
age: 1106820
etag: W/"db0-5b5a8d59256a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6031a42e8928d72d-FRA
cf-request-id: 0712e4f1150000d72dfe246000000001
expires: Fri, 17 Dec 2021 15:22:44 GMT

GET
H2 200 bbb-footer-logo-dark.png
www.sideshow.com/images/ 2 KB
2 KB 39ms
22ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/bbb-footer-logo-dark.png
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d40c7e5e4f2fbac5c2a050f63023f9621e302ec57efb8e40efc6dc6ee823c707

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 2045
cf-polished: origFmt=png, origSize=2051
last-modified: Wed, 16 Dec 2020 21:12:50 GMT
content-disposition: inline; filename="bbb-footer-logo-dark.webp"
content-length: 1656
cf-request-id: 0712e4f1160000d72de6991000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "803-5b69b56713880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42e892bd72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 email-decode.min.js Show response
www.sideshow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
883 B 8ms
8ms Script
application/javascript 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sideshow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 18:08:54 GMT
server: cloudflare
etag: W/"5fd7aa36-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6031a42c2c36d72d-FRA
vary: Accept-Encoding
cf-request-id: 0712e4ef970000d72db8250000000001
expires: Sat, 19 Dec 2020 15:22:44 GMT

GET
H2 200 manifest.js Show response
www.sideshow.com/js/ 799 B
533 B 40ms
39ms Script
application/javascript 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/js/manifest.js?id=3856261ebef1de6b975c
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d857d93bd1a10e827bcd2d81f194599133d30e209061e565a9767a0940f4ed26

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 20:22:23 GMT
server: cloudflare
age: 990758
etag: W/"31f-5b581003d9dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6031a42c3c5bd72d-FRA
cf-request-id: 0712e4efa30000d72da00c0000000001
expires: Sat, 16 Jan 2021 15:22:44 GMT

GET
H2 200 vendor.js Show response
www.sideshow.com/js/ 2 MB
613 KB 65ms
64ms Script
application/javascript 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/js/vendor.js?id=f1279501cf3816e01168
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4437cc3da56c6ff64bc0246050e9d234b3c0c4e441bdb33d71e38f2136ea33e4

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2020 21:12:49 GMT
server: cloudflare
age: 45422
etag: W/"19d2b9-5b69b5661f640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6031a42c7ce3d72d-FRA
cf-request-id: 0712e4efc90000d72ddbb1f000000001
expires: Sat, 16 Jan 2021 15:22:44 GMT

GET
H2 200 app.js Show response
www.sideshow.com/js/ 400 KB
119 KB 44ms
42ms Script
application/javascript 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/js/app.js?id=89b6ea3d7599691b48c1
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c33c900da68b6067d9a9f36f5455ee3148f008f645eb6e36c040b250fcf81c

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 17:22:51 GMT
server: cloudflare
age: 1288428
etag: W/"63f15-5b57e7e2df0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6031a42d5ec1d72d-FRA
cf-request-id: 0712e4f0580000d72da00d3000000001
expires: Sat, 16 Jan 2021 15:22:44 GMT

GET
H2 200 components.js Show response
www.sideshow.com/js/ 338 KB
88 KB 74ms
68ms Script
application/javascript 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/js/components.js?id=55890db00a14909197fb
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52c308d6127fd6c7c3305a61f2e0e100b9475e3428a6159c99526c0d8234f8f5

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 20:22:23 GMT
server: cloudflare
age: 905789
etag: W/"54789-5b581003d9dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 6031a42dcf81d72d-FRA
cf-request-id: 0712e4f09c0000d72df08a6000000001
expires: Sat, 16 Jan 2021 15:22:44 GMT

GET
H2 200 searchspring.catalog.js Show response
cdn.searchspring.net/search/v3/js/ 173 KB
60 KB 115ms
37ms Script
application/javascript 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 414d08f32a577439d5b856c634ad55f2e965d468f1df605f2070ecf504201aba

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:11:42 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 20:23:29 GMT
server: AmazonS3
age: 662
etag: "96fe9545aa35dfc03189b0bd35b9478f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dOJUzYyvXBwjMO68Euh3sAoHVmeIk5ExRGbybP6pEaKBoVgEtplivA==

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sideshow.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 18:04:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 76710
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:04:14 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
45 KB 48ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHRK7N

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0ac47dff296bedcc76c533909d7042f75eb76e372e65aed96ccb8e12f4e01f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45524
x-xss-protection: 0
last-modified: Thu, 17 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Dec 2020 15:22:44 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
131 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfUlNcUAAAAAGdBZafOynEBfL6GRMDvi8L639P2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sideshow.com
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1044
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133916
x-xss-protection: 0
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Dec 2021 15:05:20 GMT

GET
H/1.1 200
OK sensor.js Show response
sides11111.pcapredict.com/js/ 66 KB
14 KB 140ms
54ms Script
text/javascript 194.75.186.148
BT-UK-AS BTnet UK...

General

Check archive.org

Show headers Download Go to

Full URL: https://sides11111.pcapredict.com/js/sensor.js
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.75.186.148 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS: services.postcodeanywhere.co.uk
Software: nginx /
Resource Hash: 1237521d6d16843cf2ea4d4d9dd2b6c30015e8e878bf0d08dc782356eb8fd188

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 15:22:44 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 13944

GET
H2 200 affirm.js Show response
cdn1.affirm.com/js/v2/ 358 KB
81 KB 64ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/js/v2/affirm.js

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

15d6591ca985f6215fd66d9adfb2eb991e5b64b6fcef41bd8eadec30f6e35519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: br
vary: Accept-Encoding
age: 655
x-cache: HIT, HIT
x-envoy-upstream-service-time: 2977
x-affirm-cache-status: MISS
content-length: 81743
x-served-by: cache-bwi5140-BWI, cache-cdg20770-CDG
access-control-allow-origin: *
x-affirm-request-id: 45468f22-1b29-400a-c044-74058f2bb882
last-modified: Wed, 11 Nov 2020 23:24:57 GMT
server: istio-envoy
etag: W/"ceafd205c1ed9e1baf74fe1366503b14"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=259200, public
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin, <https://cdn1.affirm.com>; rel=preconnect, <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin, <https://cdn-assets.affirm.com>; rel=preconnect, <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin, <https://cdnjs.cloudflare.com>; rel=preconnect
x-cache-hits: 5, 28

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 9ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.sideshow.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 64470

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sideshow.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 20:51:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 412283
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sun, 12 Dec 2021 20:51:21 GMT

GET
H2 200 webfa-regular-400.woff2
www.sideshow.com/fonts/vendor/@fortawesome/fontawesome-pro/ 149 KB
149 KB 25ms
25ms Font
application/octet-stream 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/fonts/vendor/@fortawesome/fontawesome-pro/webfa-regular-400.woff2?bc70ae3f10e3da7672a12847a2bf0175
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d322571130175de992723581bcb9be79f2177e999d268d7eb5a7369cfff706

Request headers

Origin: https://www.sideshow.com
Referer: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2020 21:12:49 GMT
server: cloudflare
age: 6980
etag: "25230-5b69b5661f640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42dcf8fd72d-FRA
content-length: 152112
cf-request-id: 0712e4f0a00000d72dd111b000000001
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 polyfill.js
cdn.polyfill.io/v2/ 407 B
250 B 7ms
6ms Other
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdebc5b850b5ca47dfdc39a4632d114e1efee839e8b52df6a5e9762289325323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2459153
detected-user-agent: Chrome Mobile/83.0.4103
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 202
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Nov 2020 12:42:30 GMT
date: Thu, 17 Dec 2020 15:22:44 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fa807a4c-2071-41cb-b41a-41a511109838 Show response
ekr.zdassets.com/compose/ 1 KB
899 B 234ms
188ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/fa807a4c-2071-41cb-b41a-41a511109838

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d006785f64de237bc37e7985a0b2c77bf12d22553d43cbc2bf58b5abaa262aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200 OK
strict-transport-security: max-age=0
cf-request-id: 0712e4f14b0000083077147000000001
x-request-id: 71149f0a-1b81-44b2-826d-a6198b52fe12
x-runtime: 0.002684
server: cloudflare
etag: W/"9d006785f64de237bc37e7985a0b2c77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6031a42eddd70830-CDG

