mail.amazon-service-tooklits.duckdns.org Open in urlscan Pro
96.126.101.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.amazon-service-tooklits.duckdns.org/
Effective URL:
https://mail.amazon-service-tooklits.duckdns.org/
Submission: On March 12 via api (March 12th 2023, 12:58:19 am UTC) from US — Scanned from US

Summary HTTP 331 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 64 IPs in 1 countries across 55 domains to perform 331 HTTP transactions. The main IP is 96.126.101.78, located in Fremont, United States and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is mail.amazon-service-tooklits.duckdns.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 5th 2022. Valid for: a year.

This is the only time mail.amazon-service-tooklits.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	96.126.101.78 96.126.101.78	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
42	2600:9000:251... 2600:9000:2511:d400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
16	52.54.145.159 52.54.145.159	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:141b:13:... 2600:141b:13:69d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 8	107.23.31.66 107.23.31.66	14618 (AMAZON-AES) (AMAZON-AES)
1	184.29.167.219 184.29.167.219	16625 (AKAMAI-AS) (AKAMAI-AS)
27	23.52.148.147 23.52.148.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	54.91.182.28 54.91.182.28	14618 (AMAZON-AES) (AMAZON-AES)
8	63.140.38.15 63.140.38.15	14618 (AMAZON-AES) (AMAZON-AES)
1	104.76.100.66 104.76.100.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
4 4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
5	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2 13	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	173.231.178.81 173.231.178.81	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:1f16:b8a... 2600:1f16:b8a:8e00:6050:aa15:5244:b3b3	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.128.62 108.138.128.62	16509 (AMAZON-02) (AMAZON-02)
1 1	18.164.96.50 18.164.96.50	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:816::200e	() ()
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	() ()
4	2620:1ec:c11:... 2620:1ec:c11::200	() ()
19	2607:f8b0:400... 2607:f8b0:4006:824::2008	() ()
4	108.138.113.246 108.138.113.246	() ()
4	23.33.40.197 23.33.40.197	() ()
1	199.232.36.157 199.232.36.157	() ()
1 7	2600:9000:251... 2600:9000:2510:9200:15:e09:8a80:93a1	() ()
1	2001:4998:1c:... 2001:4998:1c:800::1000	() ()
1	2600:141b:900... 2600:141b:9000::b857:ad60	() ()
5	143.204.138.162 143.204.138.162	() ()
10 20	142.250.80.38 142.250.80.38	() ()
1	23.54.68.97 23.54.68.97	() ()
1	34.120.253.250 34.120.253.250	() ()
1	18.164.116.73 18.164.116.73	() ()
3	2600:9000:212... 2600:9000:2120:ba00:1c:9484:cec0:93a1	() ()
1	34.102.147.248 34.102.147.248	() ()
13	2606:4700:440... 2606:4700:4400::ac40:97de	() ()
2	199.232.37.230 199.232.37.230	() ()
2	151.101.1.140 151.101.1.140	() ()
1	151.101.194.132 151.101.194.132	() ()
10	2607:f8b0:400... 2607:f8b0:4006:81f::2002	() ()
1	2600:9000:21e... 2600:9000:21ec:d800:2:53b2:240:93a1	() ()
4 4	2620:1ec:21::14 2620:1ec:21::14	() ()
1	13.107.42.14 13.107.42.14	() ()
4	104.244.42.5 104.244.42.5	() ()
4	54.81.120.153 54.81.120.153	() ()
1	76.13.32.146 76.13.32.146	() ()
2 10	35.190.43.134 35.190.43.134	() ()
5	34.98.72.95 34.98.72.95	() ()
3 3	68.67.179.87 68.67.179.87	() ()
3 3	54.175.87.114 54.175.87.114	() ()
7	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
3 17	2607:f8b0:400... 2607:f8b0:4006:820::2002	() ()
2	172.64.150.25 172.64.150.25	() ()
1	172.64.144.208 172.64.144.208	() ()
1 1	54.81.46.5 54.81.46.5	() ()
1	54.85.136.197 54.85.136.197	() ()
1 1	69.173.151.100 69.173.151.100	() ()
3	142.250.65.162 142.250.65.162	() ()
17	2607:f8b0:400... 2607:f8b0:4006:80e::2004	() ()
1	35.241.45.82 35.241.45.82	() ()
1	34.117.93.237 34.117.93.237	() ()
1	34.120.230.25 34.120.230.25	() ()
1	35.227.248.175 35.227.248.175	() ()
5 5	34.111.113.62 34.111.113.62	() ()
2	2600:1f1c:8ab... 2600:1f1c:8ab:1e01:b35c:611a:73de:7d10	() ()
1	34.107.191.194 34.107.191.194	() ()
1	54.186.225.219 54.186.225.219	() ()
2	34.149.130.207 34.149.130.207	() ()
6	34.111.8.32 34.111.8.32	() ()
1 2	34.149.254.212 34.149.254.212	() ()
1 1	107.178.254.65 107.178.254.65	() ()
1 1	104.76.100.229 104.76.100.229	() ()
1	2607:f8b0:400... 2607:f8b0:4006:809::2003	() ()
331	64

21 96.126.101.78 (Fremont, United States) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 96-126-101-78.ip.linodeusercontent.com

mail.amazon-service-tooklits.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2600:9000:2511:d400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.54.145.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-145-159.compute-1.amazonaws.com

configurator.ecom-mobile-samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13:69d::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 107.23.31.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-31-66.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.167.219 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-167-219.deploy.static.akamaitechnologies.com

p6-qa.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 23.52.148.147 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-148-147.deploy.static.akamaitechnologies.com

image-us.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.182.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-182-28.compute-1.amazonaws.com

samsungelectronicsamericainc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 63.140.38.15 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-15.data.adobedc.net

smetrics.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.100.66 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-66.deploy.static.akamaitechnologies.com

www.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.231.178.81 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:b8a:8e00:6050:aa15:5244:b3b3 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-62.jfk50.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-50.jfk50.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:824::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.113.246 (None, )

ASN- ()

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.33.40.197 (None, )

ASN- ()

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (None, )

ASN- ()

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2510:9200:15:e09:8a80:93a1 (None, ) 1 redirects

ASN- ()

halc.iadvize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:1c:800::1000 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:9000::b857:ad60 (None, )

ASN- ()

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.138.162 (None, )

ASN- ()

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.80.38 (None, ) 10 redirects

ASN- ()

1782317.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.68.97 (None, )

ASN- ()

cdn.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (None, )

ASN- ()

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.73 (None, )

ASN- ()

static.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2120:ba00:1c:9484:cec0:93a1 (None, )

ASN- ()

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (None, )

ASN- ()

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:97de (None, )

ASN- ()

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.37.230 (None, )

ASN- ()

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.140 (None, )

ASN- ()

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (None, )

ASN- ()

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81f::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:d800:2:53b2:240:93a1 (None, )

ASN- ()

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (None, ) 4 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.5 (None, )

ASN- ()

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.81.120.153 (None, )

ASN- ()

events.release.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (None, )

ASN- ()

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.190.43.134 (None, ) 2 redirects

ASN- ()

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.72.95 (None, )

ASN- ()

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.87 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.175.87.114 (None, ) 3 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:820::2002 (None, ) 3 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.25 (None, )

ASN- ()

samsung.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.208 (None, )

ASN- ()

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.46.5 (None, ) 1 redirects

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.136.197 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.162 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80e::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (None, )

ASN- ()

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.93.237 (None, )

ASN- ()

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.230.25 (None, )

ASN- ()

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.175 (None, )

ASN- ()

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.113.62 (None, ) 5 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f1c:8ab:1e01:b35c:611a:73de:7d10 (None, )

ASN- ()

fbcapig.mkt.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (None, )

ASN- ()

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.225.219 (None, )

ASN- ()

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.130.207 (None, )

ASN- ()

pd.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idr.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.8.32 (None, )

ASN- ()

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.254.212 (None, ) 1 redirects

ASN- ()

pix.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (None, ) 1 redirects

ASN- ()

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.100.229 (None, ) 1 redirects

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1027	392 KB
41	doubleclick.net 17 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210 1782317.fls.doubleclick.net googleads.g.doubleclick.net	24 KB
39	samsung.com www.samsung.com — Cisco Umbrella Rank: 5287 Failed p6-qa.samsung.com image-us.samsung.com — Cisco Umbrella Rank: 39041 smetrics.samsung.com — Cisco Umbrella Rank: 36586 fbcapig.mkt.samsung.com	1 MB
27	google.com adservice.google.com www.google.com	3 KB
21	duckdns.org 1 redirects mail.amazon-service-tooklits.duckdns.org	2 MB
19	googletagmanager.com www.googletagmanager.com	375 KB
18	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295 js.adsrvr.org insight.adsrvr.org	18 KB
16	ecom-mobile-samsung.com configurator.ecom-mobile-samsung.com — Cisco Umbrella Rank: 112829	1 KB
14	audioeye.com wsmcdn.audioeye.com wsv3cdn.audioeye.com analytics.audioeye.com	306 KB
10	snapchat.com 2 redirects tr.snapchat.com	3 KB
9	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201 samsungelectronicsamericainc.demdex.net — Cisco Umbrella Rank: 61648	11 KB
7	facebook.com www.facebook.com	317 B
7	bounceexchange.com assets.bounceexchange.com api.bounceexchange.com	148 KB
7	iadvize.com 1 redirects halc.iadvize.com	63 KB
5	cdnwidget.com 1 redirects ids.cdnwidget.com pd.cdnwidget.com pix.cdnwidget.com idr.cdnwidget.com	2 KB
5	tapad.com 5 redirects pixel.tapad.com	1 KB
5	linkedin.com 4 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
5	attn.tv cdn.attn.tv samsung.attn.tv	53 KB
5	narrativ.com static.narrativ.com events.release.narrativ.com	44 KB
5	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 612	2 KB
4	bouncex.net events.bouncex.net	446 B
4	yahoo.com 3 redirects sp.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
4	t.co t.co	1002 B
4	tiktok.com analytics.tiktok.com	98 KB
4	sc-static.net sc-static.net	54 KB
4	bing.com bat.bing.com	13 KB
4	facebook.net connect.facebook.net	395 KB
4	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 1321 cdn.adgrx.com rtb.adgrx.com	4 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1014 B
3	googleadservices.com www.googleadservices.com	5 KB
3	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	3 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	219 B
2	reddit.com alb.reddit.com	253 B
2	medallia.com resources.digital-cloud-west.medallia.com	184 KB
2	google-analytics.com www.google-analytics.com	21 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 5754 evt.undertone.com — Cisco Umbrella Rank: 5979	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 347	836 B
2	go-mpulse.net c.go-mpulse.net — Cisco Umbrella Rank: 620	50 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	bluekai.com 1 redirects tags.bluekai.com	521 B
1	pippio.com 1 redirects pippio.com	576 B
1	kampyle.com udc-neb.kampyle.com	318 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	915 B
1	attentivemobile.com events.attentivemobile.com	387 B
1	oribi.io cdn.linkedin.oribi.io	369 B
1	ispot.tv pt.ispot.tv	314 B
1	rakuten.com tag.rmp.rakuten.com	12 KB
1	wknd.ai tag.wknd.ai	12 KB
1	licdn.com snap.licdn.com	5 KB
1	yimg.com s.yimg.com	6 KB
1	ads-twitter.com static.ads-twitter.com	15 KB
1	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 1716	249 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231	475 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	12 KB
1	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 21	703 B
331	55

	Domain	Requested by
42	tags.tiqcdn.com	mail.amazon-service-tooklits.duckdns.org tags.tiqcdn.com
27	image-us.samsung.com	mail.amazon-service-tooklits.duckdns.org
21	mail.amazon-service-tooklits.duckdns.org	1 redirects mail.amazon-service-tooklits.duckdns.org
20	1782317.fls.doubleclick.net	10 redirects tags.tiqcdn.com www.googletagmanager.com
19	www.googletagmanager.com	tags.tiqcdn.com 1782317.fls.doubleclick.net www.googletagmanager.com
17	www.google.com	1782317.fls.doubleclick.net
17	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com
16	configurator.ecom-mobile-samsung.com	mail.amazon-service-tooklits.duckdns.org
12	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
10	tr.snapchat.com	2 redirects sc-static.net
10	adservice.google.com	1782317.fls.doubleclick.net
10	match.adsrvr.org	2 redirects js.adsrvr.org
8	smetrics.samsung.com	mail.amazon-service-tooklits.duckdns.org tags.tiqcdn.com
8	dpm.demdex.net	1 redirects mail.amazon-service-tooklits.duckdns.org
7	www.facebook.com
7	halc.iadvize.com	1 redirects mail.amazon-service-tooklits.duckdns.org halc.iadvize.com
5	pixel.tapad.com	5 redirects
5	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
5	js.adsrvr.org	tags.tiqcdn.com insight.adsrvr.org 1782317.fls.doubleclick.net
5	analytics.twitter.com
4	events.bouncex.net
4	events.release.narrativ.com	static.narrativ.com mail.amazon-service-tooklits.duckdns.org
4	t.co
4	analytics.tiktok.com	tags.tiqcdn.com analytics.tiktok.com
4	sc-static.net	tags.tiqcdn.com tr.snapchat.com 1782317.fls.doubleclick.net
4	bat.bing.com	tags.tiqcdn.com bat.bing.com
4	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
4	cm.g.doubleclick.net	4 redirects
3	www.googleadservices.com	www.googletagmanager.com
3	ups.analytics.yahoo.com	3 redirects
3	insight.adsrvr.org	js.adsrvr.org
3	px.ads.linkedin.com	3 redirects
3	cdn.attn.tv	tags.tiqcdn.com cdn.attn.tv
2	pix.cdnwidget.com	1 redirects
2	api.bounceexchange.com	assets.bounceexchange.com
2	fbcapig.mkt.samsung.com	mail.amazon-service-tooklits.duckdns.org
2	samsung.attn.tv	mail.amazon-service-tooklits.duckdns.org
2	ib.adnxs.com	2 redirects
2	alb.reddit.com	1782317.fls.doubleclick.net
2	resources.digital-cloud-west.medallia.com	tags.tiqcdn.com resources.digital-cloud-west.medallia.com
2	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com
2	cm.adgrx.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	c.go-mpulse.net	mail.amazon-service-tooklits.duckdns.org
1	fonts.gstatic.com
1	secure.adnxs.com	1 redirects
1	tags.bluekai.com	1 redirects
1	idr.cdnwidget.com
1	pippio.com	1 redirects
1	pd.cdnwidget.com	mail.amazon-service-tooklits.duckdns.org
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	ids.cdnwidget.com	mail.amazon-service-tooklits.duckdns.org
1	view.cdnbasket.net	mail.amazon-service-tooklits.duckdns.org
1	page.cdnbasket.net	mail.amazon-service-tooklits.duckdns.org
1	data.cdnbasket.net	mail.amazon-service-tooklits.duckdns.org
1	udc-neb.kampyle.com
1	pixel.rubiconproject.com	1 redirects
1	beacon.krxd.net	js.adsrvr.org
1	usermatch.krxd.net	1 redirects
1	events.attentivemobile.com	cdn.attn.tv
1	sp.analytics.yahoo.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	mail.amazon-service-tooklits.duckdns.org
1	rtb.adgrx.com	cdn.adgrx.com
1	pt.ispot.tv	1782317.fls.doubleclick.net
1	wsmcdn.audioeye.com	tags.tiqcdn.com
1	tag.rmp.rakuten.com	tags.tiqcdn.com
1	static.narrativ.com	tags.tiqcdn.com
1	tag.wknd.ai	tags.tiqcdn.com
1	cdn.adgrx.com	tags.tiqcdn.com
1	snap.licdn.com	tags.tiqcdn.com
1	s.yimg.com	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	ag.innovid.com	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	mail.amazon-service-tooklits.duckdns.org
1	samsungelectronicsamericainc.demdex.net	tags.tiqcdn.com
1	www.googleapis.com	mail.amazon-service-tooklits.duckdns.org
1	p6-qa.samsung.com	mail.amazon-service-tooklits.duckdns.org
1	www.samsung.com	mail.amazon-service-tooklits.duckdns.org
331	83

This site contains links to these domains. Also see Links.