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 39ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1064746620

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Dec 2020 15:22:44 GMT

GET
H2 200 the-mandalorian-and-the-child-deluxe_star-wars_feature.jpg
www.sideshow.com/storage/product-images/907266/ 101 KB
101 KB 41ms
40ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/storage/product-images/907266/the-mandalorian-and-the-child-deluxe_star-wars_feature.jpg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3cde74e051285ca6be3ab9073ca175f7b9299dd2e5cde1c33039d9161978d05

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
age: 1673
cf-polished: origSize=106077, status=webp_bigger
last-modified: Mon, 02 Nov 2020 20:52:42 GMT
content-length: 103424
cf-request-id: 0712e4f1710000d72db9898000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "19e5d-5b325ed7b363e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42f1a88d72d-FRA
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 the-child_star-wars_feature.jpg
www.sideshow.com/storage/product-images/400369/ 200 KB
200 KB 22ms
22ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/storage/product-images/400369/the-child_star-wars_feature.jpg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c3f06abb8f2f3b33585bf693cee2e63a616a04a5da3cf7a7e465a6714771ba

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 1672
cf-polished: origFmt=jpeg, origSize=217156
last-modified: Mon, 02 Nov 2020 17:43:01 GMT
content-disposition: inline; filename="the-child_star-wars_feature.webp"
content-length: 204488
cf-request-id: 0712e4f1710000d72dce256000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "35044-5b32347149ae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42f1a8bd72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 iron-man-mark-l_marvel_feature.jpg
www.sideshow.com/storage/product-images/903421/ 122 KB
122 KB 25ms
25ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/storage/product-images/903421/iron-man-mark-l_marvel_feature.jpg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ee75590aa7c6737a8ac9d9d3d12578de182160acc3422f1c01817925e342a6

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 6595
cf-polished: origSize=129535, status=webp_bigger
last-modified: Tue, 20 Aug 2019 17:07:39 GMT
content-length: 124520
cf-request-id: 0712e4f1720000d72df999c000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "1f9ff-5908f7e72ad20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42f1a8fd72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 batman_dc-comics_feature.jpg
www.sideshow.com/storage/product-images/3007471/ 66 KB
66 KB 28ms
28ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/storage/product-images/3007471/batman_dc-comics_feature.jpg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10cc9f211443327106faf1b5e49bcd79ab7902dae7c06747be88ac82866963c5

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:44 GMT
cf-cache-status: HIT
age: 6595
cf-polished: origSize=69467, status=webp_bigger
last-modified: Tue, 05 May 2020 18:08:20 GMT
content-length: 67118
cf-request-id: 0712e4f1740000d72da5b53000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "10f5b-5a4ea88586fe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42f1a92d72d-FRA
expires: Thu, 17 Dec 2020 19:22:44 GMT

GET
H2 200 select-icon.png
www.sideshow.com/images/ 94 B
423 B 33ms
33ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/select-icon.png?f6d8411bcc674014666914f078ff4243
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755978c4d8db5848d0ae9f22332dbd87ff486b84d570c7dc5c64909fe7478c8e

Request headers

Referer: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
age: 2046
cf-polished: origFmt=png, origSize=149
last-modified: Wed, 16 Dec 2020 21:12:49 GMT
content-disposition: inline; filename="select-icon.webp"
content-length: 94
cf-request-id: 0712e4f1730000d72dd3b8c000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "95-5b69b5661f640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42f1a97d72d-FRA
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 sprite-icons.png
www.sideshow.com/images/ 12 KB
12 KB 31ms
30ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/images/sprite-icons.png?f1487e0404aac442d980bfc5a6ac3609
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4e8141d2c263e84e3046a52073e1c3a45154f56f9c57e1480c44f1b7d207a7b

Request headers

Referer: https://www.sideshow.com/css/app.css?id=717732c0d8d87f903875
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
age: 1705
cf-polished: origFmt=png, origSize=18209
last-modified: Wed, 16 Dec 2020 21:12:51 GMT
content-disposition: inline; filename="sprite-icons.webp"
content-length: 11912
cf-request-id: 0712e4f19b0000d72daf3e7000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "4721-5b69b56807ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a42f5b5bd72d-FRA
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 touch_track Show response
api-cf.affirm.com/api/v2/session/ 46 B
917 B 276ms
157ms Fetch
application/json 65.9.68.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cf.affirm.com/api/v2/session/touch_track

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.95 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

ece2c9b688ce48e95f7b30cd31b66d876fb5ae4bd9648aa4e8ed9581ea9a7d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.sideshow.com
x-affirm-request-id: 7a02b2ca-e0c3-4f51-cf78-075c2674991c
server: openresty
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: AVpY7wVx7HjVaWuIBQhL2UNAAqrmQtweQ3ElnbDMPF8PI0HpUNenNg==

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 22 B
695 B 149ms
32ms Fetch
application/json 65.9.68.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.89 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 14:35:59 GMT
content-encoding: gzip
vary: Accept-Encoding,cookie,Origin,Origin
age: 2806
x-cache: Hit from cloudfront
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.sideshow.com
x-affirm-request-id: f2f7803b-5d99-42f9-c2d9-9eb3c5e68a8e
server: openresty
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: g-ojPntrOqPhrLmLTi4mb8c-iQGppq1IVvUCG5w2m686neg9qUqcxg==

GET
H2 200 pusher.min.js Show response
js.pusher.com/3.1/ 60 KB
16 KB 128ms
50ms Script
application/javascript 13.226.154.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pusher.com/3.1/pusher.min.js?_=1608218565123
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/js/vendor.js?id=f1279501cf3816e01168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.154.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-82.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49d8840799acd94d7246d1224afaba67b47346bd9583c86e77ddfdf9207129ad

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 02:05:34 GMT
content-encoding: gzip
last-modified: Tue, 06 Nov 2018 11:41:04 GMT
server: AmazonS3
age: 1862232
etag: "4f5e12b07d479f4fd76507d07cd335f2"
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 7UHfoGd2aaJekiD3qcwQyv3jeWSjWCZwRP1QBE-0_wTmjELeg1mdYw==
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)

GET
H2 200 angular.js Show response
cdn.searchspring.net/ajax_search/sites/3w37oq/js/ 41 KB
10 KB 51ms
50ms Script
application/javascript 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/ajax_search/sites/3w37oq/js/angular.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094dd5ccb1967f00fc5675f0510062dc63297a5302ed21aa18441426e8de6661

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 17 Dec 2020 15:18:54 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 18:03:39 GMT
server: AmazonS3
age: 268
etag: "0617073c88c0513de5c05398326548d9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10276
x-amz-cf-id: HZhzl5KUgDoCIwDSs0qxVouG99y3LMh1qyFvW5nto2I4SLP3WhUaFg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064746620/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064746620/?random=1608218565353&cv=9&fst=1608218565353&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sideshow.com%2F%3Fsc_src%3Demail_1909527%26sc_lid%3D102967197%26sc_uid%3DfEHqPpFRzg%26sc_llid%3D168208%26sc_eh%3D22b7d9ccb00051071%26sc_customer%3Dkatie.atkins%2540providence.org&ref=https%3A%2F%2Flink.sideshow.com%2Fu%2Fnrd.php%3Fp%3DfEHqPpFRzg_168208_1909527_1_2%26ems_l%3D3978023%26i%3D1%26d%3DMTAyOTY3MTk3%257CZkVIcVBwRlJ6Zw%253D%253D%257CMjJiN2Q5Y2NiMDAwNTEwNzE%253D%257Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%253D%257C&tiba=Sideshow%20Collectibles%20-%20Pop%20Culture%20is%20Our%20Culture&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d5fb96a5412342651bbbce9e82199032833726c6956e3d0f9d6359d250d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 22 B
695 B 35ms
35ms Fetch
application/json 65.9.68.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.89 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 14:35:59 GMT
content-encoding: gzip
vary: Accept-Encoding,cookie,Origin,Origin
age: 2806
x-cache: Hit from cloudfront
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.sideshow.com
x-affirm-request-id: f2f7803b-5d99-42f9-c2d9-9eb3c5e68a8e
server: openresty
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: 2dOt3DzsJcqOQQEkshTiJ-HtkkTCwTr38vuQejfnh8Km4G8T0gcn7Q==