Domain
account.samsung.com
www.dacor.com
www.samsung.com
www.youtube.com
us.community.samsung.com
www.microsoft.com
cdn.klarna.com
www.spotify.com
survey3.medallia.com
news.samsung.com
design.samsung.com
www.facebook.com
twitter.com
www.instagram.com
k7wz8.app.goo.gl
www.hp.com

Subject Issuer	Validity	Valid
*.eng.macrometa.io DigiCert TLS RSA SHA256 2020 CA1	`2022-09-05` - `2023-10-03`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2023-03-01` - `2023-06-16`	4 months	crt.sh
*.ecom-mobile-samsung.com Amazon RSA 2048 M02	`2023-02-20` - `2023-06-03`	3 months	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.samsung.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.samsung.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-28` - `2023-04-28`	a year	crt.sh
www.samsung.com GeoTrust RSA CA 2018	`2023-03-10` - `2023-07-19`	4 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-19`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-04-10`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
cdn.ssl-delivery-network.com GeoTrust RSA CA 2018	`2022-03-20` - `2023-03-21`	a year	crt.sh
tag.wknd.ai R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
static.planethowl.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-05`	7 months	crt.sh
*.attn.tv Amazon RSA 2048 M01	`2023-02-22` - `2023-05-02`	2 months	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2023-02-07` - `2023-05-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-15` - `2023-04-14`	a year	crt.sh
*.digital-cloud-west.medallia.com SSL.com RSA SSL subCA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
*.ispot.tv R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.release.narrativ.com Amazon RSA 2048 M01	`2023-02-28` - `2023-08-18`	6 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.iadvize.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-02-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2022-02-28` - `2023-03-31`	a year	crt.sh
data.cdnbasket.net GTS CA 1D4	`2023-01-23` - `2023-04-24`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2023-01-22` - `2023-04-22`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2023-01-22` - `2023-04-22`	3 months	crt.sh
fbcapig.mkt.samsung.com Amazon RSA 2048 M01	`2023-02-10` - `2023-08-09`	6 months	crt.sh
ids.cdnwidget.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh
pd.cdnwidget.com R3	`2023-01-17` - `2023-04-17`	3 months	crt.sh
*.wunderkind.co R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
idr.cdnwidget.com R3	`2023-01-17` - `2023-04-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://mail.amazon-service-tooklits.duckdns.org/
Frame ID: B7D262EF45A34BBE109104294EF694E3
Requests: 247 HTTP requests in this frame

Frame: https://samsungelectronicsamericainc.demdex.net/dest5.html?d_nsid=0
Frame ID: F1FAFE097538F1B70DBCE1A21C41F7BD
Requests: 8 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78
Frame ID: 5C85ED6B78C4EB2E12865B20110508C9
Requests: 13 HTTP requests in this frame

Frame: https://rtb.adgrx.com/usegments/hlF_xGfBH5PyfGeeoXC1zK0ElTSf-7pAU9-K6qrKxuo=/304.html?AG_URL=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&AG_VARS=&AG_TXN=&AG_REV=&AG_GDPR=0&AG_CONSENT=&AG_R=3115641896685
Frame ID: 49F4A54ED18E8EB86B0DEE6F49BD6A98
Requests: 1 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: E65AC870FB8D451D019C933A17CCC2EF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=8m6xj3j&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=cho8zo4&upv=1.1.0
Frame ID: 34C90C5517E43849E8EC745694EF46E0
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mzbudiqj&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=3kcai53&upv=1.1.0
Frame ID: 021FDBA65FFADA44352B850C6DD47744
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: 1983DB4B0B3295DE84DCA05C676D8A65
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: C481C8275EB513FB527FE205101D8D8C
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: 3328FFD650C61C0F7CC2351A380BE243
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: 56C5CF7647390DE1C1F2EB231601AE55
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: 580A24BE1ADE3A58E7868E8DDD79BD2E
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: 9959953A006C46E52EC2B641165494B6
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a035d197-19b1-4d68-aca1-f4a37f434a91&u_scsid=7ac97178-1cb8-41a7-afbd-38906e949ce2&u_sclid=f0cdb4a5-6ee1-4f1b-877b-68734a0c6d4b
Frame ID: 5BCF39AAF813453C8A3C85EF1F0A3913
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8451906731249194627&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
Frame ID: 279CF919D1A5A1955F307AC5A4D071EE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1
Frame ID: D8983856D329AD62A3CEEEEEE12DC9DA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0
Frame ID: F97810D3825CC4330DD8C88FD3A40A6C
Requests: 1 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
Frame ID: 90633F4344F4F490269193AD5B05A2E3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 67B6185BDCECF2A721FE1F4E27BC27CF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1
Frame ID: ECA4E923ED96BB8B1AEE4911EE07B89B
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1678500838647&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b
Frame ID: 2F05124C2D61FF23189D5F792182D32D
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 33294FF167E6BB8FB65466BDA72EBF9B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F9900DB95A1B7F73BC93B58EC8EE139C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 52CE712D7526CD41862F8E730C119A9F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5EAF4F000BE8EBAF25116FBB77D5A243
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=67f89c3
Frame ID: 070742FF9790A61BCED20EF51E083617
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8C011ACCFC68538FDFDF1F5BC7966476
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F7E57C91F65D106E142BC76349E07B46
Requests: 1 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215
Frame ID: 0B80F45E54817D60F29B5B2838C2A3D7
Requests: 2 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088
Frame ID: E676A888A8AED4DEA68DA47388CF6241
Requests: 7 HTTP requests in this frame

Frame: https://1782317.fls.doubleclick.net/activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
Frame ID: 72EDDD3D864047FAFF83F0E967DCC85C
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a035d197-19b1-4d68-aca1-f4a37f434a91&u_scsid=d65479cc-68b8-4643-85f1-03affaf7907d&u_sclid=1d490db9-30e6-4548-91c3-cc8070a45d93
Frame ID: 3CFE226A04FB58E582751136B5BD8EF9
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1678500222838&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b
Frame ID: CCAAFE2F78B0A29B9B9898D449D87B99
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mzbudiqj&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=fo9pygm&upv=1.1.0
Frame ID: 73BB49ACB574954C07227AE7D23F6684
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0
Frame ID: 7DC800597257C0DA49411F79438216BE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Frame ID: 776C479950F88B3F7317B2BCD25B7B84
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad
Frame ID: D6AD7F77C1069118ACCFCF93311C641D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy Galaxy S23 Ultra, 512GB (T-Mobile) Phones | Samsung US

Page URL History Show full URLs

http://mail.amazon-service-tooklits.duckdns.org/ HTTP 301
https://mail.amazon-service-tooklits.duckdns.org/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Page Statistics

331
Requests

89 %
HTTPS

28 %
IPv6

55
Domains

83
Subdomains

64
IPs

1
Countries

5234 kB
Transfer

22323 kB
Size

16
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://account.samsung.com/membership/contents/profile/profile-gate

Search URL Search Domain Scan URL

URL: https://www.dacor.com/us/home/
Title: Discover Dacor Appliances

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/shop/access/
Title: TV & Phone Subscriptions

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/samsung-experience-store/
Title: Samsung Experience Stores

Search URL Search Domain Scan URL

URL: https://www.youtube.com/samsungcare/
Title: Video Tutorial

Search URL Search Domain Scan URL

URL: https://us.community.samsung.com/t5/Samsung-Community/ct-p/us
Title: Community

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/shop/discount-program/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/onedrive-samsung-offer
Title: https://www.microsoft.com/onedrive-samsung-offer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/premium/restrictions
Title: https://www.youtube.com/premium/restrictions

Search URL Search Domain Scan URL

URL: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en_us/sliceitinx
Title: Klarna payment terms

Search URL Search Domain Scan URL

URL: https://www.spotify.com/us/legal/premium-promotional-offer-terms/
Title: Full terms

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/explore/certified-re-newed-phones/
Title: Shop Certified Re-Newed

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/support/contact/email-the-ceo/
Title: CEO's Office

Search URL Search Domain Scan URL

URL: https://survey3.medallia.com/?web&c=1&lng=en
Title: Give Your Opinion

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/shop/all-deals/
Title: Offers

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/sustainability/
Title: Overview

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/sustainability/environment/
Title: Environment

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/corporate-citizenship/
Title: Corporate Citizenship

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/digital-responsibility/
Title: Digital Responsibility

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/sustainability/security-and-privacy/
Title: Security and Privacy

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/labor-and-human-rights/
Title: Labor & Human Rights

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/diversity-and-inclusion/
Title: Diversity & Inclusion

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/sustainability/sustainable-supply-chain/
Title: Sustainable Supply Chain

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/leadership-and-mission/
Title: Leadership & Mission

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/our-business/
Title: Our Business

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/brand-identity/
Title: Brand Identity

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.samsung.com/global/ir/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://news.samsung.com/us/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/about-us/ethics/
Title: Ethics

Search URL Search Domain Scan URL

URL: https://design.samsung.com/global/index.html
Title: Samsung Design

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/common/legal.html
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/common/sitemap.html
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SamsungUS

Search URL Search Domain Scan URL

URL: https://twitter.com/SamsungUS

Search URL Search Domain Scan URL

URL: https://www.instagram.com/samsungmobileusa/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/samsungus

Search URL Search Domain Scan URL

URL: https://www.samsung.com/us/emailsignup/

Search URL Search Domain Scan URL

URL: https://k7wz8.app.goo.gl/17maCKGxW7lK4qyO2
Title: Get the app

Search URL Search Domain Scan URL

URL: https://k7wz8.app.goo.gl/2nM3tMxztZ4mk27X2
Title: GET

Search URL Search Domain Scan URL

URL: http://www.hp.com/go/samsung
Title: http://www.hp.com/go/samsung

Search URL Search Domain Scan URL

URL: http://www.hp.com/go/samsungsupplies
Title: www.hp.com/go/samsungsupplies

Search URL Search Domain Scan URL

URL: http://www.hp.com/go/suppliesrecycling
Title: www.hp.com/go/suppliesrecycling

Search URL Search Domain Scan URL

URL: http://www.hp.com/support/samsung
Title: www.hp.com/support/samsung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.amazon-service-tooklits.duckdns.org/ HTTP 301
https://mail.amazon-service-tooklits.duckdns.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=48855C6655783A647F000101%40AdobeOrg&d_nsid=0&ts=1678582683553 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=48855C6655783A647F000101%40AdobeOrg&d_nsid=0&ts=1678582683553

Request Chain 73

https://idsync.rlcdn.com/365868.gif?partner_uid=77691174874026009110449837571737762531 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzc2OTExNzQ4NzQwMjYwMDkxMTA0NDk4Mzc1NzE3Mzc3NjI1MzEQABoNCJ3HtKAGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=82ee57de3d0718f8d58d1bd865ce8d83ce5a0d6c6e1bf339c0ca437d252ced1cb0da87c991749652

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzc2OTExNzQ4NzQwMjYwMDkxMTA0NDk4Mzc1NzE3Mzc3NjI1MzE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Nzc2OTExNzQ4NzQwMjYwMDkxMTA0NDk4Mzc1NzE3Mzc3NjI1MzE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKmV9IQ0sdh66rsNN8UbFRE&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 80

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=mail.amazon-service-tooklits.duckdns.org&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=mail.amazon-service-tooklits.duckdns.org&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=59e02a57-5252-4d8a-8626-bee1fbe33a27

Request Chain 81

https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=adobe_aam HTTP 302
https://dpm.demdex.net/ibs:dpid=58342&dpuuid=f2960fba-c070-11ed-a2f8-2c64eb274ee4

Request Chain 82

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=e5b991ad-47cb-49bd-9472-c6bec2abf60f

Request Chain 83

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 128

https://halc.iadvize.com/iadvize.js?sid=6528&lang=en HTTP 302
https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/live.js

Request Chain 132

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78 HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78

Request Chain 152

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D60813%26time%3D1678582689949%26url%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL_tGvpAvkJzwAAAYbTUzST0VTSDbfV_QHeP2lUCvrnfE52qbXLSwGGC63XVkfBz0KQqg

Request Chain 170

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 171

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 172

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 173

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 174

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 175

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 200

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D59e02a57-5252-4d8a-8626-bee1fbe33a27 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8451906731249194627&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTllMDJhNTctNTI1Mi00ZDhhLTg2MjYtYmVlMWZiZTMzYTI3&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1

Request Chain 202

https://ups.analytics.yahoo.com/ups/55953/sync?uid=59e02a57-5252-4d8a-8626-bee1fbe33a27&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=59e02a57-5252-4d8a-8626-bee1fbe33a27&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0

Request Chain 220

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27

Request Chain 221

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=59e02a57-5252-4d8a-8626-bee1fbe33a27&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTllMDJhNTctNTI1Mi00ZDhhLTg2MjYtYmVlMWZiZTMzYTI3&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1

Request Chain 266

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1045168478&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oyMNZJaPAcq-NYyKi-AD&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1058244264/?random=1045168478&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZJaPAcq-NYyKi-AD&cid=CAQSKQDUE5ymVYtX9qh25uud5MEixNG-5OcWMfNxtdCimR3MlmRaiIOoHM0b&random=4163895231

Request Chain 267

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1592691493&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oyMNZKyTAbGgoPMP36mlsAo&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1058244264/?random=1592691493&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZKyTAbGgoPMP36mlsAo&cid=CAQSKQDUE5ymS4wBtdtCGwAUbZQooh6EgFOLgBRQz1W53n_a-FnBXieoOKKW&random=2402114485

Request Chain 268

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1320560557&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oyMNZOyUAYuSoPMPns2I4AI&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1058244264/?random=1320560557&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZOyUAYuSoPMPns2I4AI&cid=CAQSKQDUE5ymb9MjK3NLinqbwTTjrQUa3Cnm_0P6t39jFRLpwqTiZuux4xIK&random=3651719995

Request Chain 269

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1678582691379&u_scsid=50b2323f-f473-45d2-bbb5-18f2fa5c5e8b&u_sclid=746e169d-f894-4d26-8903-3335a2e5aecf HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1678500838647%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1678500838647%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1678500838647&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b

Request Chain 294

https://pix.cdnwidget.com/redirect?CID=2MtN014OLv6t2xwgzHLO87w06jW&DID=2MtMzxoREx7tTTYkKffGFRmnAhS&v=&iv=&deviceid=7421696375558154146&visitid=1678582692367413&wsid=3842&apikey=2^HIykD HTTP 302
https://pippio.com/api/sync?pid=5749 HTTP 307
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none

Request Chain 303

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=;cat=;ord=7944568027910.215 HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215

Request Chain 304

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088 HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088

Request Chain 305

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F HTTP 302
https://1782317.fls.doubleclick.net/activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Request Chain 322

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1678582695106&u_scsid=50b2323f-f473-45d2-bbb5-18f2fa5c5e8b&u_sclid=746e169d-f894-4d26-8903-3335a2e5aecf HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1678500222838%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1678500222838&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b

Request Chain 326

https://ups.analytics.yahoo.com/ups/55953/sync?uid=59e02a57-5252-4d8a-8626-bee1fbe33a27&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0

Request Chain 327

https://tags.bluekai.com/site/5386?id=59e02a57-5252-4d8a-8626-bee1fbe33a27&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

Request Chain 328

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=59e02a57-5252-4d8a-8626-bee1fbe33a27&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D02435126-fd12-4201-b56d-8d02b7c81c3b%252Chttps%25253A%25252F%25252Fmatch.adsrvr.org%25252Ftrack%25252Fcmf%25252Fgeneric%25253Fttd_pid%25253Dtapad%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8451906731249194627&pt=02435126-fd12-4201-b56d-8d02b7c81c3b%2Chttps%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Fcmf%252Fgeneric%253Fttd_pid%253Dtapad%2C HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad

331 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mail.amazon-service-tooklits.duckdns.org/
Redirect Chain

http://mail.amazon-service-tooklits.duckdns.org/
https://mail.amazon-service-tooklits.duckdns.org/

2 MB
244 KB

238ms
76ms

Document
text/html

96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: c829852ee2341e3d0d3d451862be0d9c62bfdfa77e446ebc41b7c4f62380bb69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Sun, 12 Mar 2023 00:58:01 GMT
etag: W/"640b7fe0-20e1a8"
last-modified: Fri, 10 Mar 2023 19:07:12 GMT
server: nginx/1.22.1

Redirect headers

Access-Control-Expose-Headers: x-gdn-region, x-gdn-requestid, x-gdn-responsetime
Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sun, 12 Mar 2023 00:58:00 GMT
Location: https://mail.amazon-service-tooklits.duckdns.org/
Server: APISIX
x-gdn-region: samsung1-us-west.eng.macrometa.io
x-gdn-requestid: 8423a4d9-17cd-46af-bd35-00f59c998d5c
x-gdn-responsetime: 0

GET
H2 200 configurator-products-828.json
mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/prepurchase/configurator/us/mobile-configurator-v3/ 1 MB
78 KB 239ms
237ms Other
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/prepurchase/configurator/us/mobile-configurator-v3/configurator-products-828.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

b0e52650d66f2194189ef77437337eb5c309f4057c1624ae1b53e14a68abe32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fqlv1UK--_"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
access-control-expose-headers: etag, content-encoding, content-length, location, server, x-c8-errors, x-c8-async-id, x-c8-error-codes
access-control-allow-credentials: false

GET
H2 200 galaxy-s23-ultra.json
mail.amazon-service-tooklits.duckdns.org/us/buy/s3content/merged/ 612 KB
86 KB 237ms
236ms Other
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/us/buy/s3content/merged/galaxy-s23-ultra.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

897ae5cf073c1451f0a7da27c683fa824b287616c1c5f07f81bc60df14194624

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fql09yu--_"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
access-control-expose-headers: etag, content-encoding, content-length, location, server, x-c8-errors, x-c8-async-id, x-c8-error-codes
access-control-allow-credentials: false

GET
H2 200 gnb-header-menu.json
mail.amazon-service-tooklits.duckdns.org/files/ 210 KB
19 KB 237ms
236ms Other
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/files/gnb-header-menu.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

26904430ca9a08c1fa70cf5794150200f1d69d1ac9c4f56e92f5f123a0b851b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fql1q8m--_"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
access-control-expose-headers: etag, content-encoding, content-length, location, server, x-c8-errors, x-c8-async-id, x-c8-error-codes
access-control-allow-credentials: false

GET
H2 200 p6-footer.svg
mail.amazon-service-tooklits.duckdns.org/files/ 128 KB
47 KB 84ms
84ms Other
image/svg+xml 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/p6-footer.svg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 003490b6a6321fb2d064e5001a56968a0f361ae6703fbed3fcc9cd7617b99dc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-20065"
content-type: image/svg+xml

GET
H2 200 gnb-desktop-120x32.png
mail.amazon-service-tooklits.duckdns.org/files/ 1 KB
2 KB 83ms
83ms Image
image/png 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/gnb-desktop-120x32.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 4b9c883510acb57091a673a9d1d7fa3ce5270e9a4d588005c6c4fcef135ef8ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-5b7"
content-type: image/png

GET
H2 200 newwindow-black.svg
mail.amazon-service-tooklits.duckdns.org/files/ 679 B
508 B 82ms
81ms Image
image/svg+xml 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/newwindow-black.svg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: f50057054cbb0e057d4ba7da7a0e0ed594d8d9dbb54806f86e7260e3644ffc7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-2a7"
content-type: image/svg+xml

GET
H2 200 SamsungOneLatinWeb-700.woff2
mail.amazon-service-tooklits.duckdns.org/files/ 38 KB
39 KB 81ms
80ms Font
font/woff2 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/SamsungOneLatinWeb-700.woff2
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 792cfdbd7f9dc4e60294ab295ca4ae167983d06dcf25d17fcb31c6b7d715e63a

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-99ec"
content-type: font/woff2

GET
H2 200 SamsungOneLatinWeb-400.woff2
mail.amazon-service-tooklits.duckdns.org/files/ 38 KB
38 KB 82ms
79ms Font
font/woff2 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/SamsungOneLatinWeb-400.woff2
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: f596a84341b5a8c23ac1aa923d3e8b01edf7ac2b1b48401ce5ed78706dbd9b2e

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-9910"
content-type: font/woff2

GET
H2 200 clientlibs_root.9fa9bd67b7cb72accb535ec0246aa5a0.js Show response
mail.amazon-service-tooklits.duckdns.org/files/ 174 KB
59 KB 83ms
83ms Script
application/javascript 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/clientlibs_root.9fa9bd67b7cb72accb535ec0246aa5a0.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: a3567defab7ed0a20783b047cc655d3f1e14e5068f5ee8c9dfa0736c5e45b50e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:01 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-2b9f2"
content-type: application/javascript

GET
H2 200 gnb.beead83fc28efa964f55b7e964a79e60.js Show response
mail.amazon-service-tooklits.duckdns.org/files/ 453 KB
121 KB 87ms
83ms Script
application/javascript 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/gnb.beead83fc28efa964f55b7e964a79e60.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 4a3b4f726f0656dc3704e31173872015b0911371f170b6914f114f619553d903

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:02 GMT
content-encoding: br
last-modified: Fri, 10 Mar 2023 19:07:12 GMT
server: nginx/1.22.1
etag: W/"640b7fe0-713e4"
content-type: application/javascript

GET
H2 200 unify-configurator-galaxy-s23-ultra.89c0dc56d0a15dc1082047df53825a1b.js Show response
mail.amazon-service-tooklits.duckdns.org/files/ 3 MB
791 KB 164ms
161ms Script
application/javascript 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/unify-configurator-galaxy-s23-ultra.89c0dc56d0a15dc1082047df53825a1b.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: a19c9c15a10911e27d8ffa5dd07ed095b6ffd6404b06aa94b112a8212e4ea96c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:02 GMT
content-encoding: br
last-modified: Fri, 10 Mar 2023 19:07:19 GMT
server: nginx/1.22.1
etag: W/"640b7fe7-329be7"
content-type: application/javascript

GET
H2 200 shoppingCart.de4e36f788bbb8a409c4ae4ab47ecb9b.js Show response
mail.amazon-service-tooklits.duckdns.org/files/ 17 KB
5 KB 299ms
297ms Script
application/javascript 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/shoppingCart.de4e36f788bbb8a409c4ae4ab47ecb9b.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 7b3af341216e09de0546861424cffbdd875b9c533044b2a1ef8e6071f440fe1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:02 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-44fc"
content-type: application/javascript

GET
H2 200 global_bottom_clientlib.e3a2390208a1697058506f80b621c5a0.js Show response
mail.amazon-service-tooklits.duckdns.org/files/ 76 KB
22 KB 299ms
298ms Script
application/javascript 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/global_bottom_clientlib.e3a2390208a1697058506f80b621c5a0.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 40adac45a4532f3dd13d4e8532d3373f99c4a30520fa347c9968ffe6e7a7c941

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:02 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-12e8b"
content-type: application/javascript

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 151 KB
48 KB 98ms
31ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.sync.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6038e277a7106d9e3b49074087a969019cb206d191eba957d8e9062cf4453b96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: zVRHRq_AP5iQuiP_pYD21AQlMRVYC2Aq
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:55:51 GMT
last-modified: Fri, 10 Mar 2023 19:42:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 132
x-amz-server-side-encryption: AES256
etag: W/"bad6085b93a9ff89c93d09214e55d1e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PKorwhuB9ZuKBIufqMWHnVdEjgP2hYJ4BOcrjx8Pi33uTVOdpXYq2Q==

GET
H2 200 SamsungSharpSans-Bold.woff
mail.amazon-service-tooklits.duckdns.org/files/ 98 KB
85 KB 171ms
171ms Font
font/woff 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.amazon-service-tooklits.duckdns.org/files/SamsungSharpSans-Bold.woff
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 149dce4cacbbbb875aeebb52c456d5b996b693c6129ae83e1677eff308410439

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:02 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 06:54:07 GMT
server: nginx/1.22.1
etag: W/"64058e0f-18958"
content-type: font/woff

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 200ms
41ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:03 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 42ms
42ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/files/unify-configurator-galaxy-s23-ultra.89c0dc56d0a15dc1082047df53825a1b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:03 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

GET bridge-data
www.samsung.com/us/api/v1/bridge/cacheable/ 0
0

GET
H/1.1 200
OK VRZKC-5BSTD-4EWS3-R2J59-B8GYB Show response
c.go-mpulse.net/boomerang/ 205 KB
50 KB 116ms
34ms Script
application/javascript 2600:141b:13:69d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/VRZKC-5BSTD-4EWS3-R2J59-B8GYB
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:69d::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:58:03 GMT
Content-Encoding: br
Last-Modified: Fri, 10 Mar 2023 18:08:31 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 219 KB
36 KB 28ms
28ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 076f28df4f3a54b3b91255e9b6e02b3a927a91728f5c37e385816c7c47ff89f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: IjVrh9ZSIUgbCUaK6692vozi_s8yKqet
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:55:54 GMT
last-modified: Fri, 10 Mar 2023 19:42:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 130
x-amz-server-side-encryption: AES256
etag: W/"e4d1a4f1a33252b7d3b3012b76e21e19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: TtNFK3p2bmSL6b1VRABQrIA0ys1u6FteJbPlngk-_ePYHUdD-BL8Hw==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=48855C6655783A647F000101%40AdobeOrg&d_nsid=0&ts=1678582683553
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=48855C6655783A647F000101%40AdobeOrg&d_nsid=0&ts=1678582683553

1 KB
2 KB

45ms
44ms

XHR
application/json

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=48855C6655783A647F000101%40AdobeOrg&d_nsid=0&ts=1678582683553

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

f9eec46e1f2dc82b66f11198be2bf4707c63fb4f7eb4ac7aa6e1b2862127ee3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v045-03d934800.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Ao20sPmkRLw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://mail.amazon-service-tooklits.duckdns.org
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 711
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v045-0e4e264ef.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5SnarlrwS+s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://mail.amazon-service-tooklits.duckdns.org
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=48855C6655783A647F000101%40AdobeOrg&d_nsid=0&ts=1678582683553
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 gnb-header-menu.json Show response
mail.amazon-service-tooklits.duckdns.org/configurator/files/ 210 KB
18 KB 82ms
82ms XHR
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/configurator/files/gnb-header-menu.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

26904430ca9a08c1fa70cf5794150200f1d69d1ac9c4f56e92f5f123a0b851b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mail.amazon-service-tooklits.duckdns.org/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fql1q8m--_"
content-type: application/json; charset=utf-8

GET
H2 200 data.us.json Show response
p6-qa.samsung.com/aemapi/v6/siteia2022/ 118 KB
119 KB 934ms
573ms XHR
application/json 184.29.167.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://p6-qa.samsung.com/aemapi/v6/siteia2022/data.us.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.29.167.219 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-167-219.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

22fad5f94c48c9ac085b645abc743e1cf9a268820e745de6105f9105fda24bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 00:58:04 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
access-control-allow-origin: *
server-timing: cdn-cache; desc=MISS, edge; dur=297, origin; dur=106, ak_p; desc="466272_389717205_17690214_40298_142667_25_0";dur=1
x-xss-protection: 1

GET
H2 200 gnb-header-menu.json Show response
mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/gnb/gnb-header/json/pub/ 210 KB
18 KB 156ms
155ms XHR
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/gnb/gnb-header/json/pub/gnb-header-menu.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

26904430ca9a08c1fa70cf5794150200f1d69d1ac9c4f56e92f5f123a0b851b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mail.amazon-service-tooklits.duckdns.org/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fql1q8m--_"
content-type: application/json; charset=utf-8

GET
H2 404 undefined
mail.amazon-service-tooklits.duckdns.org/ 555 B
555 B 154ms
152ms Image
text/html 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.amazon-service-tooklits.duckdns.org/undefined
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: 96-126-101-78.ip.linodeusercontent.com
Software: nginx/1.22.1 /
Resource Hash: 77df749f6bbe85442500437f7e798f46b9635da344811ae3b4bf7d43048ee9bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:03 GMT
content-encoding: br
server: nginx/1.22.1
content-type: text/html

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 41ms
41ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:03 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 41ms
41ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:03 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 41ms
41ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:04 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 45ms
44ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:03 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 43ms
43ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:03 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 45ms
44ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:04 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

GET /
www.samsung.com/us/api/iadvize/agentpresence/ 0
0

GET
H2 200 epp-discount.json Show response
mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/prepurchase/eppdiscount/ 802 B
483 B 79ms
78ms Fetch
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/prepurchase/eppdiscount/epp-discount.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/files/unify-configurator-galaxy-s23-ultra.89c0dc56d0a15dc1082047df53825a1b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

56c27fd3958b9ead8fa7181445d4b3d44411b11b4387d50ee16a3200028a5ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fql2fu2--_"
content-type: application/json; charset=utf-8

GET
H2 200 pc-828.json Show response
mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/prepurchase/configurator/premium-care/ 100 KB
6 KB 86ms
82ms Fetch
application/json 96.126.101.78
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.amazon-service-tooklits.duckdns.org/us/smg/content/samsung/content-library/prepurchase/configurator/premium-care/pc-828.json

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/files/unify-configurator-galaxy-s23-ultra.89c0dc56d0a15dc1082047df53825a1b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

96.126.101.78 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

96-126-101-78.ip.linodeusercontent.com

Software

nginx/1.22.1 /

Resource Hash

8dc5cc161e9fd461b2ef1e19ff62419e2c7421068a066b31c88bd11ebf751ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx/1.22.1
etag: W/"_fql3Iga--_"
content-type: application/json; charset=utf-8

GET
H2 200 D3-Group-KV-Configurator-DT-800x600.jpg
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 45 KB
46 KB 492ms
210ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/D3-Group-KV-Configurator-DT-800x600.jpg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3fa99cb9ad72505ec13948f58047d070c4708ef482a8906b67c146645d84d239

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 19:31:20 GMT
server: Akamai Image Manager
etag: "c8e4a714a5429b9d271277257bcba98d:1674182543.261674"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 46422
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 PC_Ultra_Public_R2.jpg
image-us.samsung.com/SamsungUS/configurator/ 65 KB
66 KB 557ms
276ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/configurator/PC_Ultra_Public_R2.jpg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: db47976ce58cb48bfd88f27e50d102efd4776aea1edd96654c4a45f7328970cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Tue, 28 Feb 2023 13:13:33 GMT
server: Akamai Image Manager
etag: "098d4d9f75b678ae349c6c3b8455c578:1676405245.711418"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 67054
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 D3-Exclusive-Configurator-DT-800x600.jpg
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 46 KB
46 KB 336ms
55ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/D3-Exclusive-Configurator-DT-800x600.jpg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 84bde751227f9a7dcd57216ba824822414f7aef41352722f932d8b5700976359

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 03:23:16 GMT
x-serial: 1494
server: Akamai Image Manager
x-check-cacheable: YES
etag: "ad81f7067e26e2555f0c3503de104449:1674182542.997554"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 46962
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 D3-lifestyle-Configurator-800x600.jpg
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 168 KB
168 KB 383ms
102ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/D3-lifestyle-Configurator-800x600.jpg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8ddf2671f1d240e84f00d594e42c02ff2b72f5aa2fd8ae7cdbd151ad5a9daeed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Sat, 25 Feb 2023 09:40:18 GMT
server: Akamai Image Manager
etag: "88999a59d1d4a67d919c19bfa42b6140:1674338326.529074"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 171782
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 DB2C-328-GalleryVideo-S23Ultra-AnimatedVideo_Filled_lastFrame.jpg
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 60 KB
60 KB 361ms
80ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/DB2C-328-GalleryVideo-S23Ultra-AnimatedVideo_Filled_lastFrame.jpg
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9c552061e61b990f970093451a43216e1f8560fe893d1809962ca6ea76632f38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Mon, 27 Feb 2023 23:35:41 GMT
x-serial: 1046
server: Akamai Image Manager
x-check-cacheable: YES
etag: "77973e4bcba63d84094d2a7ab58b6b32:1674857624.587573"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 61188
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 01-DM3-Green-PDP-1600x1200.jpg
image-us.samsung.com/us/smartphones/galaxy-s23-ultra/images/gallery/green/ 42 KB
42 KB 369ms
88ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23-ultra/images/gallery/green/01-DM3-Green-PDP-1600x1200.jpg?$product-details-jpg$
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 476447d0d5e4f51f00fd429f4da62bb1e0cd7a440fb8099ea9f485e029b97fcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 08 Mar 2023 18:53:52 GMT
server: Akamai Image Manager
etag: "8a24db9c90761f39c25c7ca1c0cfd4e6:1674250186.458998"
content-type: image/webp
cache-control: private, no-transform, max-age=40979
content-length: 42610
expires: Sun, 12 Mar 2023 12:21:03 GMT

GET
H2 200 PC_SamsungCredit_70-V2.png
image-us.samsung.com/SamsungUS/configurator/ 6 KB
6 KB 428ms
424ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/configurator/PC_SamsungCredit_70-V2.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bedad9519020bdb19ccf98e0e5a1a10b7b69996b73d30acff6e90c2554d468b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:05 GMT
last-modified: Mon, 27 Feb 2023 20:42:20 GMT
x-serial: 1956
server: Akamai Image Manager
x-check-cacheable: YES
etag: "8456cc8bcd6faad32327fd3bc6747eee:1675798943.997044"
content-type: image/webp
cache-control: private, no-transform, max-age=25851
content-length: 6160
expires: Sun, 12 Mar 2023 08:08:56 GMT