GET
H/1.1 200
OK v2.18 Show response
fingerprint.gointerpay.net/ 597 B
831 B 428ms
111ms Script
text/javascript 3.225.8.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fingerprint.gointerpay.net/v2.18?MerchantId=6948ea98-6c96-4385-a9a7-87ee2ef20caa&_=1608218565124

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/js/vendor.js?id=f1279501cf3816e01168

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.225.8.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-8-3.compute-1.amazonaws.com

Software

GoInterpay /

Resource Hash

72393a396554eddce726dd031a857048577b52b37256f13f67b6856e9652004b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60000

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 15:22:45 GMT
Cache-Control: no-cache
Server: GoInterpay
Connection: keep-alive
Content-Length: 597
Strict-Transport-Security: max-age=60000
Content-Type: text/javascript; charset=utf-8

GET
H2 200 localize Show response
checkout.gointerpay.net/v2.18/ 61 B
207 B 323ms
120ms XHR
application/json 18.215.138.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.gointerpay.net/v2.18/localize?MerchantId=6948ea98-6c96-4385-a9a7-87ee2ef20caa
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.138.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-138-148.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 839baf8885dfad5bb0ce7e8430e91edf34322abb22da021c2332918c9ff68d80

Request headers

Accept: */*
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 17 Dec 2020 15:22:45 GMT
cache-control: no-cache
server: awselb/2.0
access-control-allow-headers: *
content-length: 61
content-type: application/json; charset=utf-8

GET
H2 200 mandalorian-star-wars-hot-toys-sixth-scale-figure-905333.jpg
www.sideshow.com/wp/wp-content/uploads/2020/09/ 217 KB
217 KB 26ms
25ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/wp/wp-content/uploads/2020/09/mandalorian-star-wars-hot-toys-sixth-scale-figure-905333.jpg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4cb930e9beef593f246a7be0fb6a342724f27acdff3c407c63d2906f56283e

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
age: 6595
cf-polished: origSize=229847, status=webp_bigger
last-modified: Mon, 28 Sep 2020 15:25:51 GMT
content-length: 222059
cf-request-id: 0712e4f3090000d72dedbe1000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "381d7-5b06148202e46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a431aff1d72d-FRA
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 holiday-deals-2020-1050x525-1.jpg
www.sideshow.com/wp/wp-content/uploads/2020/12/ 62 KB
62 KB 32ms
31ms Image
image/webp 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/wp/wp-content/uploads/2020/12/holiday-deals-2020-1050x525-1.jpg
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3c60bffacaccae403b8125e2d441d0e282c2a251bfe04b1166422f061d9b7e

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
age: 1378
cf-polished: origFmt=jpeg, origSize=87185
last-modified: Mon, 14 Dec 2020 23:32:26 GMT
content-disposition: inline; filename="holiday-deals-2020-1050x525-1.webp"
content-length: 63272
cf-request-id: 0712e4f3090000d72db98b4000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "15491-5b6750e1115cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a431aff5d72d-FRA
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 904311_thumb
www.sideshow.com/photo/ 33 KB
33 KB 27ms
26ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/904311_thumb
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b707cb79f0799cdf97228a142d3aaa18156db570457076f39c2efb4a1d6a2066

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6595
cf-polished: origSize=35450, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a431aff8d72d-FRA
content-length: 33722
cf-request-id: 0712e4f30a0000d72dd1152000000001
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 9034354_thumb
www.sideshow.com/photo/ 23 KB
23 KB 21ms
20ms Image
image/jpeg 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sideshow.com/photo/9034354_thumb
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61160e82e4a385a4e608f10feec547d5d21b0ae340d06ba997384712d7a7cc6

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
server: cloudflare
age: 6595
cf-polished: origSize=23774, status=webp_bigger
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6031a431aff9d72d-FRA
content-length: 23489
cf-request-id: 0712e4f30a0000d72dcc31e000000001
expires: Thu, 17 Dec 2020 19:22:45 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 9F72 0
0 27ms
27ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfUlNcUAAAAAGdBZafOynEBfL6GRMDvi8L639P2&co=aHR0cHM6Ly93d3cuc2lkZXNob3cuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=gea92mhxn795

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qoakZh3LEfcvvcWEZwz3yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfUlNcUAAAAAGdBZafOynEBfL6GRMDvi8L639P2&co=aHR0cHM6Ly93d3cuc2lkZXNob3cuY29tOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=invisible&cb=gea92mhxn795
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 17 Dec 2020 15:22:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-qoakZh3LEfcvvcWEZwz3yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10188
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
5 KB 43ms
22ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHRK7N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Rjo5rR6WLxJZqpuljPRg+g==
age: 4831
vary: Accept-Encoding
content-length: 4134
cf-request-id: 0712e4f3360000175ee5ba6000000001
x-ms-lease-status: unlocked
last-modified: Mon, 14 Dec 2020 04:27:52 GMT
server: cloudflare
etag: 0x8D89FE89F595663
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80400c96-601e-00e7-03de-d1c8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6031a431e96f175e-FRA

GET
H2 200 autocomplete2.js Show response
cdn.searchspring.net/search/v3/js/modules/ 32 KB
9 KB 31ms
30ms Script
application/javascript 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/js/modules/autocomplete2.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 591a49edba4e00462cccc516e38d317a5eaddbe66c495f84ff4e8214dbd77173

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:04:45 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 19:46:33 GMT
server: AmazonS3
age: 1084
etag: "a84b9f5380c82ebde983fd7558b24f50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: H1fY2Y3Dy5Br6UsIT3Q6bG5s12y1IUtBWO27_bFH60MLNP2N4G4RgA==

GET
H2 200 facet-slider.js Show response
cdn.searchspring.net/search/v3/js/modules/ 21 KB
7 KB 33ms
32ms Script
application/javascript 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/js/modules/facet-slider.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1272e1994652112569839112a3878b79acc70db5c25b89f4984a83701f90f1b1

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:03:30 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 17:04:54 GMT
server: AmazonS3
age: 1156
etag: "72852517ef9c547db6318aa50579c5b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6dkSpVAjZUYkdlkq8Z-qss9Jrpw8xFHb9FmBNouoqIuAc0B2lDKgmw==

GET
H2 200 slideout.js Show response
cdn.searchspring.net/search/v3/js/modules/ 9 KB
4 KB 31ms
31ms Script
application/javascript 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/js/modules/slideout.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c8d61157b9f632fd7ba281e68de890d7529c6703d22df048761d9ec99402e2e

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:13:43 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 17:04:54 GMT
server: AmazonS3
age: 542
etag: "e9afe3956f597ad680eed56c1b1aa210"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iolesuDj_IAmj-JKt5R44S0aWPQzO7jh4q37FikYinO_WHBBBgM3QQ==

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1064746620/ 42 B
298 B 25ms
18ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1064746620/?random=1608218565353&cv=9&fst=1608217200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sideshow.com%2F%3Fsc_src%3Demail_1909527%26sc_lid%3D102967197%26sc_uid%3DfEHqPpFRzg%26sc_llid%3D168208%26sc_eh%3D22b7d9ccb00051071%26sc_customer%3Dkatie.atkins%2540providence.org&ref=https%3A%2F%2Flink.sideshow.com%2Fu%2Fnrd.php%3Fp%3DfEHqPpFRzg_168208_1909527_1_2%26ems_l%3D3978023%26i%3D1%26d%3DMTAyOTY3MTk3%257CZkVIcVBwRlJ6Zw%253D%253D%257CMjJiN2Q5Y2NiMDAwNTEwNzE%253D%257Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%253D%257C&tiba=Sideshow%20Collectibles%20-%20Pop%20Culture%20is%20Our%20Culture&async=1&fmt=3&is_vtc=1&random=554684003&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 15:22:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1064746620/ 42 B
108 B 28ms
21ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1064746620/?random=1608218565353&cv=9&fst=1608217200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sideshow.com%2F%3Fsc_src%3Demail_1909527%26sc_lid%3D102967197%26sc_uid%3DfEHqPpFRzg%26sc_llid%3D168208%26sc_eh%3D22b7d9ccb00051071%26sc_customer%3Dkatie.atkins%2540providence.org&ref=https%3A%2F%2Flink.sideshow.com%2Fu%2Fnrd.php%3Fp%3DfEHqPpFRzg_168208_1909527_1_2%26ems_l%3D3978023%26i%3D1%26d%3DMTAyOTY3MTk3%257CZkVIcVBwRlJ6Zw%253D%253D%257CMjJiN2Q5Y2NiMDAwNTEwNzE%253D%257Ca2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmc%253D%257C&tiba=Sideshow%20Collectibles%20-%20Pop%20Culture%20is%20Our%20Culture&async=1&fmt=3&is_vtc=1&random=554684003&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Dec 2020 15:22:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preload.c2839d69e85022a84eed.js Show response
static.zdassets.com/web_widget/latest/ Frame D2EC 61 KB
18 KB 186ms
179ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.c2839d69e85022a84eed.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49cf0af89499a71cd81d6919fbef36fe565c49f2435ab3cc2f7b6f170143737