GET
H2 200 check-mark-blue.png
image-us.samsung.com/SamsungUS/ruleset/ 322 B
625 B 329ms
53ms Image
image/gif 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/ruleset/check-mark-blue.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 00674cfae3144161805acec3b597f83f61ea876466ba059043988703656a84f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Fri, 24 Feb 2023 09:48:55 GMT
x-serial: 1853
server: Akamai Image Manager
x-check-cacheable: YES
etag: "02fa2d0519e108d67ac59a09174d680a:1541075815.764373"
content-type: image/gif
cache-control: private, no-transform, max-age=43200
content-length: 322
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 samsung-carriers_280x120_Verizon.png
image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/ 3 KB
4 KB 368ms
177ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/samsung-carriers_280x120_Verizon.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a9151d2808c958e3f300d4b736abb79fa220fa41d75860b71604ba549d8a65bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Thu, 02 Mar 2023 00:21:58 GMT
server: Akamai Image Manager
etag: "9e227dd2b66a2e99bde7ca65f7e23c56:1554609482.19994"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 3350
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 samsung-carriers_280x120_ATT.png
image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/ 9 KB
10 KB 338ms
148ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/samsung-carriers_280x120_ATT.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7fa17a3a46c9f69c176f52ea5b6b4fc6dff9410e6eb48d4985101aa35fbf5d3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 21:53:15 GMT
server: Akamai Image Manager
etag: "3bb342ababd9983965c2d4ec62cf1457:1554609482.053442"
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 9550
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 samsung-carriers_280x120_Tmobile.png
image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/ 4 KB
4 KB 343ms
152ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/samsung-carriers_280x120_Tmobile.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 1d0524553f68da3760c2a2bdee0fb3e30ea8e6b5d1f072f30f72a1de57d88a63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Tue, 28 Feb 2023 15:39:14 GMT
x-serial: 1803
server: Akamai Image Manager
x-check-cacheable: YES
etag: "d1b5a39917628d4e1c1f3346d99fbd39:1644087903.167665"
content-type: image/webp
cache-control: private, no-transform, max-age=40497
content-length: 4272
expires: Sun, 12 Mar 2023 12:13:01 GMT

GET
H2 200 S8_Unlocked_configurator_v4.png
image-us.samsung.com/SamsungUS/home/explore/samsung-s8/ 772 B
1 KB 143ms
139ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/home/explore/samsung-s8/S8_Unlocked_configurator_v4.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ee0d2674f470ae46b95105ce15271cbc3d434a184b3280595835f876c5d5211f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 08:44:03 GMT
x-serial: 227
server: Akamai Image Manager
x-check-cacheable: YES
etag: "92ceb1e15f026bdbf660d88a4597b9ac:1568885560.26569"
content-type: image/webp
cache-control: private, no-transform, max-age=28591
content-length: 772
expires: Sun, 12 Mar 2023 08:54:35 GMT

GET
H2 200 samsung-carriers_280x120_USCellular.png
image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/ 7 KB
7 KB 186ms
182ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/home/b2c/configurator/connectivity-logo/samsung-carriers_280x120_USCellular.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 4f68c87ed6b91fd45f5ae45c27383accabb8a1e4d9ef71b0a52de50bbac91dae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 08 Mar 2023 14:44:33 GMT
server: Akamai Image Manager
etag: "aa22dff2b529e4ea4226fc7386427291:1605138323.531966"
content-type: image/png
cache-control: private, no-transform, max-age=25876
content-length: 7099
expires: Sun, 12 Mar 2023 08:09:20 GMT

GET
H2 200 Standard_icon.png
image-us.samsung.com/SamsungUS/PIM/ 648 B
953 B 147ms
143ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/PIM/Standard_icon.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: db9ad9b10473a608d7b97e5c784b40007802ae2b2079b36c0bf1fd12a38f39a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Mon, 27 Feb 2023 13:18:41 GMT
x-serial: 570
server: Akamai Image Manager
x-check-cacheable: YES
etag: "da62d94571f089f4cafeb8b558de2fe9:1651695565.503907"
content-type: image/png
cache-control: private, no-transform, max-age=24831
content-length: 648
expires: Sun, 12 Mar 2023 07:51:55 GMT

GET
H2 200 newfinance.png
image-us.samsung.com/SamsungUS/PIM/ 314 B
589 B 365ms
174ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/PIM/newfinance.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b60313dac69a8e414668cb554f5e4a96aed3d5c8ab9ab80da039b3b9fca1596c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 23:44:25 GMT
server: Akamai Image Manager
etag: "4c30097cb1c823b54632a1cc37834750:1621435208.596136"
content-type: image/webp
cache-control: private, no-transform, max-age=10509
content-length: 314
expires: Sun, 12 Mar 2023 03:53:13 GMT

GET
H2 200 45x45.png
image-us.samsung.com/SamsungUS/new/ 392 B
698 B 379ms
189ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/new/45x45.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 72ad346d62ab722e73970d8443e7c84f8ba5ceb0ffc71c8f1ff681aff0958f48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Thu, 02 Mar 2023 06:51:24 GMT
x-serial: 601
server: Akamai Image Manager
x-check-cacheable: YES
etag: "445d45db68fcbaf3ee9b8d77ad4a37c3:1588198833.941119"
content-type: image/webp
cache-control: private, no-transform, max-age=30863
content-length: 392
expires: Sun, 12 Mar 2023 09:32:27 GMT

GET
H2 200 icon_store.png
image-us.samsung.com/SamsungUS/PIM/ 987 B
1 KB 245ms
54ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/PIM/icon_store.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: aca9da0acb7ef703b064a01a8a64c6009a459e544a20ed0eb3cd2d5c9bd4b4cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 08:29:44 GMT
x-serial: 314
server: Akamai Image Manager
x-check-cacheable: YES
etag: "0e7c28b01b3fd7b7805e38e4502d02d2:1672958384.384645"
content-type: image/png
cache-control: private, no-transform, max-age=20852
content-length: 987
expires: Sun, 12 Mar 2023 06:45:36 GMT

GET
H2 200 DB2C-229-GW5Pro-Buds2Pro-Offercard-Thumbnail-300x300.png
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 23 KB
23 KB 165ms
161ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/DB2C-229-GW5Pro-Buds2Pro-Offercard-Thumbnail-300x300.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7d5203fa136df9ebd825a18f81bc1da1c165dedc54c171e80286439bf26de7e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 17:21:24 GMT
server: Akamai Image Manager
etag: "2ad79d51fcd0a2f88d68c252815f15b5:1674936883.394891"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 23590
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 store.png
image-us.samsung.com/SamsungUS/PIM/ 4 KB
5 KB 188ms
184ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/PIM/store.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 71c800c673fb367c89c7f3db5df766148b559b382bf7a545131ef4408bc46700

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Thu, 23 Feb 2023 09:26:36 GMT
server: Akamai Image Manager
etag: "1bbc624377c1f40301fa2de26b235547:1672956877.46822"
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 4353
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 icon_info.png
image-us.samsung.com/SamsungUS/PIM/ 371 B
675 B 187ms
183ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/PIM/icon_info.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 5cc3985356394e490ef66b6382d03aabcf33aabb1b9e883f99a9370ab1e75c67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 14:32:23 GMT
x-serial: 651
server: Akamai Image Manager
x-check-cacheable: YES
etag: "137fc1ded594fd451e9fe41eb49f72b5:1633980973.87716"
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 371
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 truck-icon.png
image-us.samsung.com/SamsungUS/home/vc2-0/ 451 B
726 B 142ms
138ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/home/vc2-0/truck-icon.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 76f357eb0c2007c17f3a859782d8b5af58d7245b590ff61c9d1bac170c522e22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 02:35:57 GMT
server: Akamai Image Manager
etag: "cf79506acb2debe4dbb4dfbee66342a9:1568890843.337106"
content-type: image/png
cache-control: private, no-transform, max-age=12258
content-length: 451
expires: Sun, 12 Mar 2023 04:22:22 GMT

GET
H2 200 reward.png
image-us.samsung.com/SamsungUS/palette/icon/ 395 B
670 B 170ms
165ms Image
image/png 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/palette/icon/reward.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 2210784070a38f50ef14b29bc7341343c5b982987241b77868e8c3e636430d33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Thu, 23 Feb 2023 08:37:47 GMT
server: Akamai Image Manager
etag: "4d58260af77ee062911ea21bc473df4e:1609801272.511245"
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 395
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H2 200 PC_YOUTUBE.png
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 204 KB
205 KB 172ms
167ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/PC_YOUTUBE.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 0a00826905c1ee2b39117ea74c215e219dde0636703aa2872c4e3e2ddbeb6d94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Thu, 02 Mar 2023 03:21:33 GMT
x-serial: 520
server: Akamai Image Manager
x-check-cacheable: YES
etag: "b27ebdd6403154518f87ca03df81c42d:1674870952.148559"
content-type: image/webp
cache-control: private, no-transform, max-age=12254
content-length: 208980
expires: Sun, 12 Mar 2023 04:22:18 GMT

GET
H2 200 PC_SPOTIFY.png
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 104 KB
105 KB 168ms
164ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/PC_SPOTIFY.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 10b1d1207bf8cf4f8eddfedc6adb88726de8d9cbafdaf12e5232d564124439e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 01 Mar 2023 09:34:02 GMT
server: Akamai Image Manager
etag: "79cd84294d6538bd1b7579ef00716789:1674870951.422172"
content-type: image/webp
cache-control: private, no-transform, max-age=26283
content-length: 106544
expires: Sun, 12 Mar 2023 08:16:07 GMT

GET
H2 200 PC_SIRIUS-XM.png
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 169 KB
170 KB 173ms
169ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/PC_SIRIUS-XM.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 32566ba62df38d2cf3852cbd9e153b30ae3242e9f16288f46fb7e6c7f1519dc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Tue, 28 Feb 2023 14:57:50 GMT
server: Akamai Image Manager
etag: "17a9dfbac96fb68a67225cf9525b0a8c:1675216363.478364"
content-type: image/webp
cache-control: private, no-transform, max-age=35236
content-length: 173156
expires: Sun, 12 Mar 2023 10:45:20 GMT

GET
H2 200 PC_ONEDRIVE.png
image-us.samsung.com/us/smartphones/galaxy-s23/configurator/ 103 KB
103 KB 161ms
157ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/us/smartphones/galaxy-s23/configurator/PC_ONEDRIVE.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 56c082678c7dd1d9fb9f5ffe7b97f126a6be3aa2c2bb3d04d96f5dfbf8afedac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 22 Feb 2023 00:51:29 GMT
server: Akamai Image Manager
etag: "6862455e9138b564c76a3edeb48c5232:1674870950.740669"
content-type: image/webp
cache-control: private, no-transform, max-age=15199
content-length: 104978
expires: Sun, 12 Mar 2023 05:11:23 GMT

POST
H2 403 geolocate Show response
www.googleapis.com/geolocation/v1/ 697 B
703 B 105ms
42ms Fetch
application/json 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyBKhZ2_YOd49CZVRjw-qXfVG474-oTxsf8

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/files/unify-configurator-galaxy-s23-ultra.89c0dc56d0a15dc1082047df53825a1b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4b5ecfe6dc4f94afa989d9469a0c6a0e294026ebed56e92fd8cab56058846bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347
x-xss-protection: 0

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 45ms
45ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:04 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 44ms
43ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:04 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

GET
H2 200 EPP-in-general.png
image-us.samsung.com/SamsungUS/configurator/ 508 B
783 B 87ms
86ms Image
image/webp 23.52.148.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.samsung.com/SamsungUS/configurator/EPP-in-general.png
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.148.147 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-148-147.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 99e97f3676a17cf08f598c12df23fdadedae138c4eed09ca2dce24aa53634b6f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Tue, 28 Feb 2023 03:03:57 GMT
server: Akamai Image Manager
etag: "28232d9a7059e704fb68065c10c4c580:1676384626.668732"
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 508
expires: Sun, 12 Mar 2023 12:58:04 GMT

GET
H/1.1 200
OK dest5.html Show response
samsungelectronicsamericainc.demdex.net/ Frame F1FA 7 KB
3 KB 191ms
38ms Document
text/html 54.91.182.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://samsungelectronicsamericainc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.sync.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.91.182.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-182-28.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v045-09b41e472.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DShpKL0tRmY=
content-encoding: gzip
date: Sun, 12 Mar 2023 00:58:04 GMT
last-modified: Wed, 8 Feb 2023 11:53:40 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.samsung.com/ 48 B
475 B 670ms
34ms XHR
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=48855C6655783A647F000101%40AdobeOrg&mid=77729988410026120510445973534877820543&ts=1678582684760

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

f497fbbc8233623152f9bb2b396159b6833e17f90a73f68f3a5c18200646e83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 12 Mar 2023 00:58:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 45ms
44ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:04 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 41ms
41ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:04 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 44ms
43ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:05 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 50ms
50ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:05 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

GET delivery-pickup-availability
www.samsung.com/us/api/v4/configurator/cacheable/ 0
0

OPTIONS
H2 204 delivery-pickup-availability
www.samsung.com/us/api/v4/configurator/cacheable/ Frame 0
0 315ms
314ms Preflight 104.76.100.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.samsung.com/us/api/v4/configurator/cacheable/delivery-pickup-availability?groups=828&postal_code=99790
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.100.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-100-66.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type
Access-Control-Request-Method: GET
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-ecom-jwt, x-ecom-locale, x-ecom-web-jwt, x-ecom-cookie-credentials, x-client-request-id, x-ecom-app-id, x-ecom-app-secret, x-ecom-order-search-token, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, x-uat-testing, access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: x-ecom-order-search-token
access-control-max-age: 1728000
content-length: 0
date: Sun, 12 Mar 2023 00:58:05 GMT
server-timing: ak_p; desc="466272_3090388260_175605866_26207_25807_31_0";dur=1

GET
H2 200 nr-spa-974.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 270ms
18ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-974.min.js
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38b506c2b3d1dbb864484e285560d2c474a9568f30385761894484bb8e29a36e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 00:58:05 GMT
x-amz-request-id: H24Q4W6QMQZN651T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11731
x-amz-id-2: 00a+Y88sxWu7BTmfVUMgGBJP2Vs4wUBJPB6yWUwM7+FRbdUPqrx2MKf4R6dWiFY8hgDRt5NBHL8=
x-served-by: cache-yyz4533-YYZ
last-modified: Wed, 28 Feb 2018 23:35:29 GMT
server: AmazonS3
x-timer: S1678582685.404767,VS0,VE0
etag: "c20cbf645b6eb4e61c3283f68747ca4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 74

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=82ee57de3d0718f8d58d1bd865ce8d83ce5a0d6c6e1bf339c0ca437d252ced1cb0da87c991749652
dpm.demdex.net/ Frame F1FA
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=77691174874026009110449837571737762531
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzc2OTExNzQ4NzQwMjYwMDkxMTA0NDk4Mzc1NzE3Mzc3NjI1MzEQABoNCJ3HtKAGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=82ee57de3d0718f8d58d1bd865ce8d83ce5a0d6c6e1bf339c0ca437d252ced1cb0da87c991749652

42 B
940 B

61ms
42ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=82ee57de3d0718f8d58d1bd865ce8d83ce5a0d6c6e1bf339c0ca437d252ced1cb0da87c991749652

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v045-0f05322c4.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tMBmhVGWS2c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 12 Mar 2023 00:58:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=82ee57de3d0718f8d58d1bd865ce8d83ce5a0d6c6e1bf339c0ca437d252ced1cb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ 133 B
412 B 120ms
71ms XHR
application/json 2600:141b:13:69d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=VRZKC-5BSTD-4EWS3-R2J59-B8GYB&d=mail.amazon-service-tooklits.duckdns.org&t=5595276&v=1.720.0&sl=0&si=2c7ee821-9e27-4780-9882-ab258ca8c870-rrduop&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:69d::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a98a4e6ab2439a3d54f7113cfbd91e2ea4e18c3ec6f6cb1788a82b9c2298ebe6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 12 Mar 2023 00:58:05 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 133
Content-Type: application/json

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEKmV9IQ0sdh66rsNN8UbFRE&google_cver=1
dpm.demdex.net/ Frame F1FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzc2OTExNzQ4NzQwMjYwMDkxMTA0NDk4Mzc1NzE3Mzc3NjI1MzE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Nzc2OTExNzQ4NzQwMjYwMDkxMTA0NDk4Mzc1NzE3Mzc3NjI1MzE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKmV9IQ0sdh66rsNN8UbFRE&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

43ms
43ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKmV9IQ0sdh66rsNN8UbFRE&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v045-046ee7985.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gN4qLJuMRxM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKmV9IQ0sdh66rsNN8UbFRE&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
configurator.ecom-mobile-samsung.com/api/ 2 B
168 B 43ms
43ms Fetch
text/html 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:05 GMT
server: nginx/1.20.0
x-powered-by: Express
content-length: 2
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
content-type: text/html; charset=utf-8

GET
H2 200 adsct
analytics.twitter.com/i/ Frame F1FA 43 B
394 B 156ms
53ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=77691174874026009110449837571737762531&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 12 Mar 2023 00:58:04 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: bec74b40a9304406
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5af943f75e5c54421357e5db97e3fce0d689b3780b1cd06751f5cbe8b0fd7c80
content-length: 43

OPTIONS
H2 204 logger
configurator.ecom-mobile-samsung.com/api/ Frame 0
0 41ms
41ms Preflight 52.54.145.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://configurator.ecom-mobile-samsung.com/api/logger
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.145.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-145-159.compute-1.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:05 GMT
server: nginx/1.20.0
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H/1.1 200
OK 50f27f0931 Show response
bam.nr-data.net/1/ 49 B
475 B 119ms
53ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/50f27f0931?a=22301500&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=4608&ref=https://mail.amazon-service-tooklits.duckdns.org/&be=2669&fe=1660&dc=129&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1678582680815,%22n%22:0,%22f%22:201,%22dn%22:202,%22dne%22:202,%22c%22:202,%22s%22:279,%22ce%22:362,%22rq%22:362,%22rp%22:439,%22rpe%22:834,%22dl%22:442,%22di%22:2703,%22ds%22:2773,%22de%22:2798,%22dc%22:4320,%22l%22:4322,%22le%22:4332%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-974.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:05 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-ewr18164-EWR

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=59e02a57-5252-4d8a-8626-bee1fbe33a27
dpm.demdex.net/ Frame F1FA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=mail.amazon-service-tooklits.duckdns.org&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=mail.amazon-service-tooklits.duckdns.org&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=59e02a57-5252-4d8a-8626-bee1fbe33a27

42 B
940 B

45ms
45ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=59e02a57-5252-4d8a-8626-bee1fbe33a27

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v045-0ae787f77.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KlZsBSFdSxE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=59e02a57-5252-4d8a-8626-bee1fbe33a27
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=58342&dpuuid=f2960fba-c070-11ed-a2f8-2c64eb274ee4
dpm.demdex.net/ Frame F1FA
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE
https://cm.adgrx.com/bridge.gif?AG_PID=adobe_aam
https://dpm.demdex.net/ibs:dpid=58342&dpuuid=f2960fba-c070-11ed-a2f8-2c64eb274ee4

42 B
940 B

42ms
42ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=58342&dpuuid=f2960fba-c070-11ed-a2f8-2c64eb274ee4

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v045-0ae787f77.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hvia6ePLRrE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:05 GMT
server: Cowboy
content-type: image/gif
location: https://dpm.demdex.net/ibs:dpid=58342&dpuuid=f2960fba-c070-11ed-a2f8-2c64eb274ee4
access-control-allow-origin: *
p3p: CP="NOI OTC OTP OUR NOR"
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: lga-delivery-4
content-length: 0
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=e5b991ad-47cb-49bd-9472-c6bec2abf60f
dpm.demdex.net/ Frame F1FA
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=e5b991ad-47cb-49bd-9472-c6bec2abf60f

42 B
941 B

55ms
55ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=e5b991ad-47cb-49bd-9472-c6bec2abf60f

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v045-06df6f358.edge-va6.demdex.com 17 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Al1BKlGDTnQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=e5b991ad-47cb-49bd-9472-c6bec2abf60f
date: Sun, 12 Mar 2023 00:58:06 GMT
content-length: 0
request-time: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame F1FA
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
958 B

49ms
49ms

Image
image/gif

107.23.31.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

107.23.31.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-31-66.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://samsungelectronicsamericainc.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v045-0c24e8127.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: aE0TwQpEQKk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:05 GMT
via: 1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: vVyrhVrs5vKIhMPIc4zTAfy9FcXyMl5DBMX5VtPoSKaSoPcXF5Gdvw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 utag.547.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 213 KB
59 KB 28ms
27ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d35a053b71e19af0b29fd56ad78428017921ffa6ab41f0a5834e91e87c2ae67d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: XNM5gGlhq9jCJudGHMyQpvOiXZd0ZCrR
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:30 GMT
last-modified: Fri, 10 Mar 2023 19:42:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 98
x-amz-server-side-encryption: AES256
etag: W/"244a295b980cf83388ea4a466d7a2f28"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _c7eqdXWqFsw0pyONrmI03Ahf7IJZZbn1APM28FSgD4P99CKZDceMg==

GET
H2 200 utag.3062.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 34ms
34ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3062.js?utv=ut4.46.202301102342
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89663c2221fb601b72651ba43aa30fea5ceb559e1999f17103ff0fcaa05740a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ICluLpOXw8KCdqpO9aOnxmpplY0Ytgeo
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:39 GMT
last-modified: Fri, 10 Mar 2023 19:42:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 89
x-amz-server-side-encryption: AES256
etag: W/"f5ae91f422063b0c6724bb041f7843cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KFiZOywctgpexeTfJ1yV4SuJkHhs6NuAXi76nbMjtC1HQcG4f2JRRw==

GET
H2 200 utag.3146.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 23 KB
6 KB 35ms
35ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3146.js?utv=ut4.46.202009211828
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a44516f491bd84a9e7c8a1ad388436891b80af7e79c06b20bd5d67e7d0996f53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: CQmEsF3lrri8ERsz2ZOm_UZ1EBOMuDO5
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:03 GMT
last-modified: Fri, 10 Mar 2023 19:42:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 125
x-amz-server-side-encryption: AES256
etag: W/"db78fc3ccbe73899e4f9799fbfa6da1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Bnzj1fIjCujcEQyxOAuxIDyeO396OR2vwvHPQMkEnIqle05FRNM9gw==

GET
H2 200 utag.1690.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 22 KB
7 KB 36ms
36ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.1690.js?utv=ut4.46.202206221603
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ac195f96185a410ded23f3b57691f38f414eae4d53d5498e2607762b0aa7f9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: qfHB7_74GRKkpdzYJxbHPgDaX9xZ1R9X
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:12 GMT
last-modified: Fri, 10 Mar 2023 19:42:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 116
x-amz-server-side-encryption: AES256
etag: W/"aa33dae650d8c7405ae3660f1b63be01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VMO2wGESTo2KoEmo5gMIjknwVclf0yaJOllK-gFdtjZndi800yR6_g==

GET
H2 200 utag.3115.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 27 KB
5 KB 57ms
57ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3115.js?utv=ut4.46.202206021718
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d1bb5d071cc7c58fe9603f5a2124e8eb74f2668d2c0dfa7bbf136ea6dbea7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: vE45OaBzPW7ZuUX464CGhhmUjL0kyKH2
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"e4fc6c006f0a0f104594a6e175c927ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7Il4HANcq9Wmu3pWIRS32Qcr31F0yBcaQ8DGeul2XzhDzAn_gMwKAA==

GET
H2 200 utag.3108.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 22 KB
6 KB 60ms
60ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3108.js?utv=ut4.46.202301101909
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 538277f8967c6203a0ae76e7e1b4bfcc256fae956c0dbeea55803a98f3a2c41c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: mDQ.TZ_bOKxKVYZfCRzlHG0Ge0u1Wpx9
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:30 GMT
last-modified: Fri, 10 Mar 2023 19:42:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 98
x-amz-server-side-encryption: AES256
etag: W/"108db0931d3978a384951bfa98d1837f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RlWxsbTydErKg08TKqp9k-_4YMChV1dQzJ1T5B7_ts_EfsIY5BwDWw==

GET
H2 200 utag.3078.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 13 KB
4 KB 64ms
64ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3078.js?utv=ut4.46.202007092126
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d6f6c9843b9f653e6e1d3a05dd85028fa0f528983b44a37e2853d7e3222830d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Q1cvmpvOapAcaRhuuzp0mmq7hbnOBnAr
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:12 GMT
last-modified: Fri, 10 Mar 2023 19:42:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 116
x-amz-server-side-encryption: AES256
etag: W/"e78b09b82f000d19ac44467a755e00a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: monG2fD99hU6-gBNIZGiobvu5hVzl3a-MI-Eab75bl2c8iQmqAr5WA==

GET
H2 200 utag.2427.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 3 KB
2 KB 65ms
65ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2427.js?utv=ut4.46.201802132116
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 104ffefd4569f4a030e346e518411d9b449a8db1eb39a7efda291647abee8a6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: yJdG8hF4X0EYmD0x_AQO.CcLEX_xdSDR
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:23 GMT
last-modified: Fri, 10 Mar 2023 19:42:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 105
x-amz-server-side-encryption: AES256
etag: W/"ec553e5063d16d4954c68bd9b3130d80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4mxYTTXanbTD6VCIoOVSE-VAOsVU7j6zzaCdTVYCLhanAljg-lFuPQ==

GET
H2 200 utag.2063.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 65ms
65ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2063.js?utv=ut4.46.201708030437
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dbe299789df772aa7d0ffb9ce6931c2a82aa33bfb2f9b81fbec39e650df9a38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: k7DSKDInUHgTv044zfUaRDkEbT_vyVmZ
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:42 GMT
last-modified: Fri, 10 Mar 2023 19:42:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 86
x-amz-server-side-encryption: AES256
etag: W/"264b45dc9d23b34389ed05989b25d823"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1hRB6Ji172vsogA_nEy9o1XkW7i-prr8Q_UrTIdGWewhdipIhXBMwg==

GET
H2 200 utag.518.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 12 KB
4 KB 66ms
65ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.518.js?utv=ut4.46.201903151955
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a439f0fd3315a13118ea54eadfebdfab12017756f088a4cb815d5442298f0213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: CVs.RQogxcVAAUtCCSJ0ubsHfU9vTR4H
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"8f4197a5850659af8b1a0feb4c717d52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KPRaAd0DFOVu2q12fCiZYF6A83i3TS4Y4dOgB3WQZAMloNm2v3DqVw==

GET
H2 200 utag.2899.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 3 KB
2 KB 66ms
66ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2899.js?utv=ut4.46.201809102317
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392f2352445f1ca01f2cd6580307cf437dfbfdec82206361571d167678c856ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: VUvsQqF3FxkTOayFvZIJTRQNIA.CBVQb
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:23 GMT
last-modified: Fri, 10 Mar 2023 19:42:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 105
x-amz-server-side-encryption: AES256
etag: W/"92b68884c76d2f9b94718f276b6b109c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: YxgQxKHxAEXaz8Fc_D3LjGZsyyfKhxt_27RrVBU5EJmn2S37PcGE2A==

GET
H2 200 utag.2175.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 3 KB
2 KB 66ms
66ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2175.js?utv=ut4.46.201709210503
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e18bb06540f8a390908c03238cac9c6f22a39a9f273c4ff5f5ff6b339486516

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: MYtXUf_wwq00ak9N4_FPbJuNKY8qENRO
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"a918aab75740b3ba918cb2cee76ed10f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pq-Ugfc0ztunhPWSOEF2aouryIwY2IpGCBWSX8AMDl3-dH9GXM2k1A==

GET
H2 200 utag.2992.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 780 KB
46 KB 66ms
66ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2992.js?utv=ut4.46.202303091141
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64782947ce2dc5eb4e2d844197ccd9da884e594564e48554814661695b5f426a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: UblXoX42uSbeAH7l2R7he25d6.KznCkA
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:46 GMT
last-modified: Fri, 10 Mar 2023 19:42:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 82
x-amz-server-side-encryption: AES256
etag: W/"8e1ec1010f3b97fed896998fb65b81e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3gdJW1zTUGlNgsaHmAShvdQaiWf4xNBH_2RbYY4RyPhBhehxmONCZA==

GET
H2 200 utag.3051.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 14 KB
3 KB 71ms
70ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3051.js?utv=ut4.46.202101222128
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfff8f6b28f4ef55029d9d8a057c8d86c5a64499fb753f21f43371d9fd292a14

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 2pCkQMV5rj46_Mc172szs9wQLeGFPsnb
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"e962b436122a2d9834449afef24150d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NzyKVjn9e_h85EEJ5_euznxFppZB9O3QDWHRV4ijhCyYiyVc87kp8A==

GET
H2 200 utag.3044.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 296 KB
16 KB 68ms
67ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3044.js?utv=ut4.46.202303071358
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5565415a1f0ae2a8c188e6f98684ba89426d74bec4e188ecc1075194f3025438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: RDjgGnZERqDjpCu2VzcWA0MfMdMvMyqf
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:51 GMT
last-modified: Fri, 10 Mar 2023 19:42:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 77
x-amz-server-side-encryption: AES256
etag: W/"4057b48663a7c1a1685cba43e7ff943c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: OwS214Pz3gClAp9VDdVg-P_iqGFBe3W47iTUiH4twHj8ulFtt8rzTA==

GET
H2 200 utag.3141.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 71ms
70ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3141.js?utv=ut4.46.202302231616
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 402c735d7bd08eace2f5b566af9d25e33838e1b37c3f544fe2533d0bab2e915b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ht4JJpUrQvPLXHR.dbtPZ88Jg0BbfueH
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:23 GMT
last-modified: Fri, 10 Mar 2023 19:42:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 105
x-amz-server-side-encryption: AES256
etag: W/"c34104de0bd15e560817870a0a5ac9f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: D9Cf6WzF4WN-bD3tHiZoo9h-GfWDCLVJzsSp6RHSdDg3OCRygJwtxA==

GET
H2 200 utag.2507.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 5 KB
2 KB 71ms
70ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2507.js?utv=ut4.46.201803091809
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20d241c8aaae7a56278070fbe89b50e873ca9633f2caee038bdbb806bcfd24ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: gm5GENlpFb9EXu2I_PSBUoo4HoOQOUxl
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"09952e633bbaf291de3716aa2597a1a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PXvjyYNvuhYTT0z9Dkj67goPwmA-rBVX_hCpBYgFoEcd9ySJhug09Q==

GET
H2 200 utag.2587.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 95 KB
10 KB 71ms
69ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2587.js?utv=ut4.46.202303071358
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1244953e6aeb0464778abbf9b9cb6c3a141afdcbac837eb54bea85c318fe0d40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: AUwcpSjY3Tmo3ImuFgyjp46gGOgkplzr
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:23 GMT
last-modified: Fri, 10 Mar 2023 19:42:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 105
x-amz-server-side-encryption: AES256
etag: W/"c065ed557bd78a243740a594fb9a4f49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -P1B8L4XiBYsA7e-hShLyemj8JpCMTdwSRXqukxV4F2pKYF43GhuJA==

GET
H2 200 utag.3152.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 71ms
70ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3152.js?utv=ut4.46.202004151840
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e89f3db475521d7b0eed134a96becf9b6cc5ac13f709c6cb0f8105ed3895705

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: MmkI1hUWU.XU4t6YYge7tQ2Hc8IdXrll
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:30 GMT
last-modified: Fri, 10 Mar 2023 19:42:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 98
x-amz-server-side-encryption: AES256
etag: W/"b19d35d04797dd510883bbaffa272908"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MvWI6XfBRl4gpuB-aK9GUkLzAILKwwdcuriOMPQfjh7XiprG089vQg==

GET
H2 200 utag.3155.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 22 KB
7 KB 72ms
71ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3155.js?utv=ut4.46.202206221603
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f413176657503d94a8ae034ef7d2ee86d75b07f1f64de2dd378b24bb22bcbbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 79wQ9ELn.SYi4bCJdBorxYs0Z7aSBD9D
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:52 GMT
last-modified: Fri, 10 Mar 2023 19:42:36 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 76
x-amz-server-side-encryption: AES256
etag: W/"f483b1ff203b6f6c77c057065e8dc420"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8JNyEhGnUzPsLKqQd0IDlmufkMU-7S41oD7J2ZrZakrqu5k8F9HMUA==

GET
H2 200 utag.3116.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 10 KB
3 KB 72ms
71ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3116.js?utv=ut4.46.202302231616
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d50b19caee9bde353ff52cb71ddbc543576a193c8f93fcdfa2037063df09ad65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: sRYWdmJDi4K_yC6kJUj1QnQOMrLvRJRt
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:30 GMT
last-modified: Fri, 10 Mar 2023 19:42:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 98
x-amz-server-side-encryption: AES256
etag: W/"aa67c0d1dc020f03de4c3495d892cace"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -hJsc07XJDxQpBfk5sRxt76T-lXPmUNbRiZfaa9IxJS_D5kSaVAo4A==