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 298491
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0C350FD616AA4F4C
x-amz-id-2: 8dzw4thtkQ+bKBevJyg5AyVoqaMlYbk8OZ9tZgxuDUvDPVRHOXnvGtdZN8lKeAP8bRm7WZ8/458=
last-modified: Thu, 10 Dec 2020 04:33:24 GMT
server: cloudflare
etag: W/"4ddcec4b7470c8fe96b1b40b02f1cb3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: .Q5fJ7o.P4BqhGwPuH7tlGWbaIrldmrn
cf-request-id: 0712e4f373000032aa77ab8000000001
cf-ray: 6031a4325bdc32aa-CDG
expires: Fri, 10 Dec 2021 04:33:23 GMT

GET
H2 200 web_widget.9dc7b1f513c47f4ab974.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame D2EC 245 KB
64 KB 190ms
184ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.9dc7b1f513c47f4ab974.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957f3a81d57b42875e7b2b3c033b1f86fc5fcc9a0c6b2416cef0ed0c8471c49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 732512
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: A5EEC46177821CD1
x-amz-id-2: vhT58oZClBBOjbwPFWRGvq4BuputytStudhNb1wNk6QsZxrC5L5DKVtUOHFo+PZDL3C9uqVwlhk=
last-modified: Wed, 09 Dec 2020 03:45:48 GMT
server: cloudflare
etag: W/"acc0d0f9c31d1ba8afda0426cd8ac225"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: YViqwF933Mr4L08jWgG0ApRh7Ttlus_S
cf-request-id: 0712e4f373000032aa69859000000001
cf-ray: 6031a4325bde32aa-CDG
expires: Thu, 09 Dec 2021 03:45:47 GMT

GET
H2 200 web_widget.549a8e20c699c545ebc6.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame D2EC 496 KB
95 KB 188ms
183ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.549a8e20c699c545ebc6.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb19aa9aed8ac0bf160e82435d45c776f521e6ce2cd79df22d307c52bcbb85a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7154
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: A1E0AB6099DE8D39
x-amz-id-2: jEj3NfAu7K27iPozYd6v06zE7wALPFp6S2PRGGrGk7tB3kFpdHLahV2ZAlP5Gy3xOJFPvb+6t/M=
last-modified: Thu, 10 Dec 2020 04:32:34 GMT
server: cloudflare
etag: W/"faafbead228c50c7d151fb040f26ed43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: N9rx7iv7KALCAz4wKggh0_eiOsfgMZ_w
cf-request-id: 0712e4f373000032aa70170000000001
cf-ray: 6031a4325bdf32aa-CDG
expires: Fri, 10 Dec 2021 04:32:33 GMT

GET
H2 200 web_widget.6c7ea89c43fd8a7bac80.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame D2EC 335 KB
67 KB 188ms
182ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.6c7ea89c43fd8a7bac80.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46aba846f60ac79322b9b63959f937397e150ef3f74bc808cef91ec1bf064c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10213
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 923D360FFD8B3C65
x-amz-id-2: /CkJbxS80LwXSWUwvxfokQ6WwgYFs0RaH5IlUS4C6Ibxca5uKdBsbXNV6qpI15YJRCnFYx/VysU=
last-modified: Thu, 10 Dec 2020 04:33:26 GMT
server: cloudflare
etag: W/"6032c557f0f862de7b035676da91946d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wV5pEgzl7KezT_9THnJdIGb.HmHG4ADJ
cf-request-id: 0712e4f373000032aa62b16000000001
cf-ray: 6031a4325be332aa-CDG
expires: Fri, 10 Dec 2021 04:33:25 GMT

GET
H2 200 vendors~web_widget.ccbc82c9f877226a18ba.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame D2EC 493 KB
151 KB 44ms
39ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4112
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: E2C03621BF6F5809
x-amz-id-2: q+hl93xreBVceMBANO4zuzjOzFHAhSyt4xpeqpp8a1klSsgVrEXH7X6iBtjStwMh28HBdWMZGjM=
last-modified: Wed, 09 Dec 2020 03:45:49 GMT
server: cloudflare
etag: W/"64d67bfca286493ba83366c7d77d37ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VBSOWfwvDFkm3g5tWUtswynZM70AY5pZ
cf-request-id: 0712e4f373000032aa1db72000000001
cf-ray: 6031a4325be632aa-CDG
expires: Thu, 09 Dec 2021 03:45:48 GMT

GET
H2 200 web_widget~messenger.943ae64619f5da844a13.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame D2EC 330 KB
66 KB 166ms
166ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.943ae64619f5da844a13.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0f7bef50fc44d58fa62a6226f0034a262b08c58f8b2311f86313f1f33ae0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10596
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 4B0BF7738D297B73
x-amz-id-2: S3IAHyK6ennxPlMBJkZc45DKhxRS6tW6nalLRW4NZEh8Du9EKLo05rxeh6jK2Sm2kwvx+ndj8yg=
last-modified: Thu, 10 Dec 2020 04:33:25 GMT
server: cloudflare
etag: W/"ff4dbf334ee71fdae2c4b64f1d4db70f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: BdXiBkeN0ivevGsrxFMyvAXx2ioU5nsM
cf-request-id: 0712e4f37d000032aa22b23000000001
cf-ray: 6031a4326c1932aa-CDG
expires: Fri, 10 Dec 2021 04:33:24 GMT

GET
H2 200 talk-sdk.fced29ac845e4c42422b.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame D2EC 68 KB
18 KB 40ms
31ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/talk-sdk.fced29ac845e4c42422b.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c11651c7d7d1133b696cfb396b2d60b02bf481768ba5c7c27f0a7c3c93e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 732511
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 7466BD253D79688E
x-amz-id-2: 0C7c2t7r+vEzhC8TWnPU8SJgsbnzJuK2IsN/EVYiTTAjLdd4RQJYD1xI4VAYVuR4sKJml6+/2CA=
last-modified: Wed, 09 Dec 2020 03:45:47 GMT
server: cloudflare
etag: W/"e0d48bf92424d80462f91d1ec9e02fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iEzunsM6HpC7h1X9GcalwRfmhpdvkfHO
cf-request-id: 0712e4f42d000032aa3432d000000001
cf-ray: 6031a4337f3032aa-CDG
expires: Thu, 09 Dec 2021 03:45:46 GMT

GET
H2 200 chat-sdk.ef57fe179f7fdba70997.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame D2EC 257 KB
50 KB 41ms
35ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.ef57fe179f7fdba70997.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=fa807a4c-2071-41cb-b41a-41a511109838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 732512
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 88D273850E1315F2
x-amz-id-2: AeMA8QRzT+W/q/3aG7kYuT04uU1qtsQID3ibfLQobvI2k6/W4imEfMq0tLtBtYp7jXzBWhk+OIA=
last-modified: Wed, 09 Dec 2020 03:44:55 GMT
server: cloudflare
etag: W/"471486ebf305f761724c4a3d88d24c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tUzJzxwRIGBtH2yGLDY0ifhL7s6uFqT5
cf-request-id: 0712e4f42e000032aa59343000000001
cf-ray: 6031a4337f3432aa-CDG
expires: Thu, 09 Dec 2021 03:44:53 GMT