GET
H2 200 utag.3191.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 73ms
72ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3191.js?utv=ut4.46.202111031810
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d11c0113e7a0c852e92679e49e117b4a06d71032c902f3309534185730840a52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: tDe0IzNzp7MQmsuyr9JUcmcUzLh.2tL4
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:57:05 GMT
last-modified: Fri, 10 Mar 2023 19:42:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 63
x-amz-server-side-encryption: AES256
etag: W/"28de0a58fab23f1aa9fb81230cc20614"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WtoRcM0HLmlhbdNEFN-leQ5-6XM-9Gux8sSBRuFJtTcmX7DLBajl2Q==

GET
H2 200 utag.3218.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 3 KB
2 KB 73ms
72ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3218.js?utv=ut4.46.202202162108
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9cabb40a3a00da7544812b30999f856663d6690f1e5f6ad4593466a7ea769ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: x3VGRVbPvrhdDRcPWAWa5YizZHaW_hM3
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"c0aae3366bced4808f33b68ad62c1d51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: cEm0wjIM7khmXFn-2dKrMXgEPJhd9JnduzhYQsA3uQYb1ONM26WNwA==

GET
H2 200 utag.3335.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 25 KB
7 KB 74ms
74ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3335.js?utv=ut4.46.202301121934
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 189fdedc2dc3d6db6b6190fb5f65969811026a063ded0dddf6af77b38c767b77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: uNqkdEG1T4IVt.X2QV0nsPd530OCMyTo
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"9cf4a28460b2d9120569bc7f11601557"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VRnG17SC6XQc4DHqSJHo0BClhdu0RrGKsJt0dWbGvR1VXiE1MEAivg==

GET
H2 200 utag.3374.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 74ms
74ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3374.js?utv=ut4.46.202110121928
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80d49d62bce2cd67cace41d4b2d7c7936ac1c29b04d23936c3f04f5b6c4f9782

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: iem_yKIIEet9KQmS8J_n4sRfFFl0.5Kn
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:31 GMT
last-modified: Fri, 10 Mar 2023 19:42:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 97
x-amz-server-side-encryption: AES256
etag: W/"7851baea240a2298146fc8e393ef5708"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: l6Zfs36IY3s5By508AmfydVvOBL9VlUpCY5iGfn4w_7TXtuJ54bELw==

GET
H2 200 utag.3378.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 11 KB
4 KB 74ms
74ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3378.js?utv=ut4.46.202110191806
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434c3a6195c14f6b6fd111b8934aa4b9f69424edf180840f4b93e6efe7008707

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: kwQeb.JPLIGdd5ge0vEukn8b.r4z.gfi
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"a86c0a6dba24794cebcf8b59c73d6cdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CsJUfnuoMJ_C8_OHF5XU1LjeJoqzHSc9O8NCzoLSOxl8K7eSd-ZG6A==

GET
H2 200 utag.3384.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 19 KB
6 KB 75ms
75ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3384.js?utv=ut4.46.202302231616
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81a383a04ef053baa18811a798c0dfb9aabb5fcbc225a8bdf726955466959e33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: eslFEgXIkx0kFz2FEKVbYVTmDJT5Z6TT
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:51 GMT
last-modified: Fri, 10 Mar 2023 19:42:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 77
x-amz-server-side-encryption: AES256
etag: W/"275d8140c7ff14740ede4bd9333192fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8gOCdRAUSf23X0GCSf6tZX-KlrzhexvwUfN3nwO2VrvzN1ua6L7fMA==

GET
H2 200 utag.3391.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 255 KB
24 KB 75ms
75ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3391.js?utv=ut4.46.202303091141
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e50875f831701e57eb6c5b86250b92a847bb57bb61005ecd5f4db5669da8f833

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ZjuHUqnjM8LfUlFdoP87AiHKXEARo9St
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:23 GMT
last-modified: Fri, 10 Mar 2023 19:42:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 105
x-amz-server-side-encryption: AES256
etag: W/"5ffe8dcb40cd3aa44956eec0dbcf9e94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BK9_Gm6h7evkX8_OrhJEzgny1w_OaNJLg4Ql5mBsQhs1TaAwcKkIbw==

GET
H2 200 utag.1659.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 429 KB
34 KB 76ms
76ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.1659.js?utv=ut4.46.202303091141
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e994a4cf7f30cd6b6ded53962426d6d6a5a53db9da3b7663b2f60e96973c5fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 1uC3DTopH5a8fsT4CvR4MxHKKaGWH3BQ
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"8f02963925b47d0bf90ce36a5b6b8bbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4NLQRynOJDeVksOXRROS8EKO7cwZ5VkaQgpc9CPfM7G8Zld_Uw0oTQ==

GET
H2 200 utag.3393.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 16 KB
6 KB 80ms
79ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3393.js?utv=ut4.46.202206301949
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8e7b8f2a9080a5457ae9e12be4bf78d2ecb875f36d4fdbeecdb61bc721d0688

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: x.7m0dwAPQNGhlkglueund7dT2GSPBmG
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:29 GMT
last-modified: Fri, 10 Mar 2023 19:42:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 99
x-amz-server-side-encryption: AES256
etag: W/"827669307cd12d38020d9ed2bd4f6b29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JuJ_ixqBu9qSr4pMed4G6ptuG3te7pwAqc6iPpTtZ4qjLPV_riEwLg==

GET
H2 200 utag.3405.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 2 KB
1 KB 80ms
80ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3405.js?utv=ut4.46.202302131903
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 131c8a1a1c3688391d291ebebf284224ebd2bc6e1fc40a6924cdb13c23cb65b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: WvCTbliOkg4lEfOZl1PrN5.5aZ5A._OE
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:44 GMT
last-modified: Fri, 10 Mar 2023 19:42:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 84
x-amz-server-side-encryption: AES256
etag: W/"0526aae0b167427fc8965bc610263f58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZCOfU_gjlJtsxi93A54reXT1z-LKXE6Fo0mI48dUEScd0D4ZSq1RZQ==

GET
H2 200 utag.3410.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 80ms
80ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3410.js?utv=ut4.46.202210041329
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8d4346c4fd04fe5aff1950b0e1028896db20f0f0b67ff3edd542a44ea08ffdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: CqcPztXRrscswrr8lzQbAcHNcTu9nUmX
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:54:13 GMT
last-modified: Fri, 10 Mar 2023 19:42:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 235
x-amz-server-side-encryption: AES256
etag: W/"4b87fe6049b48fd1b6945cfdb52887a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BptGAEqhGWv6GS0OxMFOxMuqTecDj_kYZU3XP_KT2kl82XXouo3IOA==

GET
H2 200 utag.3413.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 7 KB
2 KB 81ms
81ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3413.js?utv=ut4.46.202302231616
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f09d6e199b32fee95ad9a918ce61a7311dec952acfd7db266af9cf950d88753

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: amyz8hmKOGHL_Zbf7WG.Jkz0RpW0vlgF
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:44 GMT
last-modified: Fri, 10 Mar 2023 19:42:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 84
x-amz-server-side-encryption: AES256
etag: W/"8dd6aef17622a5a3541c66b99565b886"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xq-SCw6m8H45jqyIkEq21DzAzxssZoMN56NAzIvXJQlRvUUe3sjIwQ==

GET
H2 200 utag.3415.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 7 KB
2 KB 100ms
100ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3415.js?utv=ut4.46.202302231616
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d49b3a4656fdbd1d885850d7da46524bbb1c34c85cb8674869e66c4a12045efe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: RZHIe_DRnwIMOlIihfd8dgQJApeOfPxT
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:44 GMT
last-modified: Fri, 10 Mar 2023 19:42:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 84
x-amz-server-side-encryption: AES256
etag: W/"b07536f6d3e235603fd562708aca910e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: v8ksokzsYchD1PoUCxMk8pPDsr6Gkt_VHkAYIOW1yn2-KDOEZG2kog==

GET
H2 200 utag.3417.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 8 KB
3 KB 100ms
100ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3417.js?utv=ut4.46.202212141908
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a11c17125ef8a9245d6f9854e31394f907fdefee1949d4bc5b9f7d8bb1dc6cf1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: AtqE3g0ZzxQiOIW2LLMm19pr79LBK4Uj
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:34 GMT
last-modified: Fri, 10 Mar 2023 19:42:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 94
x-amz-server-side-encryption: AES256
etag: W/"495616f315c0f326d699cb6ebef0aa0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9KLNmsb9o1kYyRYbRtFDnApGx1eCodxKrxl1MzLvYmAhtC6Cg9hThA==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
413 B 34ms
34ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=samsung/main/202303101938&cb=1678582687620
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 0u1KMWwhMzyT6lrE3BqQv2vcWKCAIMxo
date: Sun, 12 Mar 2023 00:50:31 GMT
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
last-modified: Tue, 28 Feb 2023 19:57:59 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 457
x-amz-server-side-encryption: AES256
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2
x-amz-cf-id: HFrjURLOBQ_3IUkRTW3hqg88HAlveaM0IabkVuEXhkTB4wpsWygR4g==

GET
H2 200 s48949422800210 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 45ms
45ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s48949422800210?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&events=event102%3D0&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&v9=accordion_close&v10=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F%3Eaccordion_close&v11=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F%3Econfigurator%3Egalaxy-s23-ultra%3Eeppheader%3Eaccordion_close&c15=D%3Dv9&c16=D%3Dv10&c17=D%3Dv11&c25=logged%20out&v41=0.1&v46=false&c57=D%3Dv46&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v104=configurator%3Eeppheader&v105=accordion_close&v106=select_eppheader_accordion_close&v107=ut4.46.202303101941&pe=lnk_o&pev2=accordion_close&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

96015989d16efacb8ef36822a5e8ef8fa91a782f1b81cfea47e502ef366c508c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: VBHoin4NRDY=
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1350
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v045-0245f6c9c.edge-va6.demdex.com 6 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:09 GMT
server: jag
etag: 3604728877998571520-4619788241989782637
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
24ms Script
text/javascript 2607:f8b0:4006:816::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 00:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 645
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Mar 2023 02:47:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 103ms
28ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Mar 2023 00:58:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LvnfJwxDPx9VlJPlUaZbvrC2lijr1fKitLdhAWDr3IdgN3ZubqRelOQ36SJnXHJoGfsBc0gDDu1T5MiX0jrQnQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 114ms
42ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 12 Mar 2023 00:58:09 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E7446C48FBB4F3FB90D03435AF1E03D Ref B: NYCEDGE1714 Ref C: 2023-03-12T00:58:09Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 98ms
38ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-1782317

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff77fdbc19aa1ebcc2e136122c359d1d93345f98fdf25cd53c7b0ee53044e0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44986
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:09 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 30 KB
14 KB 426ms
361ms Script
application/javascript 108.138.113.246

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: gzip
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13327
x-amz-cf-id: pUDOWL-6kYzs59vOTZZ2wkKZnhFlSjoYG6aczfCMQojWu0oT5wa8Xw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 322ms
43ms Script
application/javascript 23.33.40.197

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6KFVUU18TAI47M9O9F0&lib=ttq
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.197 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f78e8f172c30a0e3eb8754d6b016b348ad53f6afbf7a94370f1a71e8dc9ac9da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: ce23cad
date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=11
content-length: 1144
pragma: no-cache
server: nginx
x-tt-logid: 2023031200580961AC0DE9A3A85188F396
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.216.133.5
x-tt-trace-host: 011367272af88a3fae6823c0e41bb8c70a4033b8bd682a170831e1e18c93c3893707a653c3ed3af8a4a5203525b458657bd4b6979cbc75e373cf5497d6c001bc3946997805e42b3fe64b96b4f13720bb76509aade218fad5e11edf2476557c56fa
expires: Sun, 12 Mar 2023 00:58:09 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 115ms
38ms Script
application/javascript 199.232.36.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-lga21965-LGA

GET
H2

200

live.js Show response
halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/
Redirect Chain

https://halc.iadvize.com/iadvize.js?sid=6528&lang=en
https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/live.js

27 KB
9 KB

33ms
27ms

Script
application/javascript

2600:9000:2510:9200:15:e09:8a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/live.js

Protocol

Server

2600:9000:2510:9200:15:e09:8a80:93a1 -, , ASN (),

Reverse DNS

Software

3b54f534-1a75-e990-aed2-803b9a6d4446, AmazonS3 /

Resource Hash

39097cb00a2d5ad7f284bbd3eca73dda8ed99803ba9f65be1c43cb6fa68940cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:32:14 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: null
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 213955
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Mar 2023 10:22:22 GMT
server: 3b54f534-1a75-e990-aed2-803b9a6d4446, AmazonS3
etag: W/"6f2f9f85a0a3da14015d00c99545a1a2"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HqtRx_szsIsG6OY-sMoJSgvptQ8_c0PkBbfhzP2Hlq-Lii7wGf7fcA==

Redirect headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
server: ec849002-612c-deb4-24ae-4c0f250889ec
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
vary: Accept-Encoding, Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/live.js
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 127
x-amz-cf-id: kqvOx8I9L70cxY07FPnLGGB3tAl04X2fCSwHHMZ_uPp1y4ca20J2_Q==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 275ms
30ms Script
application/javascript 2001:4998:1c:800::1000

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1000 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:57:54 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VJKXXXJVCAGMMDSN
age: 16
x-amz-server-side-encryption: AES256
x-amz-id-2: S3oDkFpBjYTp/qAn6qKKF9rwB0RmxwoBIk+uXGPkO74tf+JjbRnzJ4tCcpdfdU1SdwZ6fXx/sV0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 129ms
30ms Script
application/x-javascript 2600:141b:9000::b857:ad60

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:9000::b857:ad60 -, , ASN (),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=34049
accept-ranges: bytes
content-length: 4777

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 123ms
25ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:26:37 GMT
Content-Encoding: gzip
Via: 1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 1893
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: levfHaJm9c2qz3sf94Zbr5YURugaSlM9yvSCKNCA_W45rpju2vnGtg==

GET
H2

200

activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns... Show response
1782317.fls.doubleclick.net/ Frame 5C85
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckd...
https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2F...

1 KB
689 B

112ms
112ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6090439954ec1628e618fd1c9f8e33982f1d807e68d4d22f7c5c189bb6c50070

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:09 GMT
expires: Sun, 12 Mar 2023 00:58:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 304.js Show response
cdn.adgrx.com/usegments/hlF_xGfBH5PyfGeeoXC1zK0ElTSf-7pAU9-K6qrKxuo=/ 5 KB
2 KB 181ms
26ms Script
application/javascript 23.54.68.97

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adgrx.com/usegments/hlF_xGfBH5PyfGeeoXC1zK0ElTSf-7pAU9-K6qrKxuo=/304.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.68.97 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 41cb119006aae73587cb18c99081e8d2b7b7ded4dd1982bb6e410f1155cdafa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:58:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 21:54:26 GMT
Server: nginx
ETag: "5dcc7b92-1328"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
P3P: CP="NOI OTC OTP OUR NOR"
Cache-Control: max-age=476
Connection: keep-alive
Accept-Ranges: bytes
X-RealServer-NX: aws-useast1a-origin-1.sys.adgear.com
Content-Length: 1730
Expires: Sun, 12 Mar 2023 01:06:05 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/3842/ 44 KB
12 KB 584ms
32ms Script
text/plain 34.120.253.250

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3842/i.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: bf708c33ad6a457c51b8dda5a20375393d785bfbd4f6ee95edc4aa06376118bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:57:31 GMT
content-encoding: gzip
via: 1.1 google
age: 39
x-envoy-upstream-service-time: 1
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12123
server: istio-envoy
etag: 5ba82313ca5cdc
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H/1.1 200
OK samsung.js Show response
static.narrativ.com/tags/ 152 KB
42 KB 159ms
32ms Script
application/javascript 18.164.116.73

General

Check archive.org

Show headers Download Go to

Full URL: https://static.narrativ.com/tags/samsung.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3218.js?utv=ut4.46.202202162108
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.73 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab9febc0dcec8158ed57ded75d2cd95fa9be77fc0eba599bcf9073ff1a5e5e55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:30:27 GMT
Content-Encoding: gzip
Via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
Last-Modified: Mon, 21 Nov 2022 14:41:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
Age: 1662
ETag: W/"e915ce2746086348512f13fc0820f015"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=3600
Connection: keep-alive
X-Amz-Cf-Id: YEifL18_8JNTbvrqyAbxZyhBa8v8BGIizzwMV9Z8iz5FvxxcSMiTNw==

GET
H2 200 dtag.js Show response
cdn.attn.tv/samsung/ 8 KB
4 KB 92ms
24ms Script
text/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/samsung/dtag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a95d646abf4feaa1461631b68bdd42fdc213a45e39e29af282128908027be2f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: iWCg_hKzVK71aRJlI.sJrhK3GgNpINei
content-encoding: gzip
via: 1.1 96a64fa2174f29526cca2286fa3d1340.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:56:45 GMT
last-modified: Wed, 19 Oct 2022 19:15:30 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
age: 85
etag: W/"e937933e1deb17ce102df8ced1a1b93b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=120
x-amz-replication-status: COMPLETED
x-amz-cf-id: HwBvX8Pa9cbXU-uYFdB4guGq-t5YDf_Jo4srvfXG_XVw7_gjecZtzw==

GET
H2 200 124408.ct.js Show response
tag.rmp.rakuten.com/ 37 KB
12 KB 131ms
47ms Script
text/javascript 34.102.147.248

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rmp.rakuten.com/124408.ct.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d674ce8117d88a4ccc1d8e02bcbb8fd5deda786a521b1d6d39d874d4791df095

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 12 Mar 2023 00:58:09 GMT
x-cache: hit
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1020 B
685 B 133ms
44ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3405.js?utv=ut4.46.202302131903
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-tags
date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 1217
etag: W/"c5f5d23dbd841fb0868078e4bfbbd713"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
cf-ray: 7a6816539837d153-BUF

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/145272/onsite/ 1 KB
984 B 397ms
33ms Script
application/javascript 199.232.37.230

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/145272/onsite/embed.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.37.230 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3c77228dbaf036416458b45211e70fbc7f3f2eb9ee9a4f106bc14a6d0122fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ApnHarnzxR6BzzEMetV1wPDYtIEUU5ph
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: HK00BV16WP1VDDTS
age: 152878
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 532
x-amz-id-2: nfPEwlVfQY0kfoFtMDUhWsZS9iw5UsmB1cSnNxvjfxcOsEE/mtRidKlmsT1htn1J6KtpQJ8r0bI=
x-served-by: cache-lga21938-LGA
last-modified: Fri, 10 Mar 2023 06:30:10 GMT
server: AmazonS3
x-timer: S1678582690.198913,VS0,VE0
etag: "ea07bf9e34235a38bbfe9f41d9de2098"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 4096

GET
H2 200 s46993483483121 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 48ms
45ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s46993483483121?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&pageName=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&ch=B2C&server=mail.amazon-service-tooklits.duckdns.org&events=event102%3D0&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&c13=D%3DpageName&c14=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&v16=configurator%3Egalaxy-s23-ultra%3Ehome&v17=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org&c22=configurator%3Ehome&c24=New&c25=logged%20out&v41=0.1&c44=consumer&v46=false&v52=D%3Dc22&c57=D%3Dv46&v58=D%3Dch&v62=prospect&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v88=home&v107=ut4.46.202303101941&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

8b7d05cee857fcf36a33b62bf495f8eb1027556d0cdaa3d56d026ed3286a6dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: jZUuC6mkTAI=
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1405
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v045-050f39e7c.edge-va6.demdex.com 7 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:09 GMT
server: jag
etag: 3604728876986302464-4619688189975891549
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:09 GMT

GET
H2 200 rp.gif
alb.reddit.com/ Frame 5C85 42 B
157 B 329ms
42ms Image
image/gif 151.101.1.140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?id=t2_9gd7ik41&event=PageVisit&integration=noscript
Requested by: Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5C85 189 KB
68 KB 41ms
39ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058244264

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e89135b1deb4a833375d5f90e13c6933e7e0d3f7a0e423daaa1496179f7f7b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69199
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:09 GMT

GET
H2 200 TC-3418-2.gif
pt.ispot.tv/v2/ Frame 5C85 43 B
314 B 208ms
17ms Image
image/gif 151.101.194.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3418-2.gif?app=web&type=Visit_AllPages
Requested by: Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;or...
adservice.google.com/ddm/fls/z/ Frame 5C85 42 B
401 B 242ms
52ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COWsy-eX1f0CFaMKaAgdXhQDUw;src=1782317;type=unisam17;cat=samsu0;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8219307388414.78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5564940.js Show response
bat.bing.com/p/action/ 0
116 B 41ms
41ms Script
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5564940.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 12 Mar 2023 00:58:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39D26206C9334E2B98A931857F9BB665 Ref B: NYCEDGE1714 Ref C: 2023-03-12T00:58:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 58ms
57ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5564940&Ver=2&mid=7db2cfcc-8aeb-4280-bce7-3bfc2632a337&sid=f51672d0c07011edba1565b6f57bd6a7&vid=f516b4b0c07011edb14fe92e6118b060&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buy%20Galaxy%20S23%20Ultra,%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&p=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&r=&lt=4332&evt=pageLoad&sv=1&rn=323219

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 12 Mar 2023 00:58:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 26CD41DE63FC41A2A0D767BF0D4D70B5 Ref B: NYCEDGE1714 Ref C: 2023-03-12T00:58:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
231 B 59ms
58ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 12 Mar 2023 00:58:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8D6032A538D74F198D6A88CBFE97F3ED Ref B: NYCEDGE1714 Ref C: 2023-03-12T00:58:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:816::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Mar 2023 01:39:08 GMT

GET
H2 200 750510078415232 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 32ms
29ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/750510078415232?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

578c5f13cb444ba4734cbeda37cc5dcc1cdfd7b2c856bab8f660708cc06b69a3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Mar 2023 00:58:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110302
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wEjo4KKtmubJ7pR9zvWcx3VcPNVVQxDXTHqq5GG1uz9wYeU18Krewn3btMD0GN4BaImxmqR/Mu6xGsyN3WTioA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 304.html Show response
rtb.adgrx.com/usegments/hlF_xGfBH5PyfGeeoXC1zK0ElTSf-7pAU9-K6qrKxuo=/ Frame 49F4 85 B
487 B 59ms
33ms Document
text/html 173.231.178.81
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adgrx.com/usegments/hlF_xGfBH5PyfGeeoXC1zK0ElTSf-7pAU9-K6qrKxuo=/304.html?AG_URL=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&AG_VARS=&AG_TXN=&AG_REV=&AG_GDPR=0&AG_CONSENT=&AG_R=3115641896685
Requested by: Host: cdn.adgrx.com
URL: https://cdn.adgrx.com/usegments/hlF_xGfBH5PyfGeeoXC1zK0ElTSf-7pAU9-K6qrKxuo=/304.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.178.81 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 52be68b3321596da1eff1d3fe8945ffb20cd4cc13d99a066f93adfc55728556a

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 85
content-type: text/html
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: lga-delivery-4
x-server: lga-delivery-4
x-thinktime: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/60813/domain/mail.amazon-service-tooklits.duckdns.org/ 36 B
369 B 340ms
99ms XHR
application/json 2600:9000:21ec:d800:2:53b2:240:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/60813/domain/mail.amazon-service-tooklits.duckdns.org/token
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:d800:2:53b2:240:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: gzip
via: 1.1 74636a0d3b110dc164c7801b27cac3b2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: fQVvMdfXTMwTwQX3OQjNh_bpxq5ONF3m4EvPctQ0dhzDhwllAlMdQw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D60813%26time%3D1678582689949%26url%3Dhttps%253A%252F%252Fmail.amazon-service-took...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL_tGvpAvkJzwAAAYbTUz...

0
488 B

161ms
88ms

Image
application/javascript

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL_tGvpAvkJzwAAAYbTUzST0VTSDbfV_QHeP2lUCvrnfE52qbXLSwGGC63XVkfBz0KQqg
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 03A65A4F60B942CE97B54D5F993826F1 Ref B: YTO01EDGE0518 Ref C: 2023-03-12T00:58:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2qX0IkfEgc8qd1ehDuw==

Redirect headers

date: Sun, 12 Mar 2023 00:58:10 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D4F3B2F8E5A2464DAF618D7AF8F82ADC Ref B: EWR311000103017 Ref C: 2023-03-12T00:58:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60813&time=1678582689949&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL_tGvpAvkJzwAAAYbTUzST0VTSDbfV_QHeP2lUCvrnfE52qbXLSwGGC63XVkfBz0KQqg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2qX0FScpHLjKOSNLl1Q==

GET
H2 200 adsct
t.co/1/i/ 43 B
375 B 281ms
49ms Image
image/gif 104.244.42.5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7a5842fd-dfd9-45d5-a0fe-c86cf56af342&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=nwa6z&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 -, , ASN (),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: c9446f88221fb2ea
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: af941717353f074a20febac12e4cba9c2ec9a174cdc9eb31822a3fc465fa2f08
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
423 B 64ms
58ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7a5842fd-dfd9-45d5-a0fe-c86cf56af342&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=nwa6z&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 6
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: a57379d87b7555ea
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5af943f75e5c54421357e5db97e3fce0d689b3780b1cd06751f5cbe8b0fd7c80
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
225 B 282ms
50ms Image
image/gif 104.244.42.5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%22contents%22%3A%5B%5D%7D&event_id=67a873f4-2ec7-4716-ad4a-b73c90cd0c53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=tw-nwa6z-ocolk&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 -, , ASN (),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 6
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 9b373323c47fa7e7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: af941717353f074a20febac12e4cba9c2ec9a174cdc9eb31822a3fc465fa2f08
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
419 B 59ms
55ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%22contents%22%3A%5B%5D%7D&event_id=67a873f4-2ec7-4716-ad4a-b73c90cd0c53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=tw-nwa6z-ocolk&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: d13c2015b6c55c01
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5af943f75e5c54421357e5db97e3fce0d689b3780b1cd06751f5cbe8b0fd7c80
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
202 B 282ms
51ms Image
image/gif 104.244.42.5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=8229a6a6-afcd-4085-91fb-dd03ae694555&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=nwbn3&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 -, , ASN (),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 7
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 59116dd260323384
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: af941717353f074a20febac12e4cba9c2ec9a174cdc9eb31822a3fc465fa2f08
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
444 B 57ms
53ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=8229a6a6-afcd-4085-91fb-dd03ae694555&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=nwbn3&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 3b2a709ec0f3c473
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5af943f75e5c54421357e5db97e3fce0d689b3780b1cd06751f5cbe8b0fd7c80
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
200 B 280ms
50ms Image
image/gif 104.244.42.5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%22contents%22%3A%5B%5D%7D&event_id=4aff7c45-4684-4f1d-bc65-fa580e6d5d1b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=tw-nwbn3-ocpnr&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 -, , ASN (),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 9e49cf393b54ae04
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: af941717353f074a20febac12e4cba9c2ec9a174cdc9eb31822a3fc465fa2f08
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
420 B 59ms
56ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%22contents%22%3A%5B%5D%7D&event_id=4aff7c45-4684-4f1d-bc65-fa580e6d5d1b&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6df4e28c-e1ef-4cae-a583-790003708cfa&tw_document_href=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tw_iframe_status=0&txn_id=tw-nwbn3-ocpnr&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 12 Mar 2023 00:58:09 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 6b5560a816a05c9b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5af943f75e5c54421357e5db97e3fce0d689b3780b1cd06751f5cbe8b0fd7c80
content-length: 43

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 107 KB
37 KB 39ms
39ms Script
application/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/samsung/dtag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0d9abd186aa683aab0c0c889a360463e23daeb7966ff0f95eb7abea66032d13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:55:51 GMT
x-amz-version-id: AH5gZeU.6nC_4eeePlrZrHqq_cReUAXy
content-encoding: gzip
via: 1.1 96a64fa2174f29526cca2286fa3d1340.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
age: 139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Mar 2023 16:17:11 GMT
server: AmazonS3
etag: W/"8b5a507ac3a40a333e8baf263df2307a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-id: bxBur3lmW5r2XIlrOqV0ueZwH2tNaCBkwMzSKVlfuFhSVwgRdsVQKQ==

GET
H2 200 session.html Show response
events.release.narrativ.com/api/v0/ Frame E65A 713 B
1 KB 164ms
39ms Document
text/html 54.81.120.153

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/session.html

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/samsung.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.120.153 -, , ASN (),

Reverse DNS

Software

openresty/1.21.4.1 /

Resource Hash

3b8553796393722271730a45493783dd30759ad8c0137e765a5515d16f0aceb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, max-age=7776000, must-revalidate, proxy-revalidate
content-length: 713
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 00:58:10 GMT
server: openresty/1.21.4.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-bam-build-version: 98c6cb4e931cff8135f4ed29324c5a2060b726ac
x-bam-env: release
x-robots-tag: none

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 34C9 893 B
1 KB 69ms
50ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=8m6xj3j&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=cho8zo4&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: dd353716d28febf1746ea9fbb38c887a7ca35384cce06502a87abf06ebb32ff6

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 00:58:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 021F 925 B
1 KB 73ms
54ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mzbudiqj&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=3kcai53&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8cc08c487ed47ad99e3ffb655d75b8853cca202082c3be6ac45c4e88818da433

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 00:58:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 40ms
39ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6709910&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e7c16b5fa053c476073377d7c3788c89f605886e619f108dfeb7d9458009353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45009
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 42ms
41ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7f2eba316740f62d551e869b66d0e9b1bb6231cd7661f4737a1f1e5056f3d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51692
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 58ms
58ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058244264&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

180a0558617f4ae63971a81a60ba3074a7de0aa9758a310f8992f39d159cf1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69207
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 65ms
65ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-731047257&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fa15e0c1199a2542b002bbfe85d73f831a2faab933c3aa737173a58ca723b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51688
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 77ms
77ms Script
application/javascript 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975661385&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ae43cade222a5b97da4c97be406d5c233106a63fbcc4c96d3b8bb7787fc158d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51684
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H3

200

activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame 1983
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
290 B

146ms
144ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0caa20830e30e1c27983749e1b245948a0fdae613a712b5bfa9fb6aa335ca015

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 267
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Sun, 12 Mar 2023 00:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame C481
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
288 B

102ms
100ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d7650fab27ed8f7e6eea6a9c8cc02d0251b41a0af9fb73221180ed953561b031

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Sun, 12 Mar 2023 00:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame 3328
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
289 B

139ms
138ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0faeaa4868c637c4073345ce376585786c58f976a4744fdb533def79ccbcbcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Sun, 12 Mar 2023 00:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame 56C5
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
289 B

100ms
99ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0d7094e9f11a322267e8153518aef03f0039f65c5fa2d7bff4e57ed750109e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Sun, 12 Mar 2023 00:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame 580A
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
289 B

111ms
110ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8fa4774adf373260cfca7502d646d39da9b96dec00c6f5f623eb1f209be817eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Sun, 12 Mar 2023 00:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame 9959
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
288 B

104ms
103ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

32dea7108ffed0abf44a6b87aea6ac4209a7dd7867ba38d6fa181570086b953d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Sun, 12 Mar 2023 00:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 42ms
41ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&tc=1&dl=mail.amazon-service-tooklits.duckdns.org%2F&tdp=DC-1782317;;0;0;0&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 40ms
38ms Image
image/gif 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&tc=1&dl=mail.amazon-service-tooklits.duckdns.org%2F&tdp=DC-1782317;;0;0;0&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2008 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 55ms
53ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tc=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 68ms
67ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tc=1&tr=1rep&ti=1rep&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 67ms
66ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAACA&h=Ag&tc=1&epr=1DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 69ms
68ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtag.config&eid=3&u=AAAAAAAAAAAAAACA&h=Ag&tc=1&epr=1DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
13 KB 359ms
98ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=cbc23c86ab8350459ba2424c2e6b0f73
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f001a59f1b1cb15544ea5606d037c8a8ba3f568007907a9317ef0644b6e822

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-tags: cbc23c86ab8350459ba2424c2e6b0f73
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
surrogate-keys: cbc23c86ab8350459ba2424c2e6b0f73
cf-cache-status: HIT
server: cloudflare
etag: W/"9bd9f903fc2169694ead0fa7c24d386b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 7a681657ffa3d14f-BUF

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 34C9 487 B
963 B 25ms
25ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=8m6xj3j&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=cho8zo4&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:27:57 GMT
Via: 1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 1814
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: hmcuvMaqdeRc4SQiCX5aDpseL-XKNij7_Xgc1UvJo12DBIhkh2jfhQ==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 021F 487 B
963 B 46ms
26ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=mzbudiqj&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=3kcai53&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:27:57 GMT
Via: 1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 1814
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 6dc2JJSVWSH9aNhgparoRylRAjMRg7jCxWqPRBXtahR5zjxESbG-pw==

GET
H2 200 main.MTE3ZGZjMmFkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
65 KB 31ms
31ms Script
application/javascript 23.33.40.197

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6KFVUU18TAI47M9O9F0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.197 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: ce2431d
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230221145324D56B1F26E44CB8FA04B6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016d880cbb5d0632cdb853d46b0be3c5416dd224ff708d0575d160b49ddc413840114d6f9ba75fad2b69999cb17b71f45b060621c69f69d3d592c2b27d833948914782410a78f245a5dcdec86df29f0abd297823401cacc3fcc8d0a8c7b14d2e38
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
content-length: 66201

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 236ms
28ms Image
image/gif 76.13.32.146