GET
H2 200 9f3e92e2-6fc1-46f4-b835-4209459338f6.json Show response
cdn.cookielaw.org/consent/9f3e92e2-6fc1-46f4-b835-4209459338f6/ 3 KB
2 KB 26ms
11ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9f3e92e2-6fc1-46f4-b835-4209459338f6/9f3e92e2-6fc1-46f4-b835-4209459338f6.json

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68799f8f6ec849cd0fd721e7c825d5b489e2285f6e1cc832b1c8c01d9cc9e6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4VerMv/h/X8kVvt5tJ7q3w==
age: 122
vary: Accept-Encoding
content-length: 1237
cf-request-id: 0712e4f3cb0000dfcff31f1000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 May 2020 22:39:36 GMT
server: cloudflare
etag: 0x8D7FD0EAC6CF8A0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 15a32c8c-101e-0120-0627-b3f27f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6031a432da71dfcf-FRA

GET
H2 200 spatial-navigation.js Show response
cdn.searchspring.net/search/v3/js/modules/ 3 KB
2 KB 77ms
76ms Script
application/javascript 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/js/modules/spatial-navigation.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be535ea59f5950223e23ad83eb03351c5508274b83291f8be7bb1482f2a3f830

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:05:36 GMT
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 19:45:52 GMT
server: AmazonS3
age: 1030
etag: "f09033df9e6c8e402927839aebed94e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JW_zin4uvS38VVwa3UDamoRZSqL3iGofGkTnrAZ6-QB-WR4yGq6nhg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 185 B
538 B 90ms
13ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eeeff8a3d044552b233f60a6f503bd8c15eeeda7eb764927bf9fc0000d4f692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6031a4336c304a61-FRA
cf-request-id: 0712e4f42500004a61f53d1000000001

GET
H2 200 config Show response
sideshow.zendesk.com/embeddable/ 693 B
1 KB 243ms
150ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sideshow.zendesk.com/embeddable/config

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b4ffb9b4a2999cb48e327a8657e21622a63ced69df4c4ecaed14026137d0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5f6cf74668-lgtlq
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
cf-request-id: 0712e4f48a0000a8d949260000000001
x-request-id: 6031a4109cde2f19-ORD
x-runtime: 0.001202
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0N6VDBQzPNtR%2BEKIox6UGLPcqTA8GDCHz6UVAjjBlILGtQC%2BXFITOWfcisO5B%2FdiQ1EE7L6ywzXLuHixxiRJ%2BTRhi%2B7dod15wGesStr8B90QEh2ynA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6031a4340efaa8d9-CDG

POST
H2 419 set-session Show response
www.sideshow.com/ajax/ 21 B
782 B 486ms
485ms XHR
application/json 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/ajax/set-session
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55f00e261c5b095715b8af0a7ff4c11055a4dbb0196a112167cbf3fec35f0cb

Request headers

Accept: */*
X-NewRelic-ID: UwIDVFFSGwcAUlFVAQMO
X-CSRF-TOKEN: fhruWeZbvRreGJ8uF1wuU1ihQ5bG0iMF6s6G5mCV
X-Requested-With: XMLHttpRequest
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 17 Dec 2020 15:22:46 GMT
cf-cache-status: DYNAMIC
x-newrelic-app-data: PxQAVVJWDwITUFFUBwYBVF0TGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04nE0hvbCwVFkdtayULX0JBDQoPB0IRZD55UlVKbzlqBEISWg0KdVgPEhFXX1wBEyJEVEM1AUJFWg0IQU4ATAhSCAgEHgNLCVUCWAFOSQcbQ19aDQBRBlNSUgJWUFRTVVdASgUDXBFdPw==
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
cache-control: no-cache, private
cf-ray: 6031a4342ce7d72d-FRA
content-length: 21
cf-request-id: 0712e4f49b0000d72dd714a000000001

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.0.0/ 310 KB
68 KB 17ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.0.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

139cc4ad53b8f5a98945419b1574ec312878cdd2e5082146bbf26d47b67d32e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: USgIRL5p1n4UIfGM/ezU7A==
age: 3487614
vary: Accept-Encoding
content-length: 69509
cf-request-id: 0712e4f5790000175ef202b000000001
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 17:15:11 GMT
server: cloudflare
etag: 0x8D7F2AA3358BA1B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be84eb2a-201e-0041-08d0-b4f0f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6031a4358990175e-FRA
expires: Fri, 25 Dec 2020 15:22:46 GMT

GET
H2 200 en-us-json.15692f2f120276004b07.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame D2EC 25 KB
5 KB 30ms
29ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.15692f2f120276004b07.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.c2839d69e85022a84eed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6a8ebb415b2e0f742a329be7950247d3a421ebaf9182826b6f6200fa272e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1185820
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: E5C0B7224DBC5AD6
x-amz-id-2: yOgzIZfKnZ+I9YyUAhnCXttmfdCGeEMVQQ3pmxYkEXPBTDsuv1Wdp09xjCL/jYv05g4GuqoUfeM=
last-modified: Thu, 03 Dec 2020 05:35:47 GMT
server: cloudflare
etag: W/"92bf604e2109e764598caba6181d1b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: fU6PbKFokFWY4fQI_leztNkNTO_uPXEo
cf-request-id: 0712e4f590000032aa2fac5000000001
cf-ray: 6031a435bcd832aa-CDG
expires: Fri, 03 Dec 2021 05:35:45 GMT

GET
H/1.1

200
OK

Cookie set logo.htm
ssl.kaptcha.com/ Frame 41BC
Redirect Chain

https://fingerprint.gointerpay.net/pixel/6948ea98-6c96-4385-a9a7-87ee2ef20caa/cb415c17-f570-4258-9a8d-3f8108061e14.htm
https://ssl.kaptcha.com/logo.htm?m=130000&s=754808a741e04a4db2a947845e8a6d59

0
0

555ms
184ms

Document
text/html

34.209.100.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=130000&s=754808a741e04a4db2a947845e8a6d59
Requested by: Host: fingerprint.gointerpay.net
URL: https://fingerprint.gointerpay.net/v2.18?MerchantId=6948ea98-6c96-4385-a9a7-87ee2ef20caa&_=1608218565124
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.209.100.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-100-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: ssl.kaptcha.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Expires: 0
Pragma: no-cache
Set-Cookie: k=16b38d0e508b41a59b1644e5c1dda53a; Path=/; Expires=Wed, 17 Mar 2021 15:22:46 GMT; Secure; SameSite=None
Date: Thu, 17 Dec 2020 15:22:46 GMT
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache
Content-Type: text/html
Date: Thu, 17 Dec 2020 15:22:46 GMT
Location: https://ssl.kaptcha.com/logo.htm?m=130000&s=754808a741e04a4db2a947845e8a6d59
Server: GoInterpay
Strict-Transport-Security: max-age=60000
Content-Length: 479
Connection: keep-alive

POST
H2 419 set-session Show response
www.sideshow.com/ajax/ 21 B
651 B 1713ms
1712ms XHR
application/json 2606:4700::6813:9e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sideshow.com/ajax/set-session
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55f00e261c5b095715b8af0a7ff4c11055a4dbb0196a112167cbf3fec35f0cb

Request headers

Accept: */*
X-NewRelic-ID: UwIDVFFSGwcAUlFVAQMO
X-CSRF-TOKEN: fhruWeZbvRreGJ8uF1wuU1ihQ5bG0iMF6s6G5mCV
X-Requested-With: XMLHttpRequest
Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 17 Dec 2020 15:22:47 GMT
cf-cache-status: DYNAMIC
x-newrelic-app-data: PxQAVVJWDwITUFFUBwYBVF0TGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04nE0hvbCwVFkdtayULX0JBDQoPB0IRZD55UlVKbzlqBEISWg0KdVgPEhFXX1wBEyJEVEM1AUJFWg0IQU4ATAhSCAgEHgJLC1kCVwFOSQcbQwcGW1AIV1hSBwcBVAEABVFASgUDXBFdPw==
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
cache-control: no-cache, private
cf-ray: 6031a435c86fd72d-FRA
content-length: 21
cf-request-id: 0712e4f59a0000d72d031b2000000001

GET
H/1.1 200
OK 1 Show response
stats.pusher.com/timeline/v2/jsonp/ 80 B
228 B 414ms
102ms Script
application/javascript 54.161.26.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.pusher.com/timeline/v2/jsonp/1?session=MzA4NzQ2NzAz&bundle=MQ%3D%3D&key=MTQ4NDllYzhjNmJiYWJhNzNjMGQ%3D&lib=anM%3D&version=My4xLjA%3D&cluster=VVMy&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2MDgyMTg1NjU0MjN9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjA4MjE4NTY1NDIzfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjA4MjE4NTY1NDI0fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTYwODIxODU2NTQyNH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTYwODIxODU2NTQyNH0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTYwODIxODU2NjAyM30seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIxMDA0My42NzExMzAyIn0sInRpbWVzdGFtcCI6MTYwODIxODU2NjA0MX1d
Requested by: Host: js.pusher.com
URL: https://js.pusher.com/3.1/pusher.min.js?_=1608218565123
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.26.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-26-9.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c2887a2a758a79386d8ca17de8743a6215098f649db0598a1b5f38ca462a3c17

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 15:22:46 GMT
Server: nginx
Connection: close
Content-Length: 80
Content-Type: application/javascript

GET
H2 200 3w37oq.css
cdn.searchspring.net/ajax_search/sites/3w37oq/css/ 47 KB
7 KB 30ms
30ms Stylesheet
text/css 143.204.90.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/ajax_search/sites/3w37oq/css/3w37oq.css
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/js/searchspring.catalog.js?3w37oq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-21.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83a152991b5746a40c2ce7cc1f4647e5b2f010625097b27053b12c574ebd3939

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:18:55 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 18:03:39 GMT
server: AmazonS3
age: 333
etag: "cbd4c3be68ffa21aadc90ebb4768c1a5"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7153
x-amz-cf-id: 49tprwOtPiPDbNaa0M2J41xnbgGsLPKoebrpN3R7JkFiYE-99dYtKg==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9f3e92e2-6fc1-46f4-b835-4209459338f6/df0e6d8e-013e-4cb0-a492-a75d996fde78/ 41 KB
11 KB 19ms
19ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9f3e92e2-6fc1-46f4-b835-4209459338f6/df0e6d8e-013e-4cb0-a492-a75d996fde78/en.json

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55e0c490dd66152d74eccef563ac325b99bcb73bc674530f81a323741643a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: atcwR0VbjkQ23ivngJGLDg==
age: 68
vary: Accept-Encoding
content-length: 10925
cf-request-id: 0712e4f5d70000dfcf37214000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 May 2020 22:39:36 GMT
server: cloudflare
etag: 0x8D7FD0EACB30FBC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8d1dbfab-401e-00fb-0702-b710fc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6031a43628a0dfcf-FRA

GET
H2 200 embeddable_blip Show response
sideshow.zendesk.com/ Frame D2EC 0
591 B 139ms
138ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sideshow.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9saW5rLnNpZGVzaG93LmNvbS91L25yZC5waHA%2FcD1mRUhxUHBGUnpnXzE2ODIwOF8xOTA5NTI3XzFfMiZlbXNfbD0zOTc4MDIzJmk9MSZkPU1UQXlPVFkzTVRrMyU3Q1prVkljVkJ3UmxKNlp3JTNEJTNEJTdDTWpKaU4yUTVZMk5pTURBd05URXdOekUlM0QlN0NhMkYwYVdVdVlYUnJhVzV6SlRRd2NISnZkbWxrWlc1alpTNXZjbWMlM0QlN0MiLCJ0aW1lIjowLCJsb2FkVGltZSI6MTg2Ljg1NTAwMzIzNzcyNDMsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJTaWRlc2hvdyBDb2xsZWN0aWJsZXMgLSBQb3AgQ3VsdHVyZSBpcyBPdXIgQ3VsdHVyZSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wLCBoZWlnaHQ9ZGV2aWNlLWhlaWdodCwgbWluaW11bS1zY2FsZT0xLjAsIHVzZXItc2NhbGFibGU9eWVzIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiIzNjJlZjc0Y2U1NjE0MzE5MWZmMTJjNzRiOGFhZjFjYiIsInN1aWQiOiJlOWE5YjhjOTliYjJiYjQ4NTNjY2UyODFlMDM1MzlmNyIsInZlcnNpb24iOiI1ZGU4NjdjYjAiLCJ0aW1lc3RhbXAiOiIyMDIwLTEyLTE3VDE1OjIyOjQ2LjI1OFoiLCJ1cmwiOiJodHRwczovL3d3dy5zaWRlc2hvdy5jb20vP3NjX3NyYz1lbWFpbF8xOTA5NTI3JnNjX2xpZD0xMDI5NjcxOTcmc2NfdWlkPWZFSHFQcEZSemcmc2NfbGxpZD0xNjgyMDgmc2NfZWg9MjJiN2Q5Y2NiMDAwNTEwNzEmc2NfY3VzdG9tZXI9a2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmcifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qaeCy5ihE0Oqk%2B3O%2FZa0dx6YcH5OX2qJq472eENHMuE8toNSsXVso1WR7HfEuTA1LwXy0O%2BBNhoxFOa0oHuTm25heoamzm1yhVRAb2tDUB9xqd%2BRLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sideshow.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6031a4372893a8d9-CDG
cf-request-id: 0712e4f67b0000a8d923117000000001

GET
H2 200 embeddable_blip Show response
sideshow.zendesk.com/ Frame D2EC 0
280 B 434ms
434ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sideshow.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjE1MDMsImNvbmZpZ0xvYWRUaW1lIjo5NH0sImJ1aWQiOiIzNjJlZjc0Y2U1NjE0MzE5MWZmMTJjNzRiOGFhZjFjYiIsInN1aWQiOiJlOWE5YjhjOTliYjJiYjQ4NTNjY2UyODFlMDM1MzlmNyIsInZlcnNpb24iOiI1ZGU4NjdjYjAiLCJ0aW1lc3RhbXAiOiIyMDIwLTEyLTE3VDE1OjIyOjQ2LjI1OVoiLCJ1cmwiOiJodHRwczovL3d3dy5zaWRlc2hvdy5jb20vP3NjX3NyYz1lbWFpbF8xOTA5NTI3JnNjX2xpZD0xMDI5NjcxOTcmc2NfdWlkPWZFSHFQcEZSemcmc2NfbGxpZD0xNjgyMDgmc2NfZWg9MjJiN2Q5Y2NiMDAwNTEwNzEmc2NfY3VzdG9tZXI9a2F0aWUuYXRraW5zJTQwcHJvdmlkZW5jZS5vcmcifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PgGt4LZluBi8p09IxlFe1iFnpXSfxNgc%2FNq%2B4t2xrYUIyTWe5UAf8kGOYq8ef%2F4%2F0xv59GEuQ6vVk4H8sSE9CFc04bnfkvzqoir3W4xMgKDm1nnvRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sideshow.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6031a4372895a8d9-CDG
cf-request-id: 0712e4f67b0000a8d931a73000000001

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.0.0/assets/ 17 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.0.0/assets/otFlat.json

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9252479eed19b6733fe0abaacfd95873a5ac1699c1f6af25c809b719d249252b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: n9m+V3mtM0Zol1ZFiJylpg==
age: 3579489
vary: Accept-Encoding
content-length: 3170
cf-request-id: 0712e4f6b40000dfcf3e8c8000000001
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 17:15:07 GMT
server: cloudflare
etag: 0x8D7F2AA30E7E566
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3da0e2ad-601e-0064-2ffa-b36846000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6031a4378b97dfcf-FRA
expires: Fri, 25 Dec 2020 15:22:46 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.0.0/assets/ 91 KB
20 KB 18ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.0.0/assets/otPcTab.json

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c32bb41a272e86649066e2adb1172cc85a6f5c67b37a6d6bf382db75aa4a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Dec 2020 15:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3Msux8RLoq0O9vqohKGVmw==
age: 3414439
vary: Accept-Encoding
content-length: 20022
cf-request-id: 0712e4f6b50000dfcf4430f000000001
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 17:15:08 GMT
server: cloudflare
etag: 0x8D7F2AA31601158
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c850f16a-301e-0178-147a-b5f604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6031a4378b9cdfcf-FRA
expires: Fri, 25 Dec 2020 15:22:46 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame D2EC 19 KB
20 KB 54ms
54ms Media
audio/mpeg 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Requested by

Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 17 Dec 2020 15:22:46 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 3E98C49B5C05CC5A
x-amz-server-side-encryption: AES256
cf-ray: 6031a439ffd132aa-CDG
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: DO8BBwSg0tBT4a2KJHkuHmZ3YJPHqXhXoUpriu4HMLzjp8AaUJKqEBQ8V+bL7ZKV1EtvHKwrB5Q=
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 0712e4f83b000032aa0a981000000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 90ms
29ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: www.sideshow.com
URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 15:22:47 GMT
content-encoding: gzip
x-amz-request-id: DCAF92F89A2CA027
x-cache: HIT
content-length: 10624
x-amz-id-2: TRHerhVqdOKsza8E2v00gPT2CAbWzfpInLOFmUaGEwIXQEnp+g+VCzJEiqRyaVzOv5v636FnSaM=
x-served-by: cache-fra19126-FRA
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1608218567.103569,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 14533

GET
H/1.1 200
OK a706d3c9de Show response
bam-cell.nr-data.net/1/ 57 B
647 B 188ms
138ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/a706d3c9de?a=40607629&v=1184.ab39b52&to=bwZRYUFWXRAFV0UPDlZMclZHXlwNS3VBFj19G1BQQ0NaDApHbS4AVgdfUEF3QQYKUFQU&rst=5005&ck=1&ref=https://www.sideshow.com/&ap=1040&be=2170&fe=4904&dc=3241&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1608218562127,%22n%22:0,%22f%22:570,%22dn%22:570,%22dne%22:570,%22c%22:570,%22ce%22:570,%22rq%22:577,%22rp%22:2062,%22rpe%22:2360,%22dl%22:2065,%22di%22:3241,%22ds%22:3241,%22de%22:3264,%22dc%22:4903,%22l%22:4903,%22le%22:4905%7D,%22navigation%22:%7B%7D%7D&fp=2776&fcp=2776&at=Q0FSFwlMTh4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 15:22:47 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 6031a43cfc0f3323-CDG
cf-request-id: 0712e4fa170000332346862000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 19:07:09	Name: NID Value: 205=crEmZdChlYB4mo6ClX5aAb7ASYcjp4ovKnuAOJfMyT990w_gB1JkCPoD7t3JbRXyHEhbR248r6c4ZZhJ5HGWN-MpDv1A2HKySWfnvnNB2-yrbDj0K-x-yW7oju35UjyKakCH5UFB7cGF9jX32BraHBiICQpRsUVe0Fm_FLifk94
.sideshow.com/	1970-01-19 23:29:14	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Dec+17+2020+16%3A22%3A46+GMT%2B0100+(Central+European+Standard+Time)&version=6.0.0&landingPath=https%3A%2F%2Fwww.sideshow.com%2F%3Fsc_src%3Demail_1909527%26sc_lid%3D102967197%26sc_uid%3DfEHqPpFRzg%26sc_llid%3D168208%26sc_eh%3D22b7d9ccb00051071%26sc_customer%3Dkatie.atkins%2540providence.org&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CBG6%3A0%2CC0005%3A0%2CC0004%3A0%2CBG7%3A0&hosts=&legInt=
ssl.kaptcha.com/	1970-01-19 16:53:14	Name: k Value: 16b38d0e508b41a59b1644e5c1dda53a
www.sideshow.com/	1970-01-19 14:45:01	Name: __cflb Value: 02DiuJJXa5FXZVz7wPmZCu2Wu1B6Uv72BQkzeg4EfbtSY
.sideshow.com/	1969-12-31 23:59:59	Name: sideshow_session_multi Value: eyJpdiI6IjZldUxzakdcL1pFYVJzNWdxQVdPXC84Zz09IiwidmFsdWUiOiJUQngza29rNnc5STgyRzIxSnd1UFNIUDQxK2FWaHJ5eHRzbmhiZEx3dmNqUjNielk2OTQ5WVJMUFBmalhma2xXIiwibWFjIjoiZDI0N2NmMDMzN2IxZTkxNDMzZWY3ODYwZmRhZDYwY2ViZjc3NDg4Mjk5YmI0NDkyNDU4M2Y4NDBlMmEyMDQyZSJ9
.sideshow.com/	1970-01-19 15:26:50	Name: __cfduid Value: d86c1867131cc38166135614860300c7b1608218565
www.sideshow.com/	1970-01-21 10:31:38	Name: tracker_device Value: 2e663cd5-a35f-4881-8474-26695b340226
www.sideshow.com/	1969-12-31 23:59:59	Name: ssSessionIdNamespace Value: 43e950de-4b2a-43f3-869d-eafcf0864459
.sideshow.com/	1970-01-19 23:29:14	Name: __zlcmid Value: 11hjfMFt9iKRfqa
www.sideshow.com/	1970-01-19 23:29:14	Name: ssUserId Value: 2295e10b-8d37-4022-8814-0da0f3060602

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org(Line 271) Message: Device Localized:
console-api	log	URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org(Line 272) Message: {"Country":"FR","Currency":"EUR","Symbol":"€","Units":2}
console-api	log	URL: https://www.sideshow.com/?sc_src=email_1909527&sc_lid=102967197&sc_uid=fEHqPpFRzg&sc_llid=168208&sc_eh=22b7d9ccb00051071&sc_customer=katie.atkins%40providence.org(Line 249) Message: Device Fingerprint Script Loaded.
console-api	log	URL: https://www.sideshow.com/js/app.js?id=89b6ea3d7599691b48c1(Line 1) Message: Set Session Failed
console-api	log	URL: https://www.sideshow.com/js/app.js?id=89b6ea3d7599691b48c1(Line 1) Message: [object Object]
console-api	log	(Line 1) Message: Active cookie groups: ,C0001,
console-api	log	URL: https://www.sideshow.com/js/app.js?id=89b6ea3d7599691b48c1(Line 1) Message: Set Session Failed
console-api	log	URL: https://www.sideshow.com/js/app.js?id=89b6ea3d7599691b48c1(Line 1) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cf.affirm.com
bam-cell.nr-data.net
cdn.cookielaw.org
cdn.polyfill.io
cdn.searchspring.net
cdn1.affirm.com
checkout.gointerpay.net
ekr.zdassets.com
fingerprint.gointerpay.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.pusher.com
link.sideshow.com
maxcdn.bootstrapcdn.com
sides11111.pcapredict.com
sideshow.com
sideshow.zendesk.com
ssl.kaptcha.com
static.zdassets.com
stats.pusher.com
www.affirm.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.sideshow.com
104.16.53.111
104.18.70.113
104.18.71.113
13.226.154.82
143.204.90.21
151.101.130.133
151.101.14.110
162.247.243.147
163.171.132.119
18.215.138.148
194.75.186.148
2001:4de0:ac19::1:b:2b
209.197.3.15
216.58.206.2
2606:4700:10::6814:b844
2606:4700::6810:9440
2606:4700::6813:9e35
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:814::2004
2a00:1450:4001:817::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2004
2a04:4e42:1b::621
3.225.8.3
34.209.100.148
54.161.26.9
65.9.68.89
65.9.68.95
00ee75590aa7c6737a8ac9d9d3d12578de182160acc3422f1c01817925e342a6
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07c11651c7d7d1133b696cfb396b2d60b02bf481768ba5c7c27f0a7c3c93e1cc
08c3f06abb8f2f3b33585bf693cee2e63a616a04a5da3cf7a7e465a6714771ba
094dd5ccb1967f00fc5675f0510062dc63297a5302ed21aa18441426e8de6661
0e4024ac942719fc52e637f8f0262e6bc2d55050eb7072c171e73fb4eb9dda1b
0e6a8ebb415b2e0f742a329be7950247d3a421ebaf9182826b6f6200fa272e8c
0e8ff1acd5dd6f94fb7e9667cf19485448f4a8667115517c0339eb83d97af7cc
10cc9f211443327106faf1b5e49bcd79ab7902dae7c06747be88ac82866963c5
1237521d6d16843cf2ea4d4d9dd2b6c30015e8e878bf0d08dc782356eb8fd188
1272e1994652112569839112a3878b79acc70db5c25b89f4984a83701f90f1b1
139cc4ad53b8f5a98945419b1574ec312878cdd2e5082146bbf26d47b67d32e6
15d6591ca985f6215fd66d9adfb2eb991e5b64b6fcef41bd8eadec30f6e35519
17fb52e8a2c8d872cc5a2de48fe11cbca932fa8f0712f32525bfe91f78484feb
1eeeff8a3d044552b233f60a6f503bd8c15eeeda7eb764927bf9fc0000d4f692
2023c03c326f7ed84e2ccd664e9f0e3ed31d3f1356312f1b136a7f0c20aa7a13
24a011676786c466cbcb9018449b8223b9ec0880f410694e50d9da860b0d61cb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
34b4ffb9b4a2999cb48e327a8657e21622a63ced69df4c4ecaed14026137d0a7
3b3ccfb1a555b4d43828823084f5f5565e0f12e19b76bebf98ff4ea6ff584e44
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3fe6bda33882a6e67e3cc4e5811dffeccc46961d6e0bdd93061db7e8d646ff01
414d08f32a577439d5b856c634ad55f2e965d468f1df605f2070ecf504201aba
4437cc3da56c6ff64bc0246050e9d234b3c0c4e441bdb33d71e38f2136ea33e4
46aba846f60ac79322b9b63959f937397e150ef3f74bc808cef91ec1bf064c6e
49d8840799acd94d7246d1224afaba67b47346bd9583c86e77ddfdf9207129ad
4c0f7bef50fc44d58fa62a6226f0034a262b08c58f8b2311f86313f1f33ae0c0
4c50acf54e17870e9a5ebe944f589ecc5e1d947426519c6a969ae9db93040c88
4ce984d49d1c262d8d80db9223313ee4ad495aeda0749cbc5febd8bfd666f5d7
52c308d6127fd6c7c3305a61f2e0e100b9475e3428a6159c99526c0d8234f8f5
53d322571130175de992723581bcb9be79f2177e999d268d7eb5a7369cfff706
591a49edba4e00462cccc516e38d317a5eaddbe66c495f84ff4e8214dbd77173
5c8d61157b9f632fd7ba281e68de890d7529c6703d22df048761d9ec99402e2e
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6402d01baf27b46cd4163848080f98d8709411c1894627eada32696278ff508d
68799f8f6ec849cd0fd721e7c825d5b489e2285f6e1cc832b1c8c01d9cc9e6d7
690ba7e8a0ca59c665e09f36c9b80d6a701c88a6de3a2386ca59f3bd27190cbb
6a6b5853012c77ec3ccfdad80288dbd95ba8ab8be2214bdf44a30f15d7eb983f
6bca49fddd344c6600128b9d79e3b016c624656165db191715e1d767ce643962
6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d
6ecf2f2f02cc4587d76cbec35f2d22d6aacdb334e374f9669d22c55f313131b4
704d5fb96a5412342651bbbce9e82199032833726c6956e3d0f9d6359d250d1a
72393a396554eddce726dd031a857048577b52b37256f13f67b6856e9652004b
72b1f42a0e37d551aacc13ef120976b3a805258b2e6c671aae8866813de609c9
755978c4d8db5848d0ae9f22332dbd87ff486b84d570c7dc5c64909fe7478c8e
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7b3c60bffacaccae403b8125e2d441d0e282c2a251bfe04b1166422f061d9b7e
839baf8885dfad5bb0ce7e8430e91edf34322abb22da021c2332918c9ff68d80
83a152991b5746a40c2ce7cc1f4647e5b2f010625097b27053b12c574ebd3939
869d41d2d5da139df089daf68e58cd3f4694e2af804f2b01a9a8ec79e15a32c8
8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947
924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40
9252479eed19b6733fe0abaacfd95873a5ac1699c1f6af25c809b719d249252b
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
957f3a81d57b42875e7b2b3c033b1f86fc5fcc9a0c6b2416cef0ed0c8471c49a
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9999973f984144200c93cdb2996a0465a8b7bd85a01480011242be12e64b5a1e
9b4cb930e9beef593f246a7be0fb6a342724f27acdff3c407c63d2906f56283e
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9cbe224074d892d9c129411c8cee625272d62b5a2dd1b97b763d2486c7a7bdd5
9d006785f64de237bc37e7985a0b2c77bf12d22553d43cbc2bf58b5abaa262aa
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
b49cf0af89499a71cd81d6919fbef36fe565c49f2435ab3cc2f7b6f170143737
b707cb79f0799cdf97228a142d3aaa18156db570457076f39c2efb4a1d6a2066
b9d3c1530f4e4509d9de49fbf50b56ddfcd63d29ed464a95e72c48027c365b38
bd9eea270cf8d326dfe1b81b2b61355479ecb610cc00dc5f24041e8ce578c475
be535ea59f5950223e23ad83eb03351c5508274b83291f8be7bb1482f2a3f830
c0ac47dff296bedcc76c533909d7042f75eb76e372e65aed96ccb8e12f4e01f6
c2887a2a758a79386d8ca17de8743a6215098f649db0598a1b5f38ca462a3c17
c2c33c900da68b6067d9a9f36f5455ee3148f008f645eb6e36c040b250fcf81c
c4b2730ec6f3d121936e60ebb4b98c65a3aa0b7c1d76afc31e7b020741deae3d
c55f00e261c5b095715b8af0a7ff4c11055a4dbb0196a112167cbf3fec35f0cb
c61160e82e4a385a4e608f10feec547d5d21b0ae340d06ba997384712d7a7cc6
cdebc5b850b5ca47dfdc39a4632d114e1efee839e8b52df6a5e9762289325323
d3379f81619770b709a561047fef71176a61c8cd024852994f5656c77b710e80
d40c7e5e4f2fbac5c2a050f63023f9621e302ec57efb8e40efc6dc6ee823c707
d433ee93f6626bdd187ba8b9b84c21790dcb9829257f647ed895d06cafeb31f5
d4e8141d2c263e84e3046a52073e1c3a45154f56f9c57e1480c44f1b7d207a7b
d55e0c490dd66152d74eccef563ac325b99bcb73bc674530f81a323741643a1c
d857d93bd1a10e827bcd2d81f194599133d30e209061e565a9767a0940f4ed26
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbf82e7467f969ed6a2485063df48f02ac70744e400452c4ed15b5208ab845f5
e18fd1a7789f795687fbf320f954bcd14925c0c0bfae3e996024a7ba0d2f9b1c
e1bd047ed097688a3fc65e612496e75faf41c966f76e5e187f4464ec5f338812
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb19aa9aed8ac0bf160e82435d45c776f521e6ce2cd79df22d307c52bcbb85a4
eb33fc761a8505ccbdd58ed7fa3defb0eb3e45d668baed8bd02deb902b99e503
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ece2c9b688ce48e95f7b30cd31b66d876fb5ae4bd9648aa4e8ed9581ea9a7d7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c32bb41a272e86649066e2adb1172cc85a6f5c67b37a6d6bf382db75aa4a12
f3cde74e051285ca6be3ab9073ca175f7b9299dd2e5cde1c33039d9161978d05
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
ff877df576a0ff89ebec1f7d32f897f7d56623efc4562fce10bb549e59911b38

www.sideshow.com Open in urlscan Pro 2606:4700::6813:9e35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

42 %IPv6

22 Domains

30 Subdomains

32 IPs

5 Countries

3765 kBTransfer

9631 kBSize

10 Cookies

18 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sideshow.com Open in urlscan Pro
2606:4700::6813:9e35 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

42 %
IPv6

22
Domains

30
Subdomains

32
IPs

5
Countries

3765 kB
Transfer

9631 kB
Size

10
Cookies

101 HTTP transactions
1 data transactions