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2012%20Mar%202023%2000%3A58%3A10%20GMT&n=0&b=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&.yp=28576&f=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&enc=UTF-8&yv=1.13.0&et=custom&tagmgr=tealium%2Cgtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H2 200 live.1.php Show response
halc.iadvize.com/rpc/ 2 KB
1 KB 131ms
129ms Fetch
application/json 2600:9000:2510:9200:15:e09:8a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/rpc/live.1.php?activeTimeSpentOnPage=0&browsingTimeSpentOnPage=0&customData=%7B%22abTestGroup%22%3A10%2C%22page_type%22%3A%22configurator%3Ehome%22%2C%22pagename_v2%22%3A%22configurator%3Egalaxy-s23-ultra%3Ehome%22%2C%22page_lang%22%3A%22en%22%7D&deviceHeight=1200&deviceWidth=1600&initialRequest=true&previousUrl=&registerNavigation=true&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&lang=en&platformDomain=halc&useExplicitCookiesConsent=false&sid=6528&language=en

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:9200:15:e09:8a80:93a1 -, , ASN (),

Reverse DNS

Software

a6110f04-59a3-b23b-bc15-5e78abcdc9c1 /

Resource Hash

5d2c456c0edbae1badbe5df60b7b992161ea13ffe7aceaef50c473f848883ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 866
pragma: no-cache
server: a6110f04-59a3-b23b-bc15-5e78abcdc9c1
etag: W/c49e0bf056ccc5fe1b78d0ac848a7ce5
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
cache-control: no-cache
access-control-allow-credentials: true
x-amz-cf-id: MtvwZnpFUPxKCtji7u_JixD8wmyRf3t3lsZf3fHqzZwQXWFB3r-pKA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 s49598906820091 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 45ms
45ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s49598906820091?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&events=event102%3D0&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&v9=galaxy%20s23%20ultra&v10=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Egalaxy%20s23%20ultra&v11=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Econfigurator%3Egalaxy-s23-ultra%3Edevice%3Egalaxy%20s23%20ultra&c15=D%3Dv9&c16=D%3Dv10&c17=D%3Dv11&c25=logged%20out&v41=0.1&v46=false&c57=D%3Dv46&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v104=configurator%3Edevice&v105=galaxy%20s23%20ultra&v106=select_device_galaxy%20s23%20ultra&v107=ut4.46.202303101941&pe=lnk_o&pev2=galaxy%20s23%20ultra&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

57591c22e42a0e547d868892ce4858183d4b28ee11bb9d29955b921d64632f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: fPhNubr9SqY=
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1405
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v045-0bae07779.edge-va6.demdex.com 7 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:10 GMT
server: jag
etag: 3604728880232529920-4619831528048292437
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:10 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 5BCF 672 B
851 B 251ms
71ms Document
text/html 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a035d197-19b1-4d68-aca1-f4a37f434a91&u_scsid=7ac97178-1cb8-41a7-afbd-38906e949ce2&u_sclid=f0cdb4a5-6ee1-4f1b-877b-68734a0c6d4b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Sun, 12 Mar 2023 00:58:10 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 8

GET
H2 200 a035d197-19b1-4d68-aca1-f4a37f434a91.js Show response
tr.snapchat.com/config/org/ 143 B
559 B 241ms
60ms Script
application/javascript 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/a035d197-19b1-4d68-aca1-f4a37f434a91.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

caaa42516a2023d7cf6bd6d7ddf959bd8e0429118ab573b31e44652b23429090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
tr.snapchat.com/ 68 B
362 B 251ms
72ms Ping
text/html 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame C481 42 B
107 B 54ms
54ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CPje5-eX1f0CFcq9nwodeyYFEA;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6470982079037;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame 56C5 42 B
107 B 49ms
48ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CKns6OeX1f0CFU8HaAgddoUJLw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=6616443600198;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic1678429808017.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/145272/onsite/ 3 MB
183 KB 34ms
33ms Script
application/javascript 199.232.37.230

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/145272/onsite/generic1678429808017.js

Requested by

Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/145272/onsite/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.37.230 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c9ebe80b2763333210e6fd88005329896e63d251b37ef91102620c03b3447b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: PlQYFuJiPqNMcJx6y.4zmKzATQKskWFx
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 5CY08ZVRKB9S8W0Z
age: 152878
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 186732
x-amz-id-2: ep3HkPQHKifNqZZXBctXuGYhtnU5Tj6AnmHeKElGeoN9KhTdNK4A2r2i3NUz9lvcDbQ/qh8R6Hc=
x-served-by: cache-lga21938-LGA
last-modified: Fri, 10 Mar 2023 06:30:10 GMT
server: AmazonS3
x-timer: S1678582690.444304,VS0,VE2
etag: "1e44f0de379291e389f396c69ce21972"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 main_f8216d0602277e8f456d8bf82fa4aa07.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 377 KB
74 KB 130ms
26ms Script
text/javascript 34.98.72.95

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3842/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: f9be09bc2d5b8d41fc355ec0499577745a8b6cf1a2ca2ce01805c8139ea37aaa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 12:15:06 GMT
content-encoding: br
age: 45784
x-guploader-uploadid: ADPycdvZolEs5Au97rskOuGn8gDnvoOUGDpQD4xS86XsKkWeBCxKfSaRyG55NJvanaCWUbiDC0otuN9Iw3IPmIhp80u9qA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75561
last-modified: Wed, 08 Mar 2023 20:15:44 GMT
server: UploadServer
etag: "2a815015d69c34e66db741c12c9a8a57"
x-goog-generation: 1678306544954969
x-goog-hash: crc32c=TP3Lkw==, md5=KoFQFdacNOZtt0HBLJqKVw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 75561
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_d4acb22c649bb3f7d444f2201d38b121.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 47 KB
15 KB 156ms
53ms Script
text/javascript 34.98.72.95

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_d4acb22c649bb3f7d444f2201d38b121.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3842/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 444ee9ab2244cf739d772ea95e1b075c67ad9a994298ad28def5517f69bfc6cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:17:21 GMT
content-encoding: gzip
age: 13249
x-guploader-uploadid: ADPycduyK_FYJ2CkquIwKewNTYB1-qsrjub0mz3rmfeNSnxq-fPZSKT3Uuc5jkdTO4pmRMWbz6WXa4H_3QhyCPNNVW6zwQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15163
last-modified: Thu, 23 Feb 2023 21:01:47 GMT
server: UploadServer
etag: "2b6c581f54c09b722f59d133938d1d54"
x-goog-generation: 1677186107846735
x-goog-hash: crc32c=uGPGaw==, md5=K2xYH1TAm3IvWdEzk40dVA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600,no-transform
x-goog-stored-content-length: 15163
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H3 200 dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame 3328 42 B
63 B 52ms
47ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CKPh5-eX1f0CFfUMaAgd7vMJEQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=1671281313506;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame 1983 42 B
63 B 50ms
49ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CLTg5-eX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pclan0;ord=1;num=7578554968526;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 304 session.gif
events.release.narrativ.com/api/v0/ 0
397 B 41ms
41ms Image 54.81.120.153

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1802364440263474424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.120.153 -, , ASN (),

Reverse DNS

Software

openresty/1.21.4.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
x-bam-build-version: 98c6cb4e931cff8135f4ed29324c5a2060b726ac
date: Sun, 12 Mar 2023 00:58:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: openresty/1.21.4.1
x-robots-tag: none
x-bam-env: release

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 279C
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D59e02a57-5252-4d8a-8626-bee1fbe33a27
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8451906731249194627&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27

70 B
620 B

48ms
48ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8451906731249194627&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

AN-X-Request-Uuid: 87c757cf-34c4-4d92-b69f-b8790dc4a53b
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 00:58:10 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8451906731249194627&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 96.9.249.35; 96.9.249.35; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame D898
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTllMDJhNTctNTI1Mi00ZDhhLTg2MjYtYmVlMWZiZTMzYTI3&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1f...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1

70 B
590 B

54ms
46ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame F978
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=59e02a57-5252-4d8a-8626-bee1fbe33a27&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=59e02a57-5252-4d8a-8626-bee1fbe33a27&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0

70 B
620 B

49ms
48ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Sun, 12 Mar 2023 00:58:10 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H3 200 255663235586551 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/255663235586551?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

29bdb09d13893af37efea28433c977f4cde8d2490360f1e94b06aabb9a70e38d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Mar 2023 00:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110358
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RjZZAEKfEXJny6G796MkdWhdRYYj5DoXvPT0afErEFWL7jSnzg23d/EEN64xAU4dSs+C2Ow2PxBvs5eV4sni3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 111ms
28ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=750510078415232&ev=PageView&dl=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&rl=&if=false&ts=1678582690517&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.2.1678582690515.1019515181&it=1678582689939&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 12 Mar 2023 00:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/731047257/ 2 KB
2 KB 240ms
159ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/731047257/?random=1678582690530&cv=11&fst=1678582690530&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-731047257&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c28ea6ca4206579c08a0e7fb10ef61dbe196e537affab6a975eaaf7ece84e09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/731047257/ 2 KB
1 KB 235ms
161ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/731047257/?random=1678582690551&cv=11&fst=1678582690551&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-731047257&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8311410be7aa7a68e620a33f40e34c2aa19ab650cea95cc47b881018e9bbab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 217ms
170ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690569&cv=11&fst=1678582690569&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

626bd692d4dd69d9b2127ba40fbf4b500d19c010050f06c2154e9e30fafd419b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 181ms
170ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690584&cv=11&fst=1678582690584&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

48681ba54fa0eed2749b572838ad6ecd5c7584398242e5eeeba35527e884edfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 178ms
167ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690592&cv=11&fst=1678582690592&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2ffbea64afdf2171aec5ef8a43194217ea8fd1dce43c7a824e4ec5fb0fe947c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 165ms
165ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690606&cv=11&fst=1678582690606&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2c419131dded8359bfd253ecebe887059ded52c3bd996b37ff4796a4bafb6d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 157ms
156ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690678&cv=11&fst=1678582690678&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d04065b06346c4d46509368097e4d4fd9098f19984abb4e9eced749ae511ddb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 162ms
161ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690684&cv=11&fst=1678582690684&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

773795bfba8848fb7ec3d092cbc4aaf409025c2c700ac083f4510bc5541a06c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/ 2 KB
1 KB 152ms
151ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/325145837/?random=1678582690690&cv=11&fst=1678582690690&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-325145837&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

80a753875454bcf755f7ad9db038ba5343393a646a8fd1ad09f09de5d90c3a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
samsung.attn.tv/d/ 5 B
276 B 120ms
62ms Fetch
application/json 172.64.150.25

General

Check archive.org

Show headers Download Go to

Full URL: https://samsung.attn.tv/d/?attn_vid=8ecc133e7ec24abbbda214f43a7b3b98
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 6
cf-ray: 7a6816595b6fa1ed-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 e
events.attentivemobile.com/ 0
387 B 136ms
61ms Ping
image/png 172.64.144.208

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.17.4_33ae067b5c&pd=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&u=8ecc133e7ec24abbbda214f43a7b3b98&c=samsung&ceid=QAP&lt=1678582690701&tag=modern&cs=3649366198&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1678582690707
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.208 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-expose-headers: Set-Cookie, X-Count, X-Token
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
cf-ray: 7a6816597a45ca98-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975661385/ 2 KB
1 KB 163ms
163ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975661385/?random=1678582690718&cv=11&fst=1678582690718&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975661385&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9a8811b558cb16edf7b1a3f0186120d39fabbc808e036dc7a82ae72063d9a630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975661385/ 2 KB
1 KB 154ms
154ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975661385/?random=1678582690731&cv=11&fst=1678582690731&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975661385&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d777a9061d2add35bf413c03c75a00a4239baf78e508bb96a8a0302edbc2e9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_cab4d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 44ms
43ms Script
application/javascript 23.33.40.197

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.197 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-akamai-request-id: ce24839
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230221145324D56B1F26E44CB8FA04B9
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016d880cbb5d0632cdb853d46b0be3c5416dd224ff708d0575d160b49ddc413840114d6f9ba75fad2b69999cb17b71f45b379c8d34a35bc4d6e5f62eda31d3259e9eaa9d046df1c9fdbaa58f545a0714caaa8540f9a9ff45bc4ce6d5d695f03e39
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 30774

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
547 B 60ms
59ms Ping
text/plain 23.33.40.197

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.33.40.197 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-akamai-request-id: ce248fa
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202303120058106E101FA2019B57BD448E
x-cache: TCP_MISS from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.216.133.5
x-tt-trace-host: 011367272af88a3fae6823c0e41bb8c70a4033b8bd682a170831e1e18c93c38937f62133e372e7182394b70efb9737cfafd8901134d91c410e45731f9eb6bb5ddb52f291a5815a297e153ffc65c4cf3364a7952fa661a9a2f9af9bfaa8a9322089
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=5, origin; dur=25
content-length: 0
expires: Sun, 12 Mar 2023 00:58:10 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9063
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27

0
0

196ms
39ms

Document
text/plain

54.85.136.197

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.136.197 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Sun, 12 Mar 2023 00:58:11 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=33 t=1678582691
x-served-by: beacon-n011-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Sun, 12 Mar 2023 00:58:10 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a021-ash-prod.krxd.net

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 67B6
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=59e02a57-5252-4d8a-8626-bee1fbe33a27&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
620 B

50ms
49ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:11 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
content-length: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame ECA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTllMDJhNTctNTI1Mi00ZDhhLTg2MjYtYmVlMWZiZTMzYTI3&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1f...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1

70 B
620 B

49ms
48ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:10 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=59e02a57-5252-4d8a-8626-bee1fbe33a27&google_gid=CAESEG45MQ7AbPqMZ5u0lrYMsWU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/ 2 KB
1 KB 170ms
169ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1678582690850&cv=11&fst=1678582690850&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058244264&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1cced91732919ed0331aa1c757d45045ba4256ee04529499e1aef9c6cfbdfe4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/ 2 KB
1 KB 183ms
183ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1678582690874&cv=11&fst=1678582690874&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&did=dYmQxMT&gdid=dYmQxMT&auid=1649324596.1678582690&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058244264&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

699ee9f5211b3349c2ffd15afe9434ae7cfcba1b2ec5582ff852691882819e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/ Frame 5C85 2 KB
1 KB 101ms
101ms Script
text/javascript 2607:f8b0:4006:820::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1678582690900&cv=11&fst=1678582690900&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058244264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

34f77d850ed8f47fdf182c0584f9fa12089da2a20df483392770705591b1fe2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1058244264/ Frame 5C85 3 KB
2 KB 123ms
49ms Script
text/javascript 142.250.65.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1058244264/?random=1678582690921&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058244264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ce8af7a7ff7edcc864dd666e240fd4fae2320fe830a55bc023eb12d043aaadb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1457
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1058244264/ Frame 5C85 3 KB
1 KB 122ms
51ms Script
text/javascript 142.250.65.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1058244264/?random=1678582690925&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058244264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

aa333cca4d6045d2964c3f9a13e8ccfb04111d184641e0e2b475c06b9e400b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1458
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1058244264/ Frame 5C85 3 KB
2 KB 118ms
50ms Script
text/javascript 142.250.65.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1058244264/?random=1678582690927&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058244264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b6b6a86c92eaf681c1c5b4bacc41b35116825a58235e930bcf18cdf91908b52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1465
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s4756429557292 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 47ms
46ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s4756429557292?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&events=event102%3D0&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&v9=t-mobile&v10=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Et-mobile&v11=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Econfigurator%3Egalaxy-s23-ultra%3Ecarrier%3Et-mobile&c15=D%3Dv9&c16=D%3Dv10&c17=D%3Dv11&c25=logged%20out&v41=0.1&v46=false&c57=D%3Dv46&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v104=configurator%3Ecarrier&v105=t-mobile&v106=select_carrier_t-mobile&v107=ut4.46.202303101941&pe=lnk_o&pev2=t-mobile&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

ae875bac071824e7a740de11f2727265209e9330ec3262c939e494004ad0cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: HAD8HvyMQoo=
date: Sun, 12 Mar 2023 00:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1405
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v045-089ccfebb.edge-va6.demdex.com 8 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:10 GMT
server: jag
etag: 3604728880294854656-4619804389772097153
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:10 GMT

GET
H3 200 dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame 580A 42 B
63 B 48ms
48ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CNij6-eX1f0CFTQKaAgdFrQDOw;src=1782317;type=unisam17;cat=pclan0;ord=1;num=8488007752078;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame 9959 42 B
63 B 50ms
49ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CMSs7eeX1f0CFR4NaAgdolgCQQ;src=1782317;type=unisam17;cat=pclan0;ord=1;num=9035362357537;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 samsung.attn.tv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 37 KB
12 KB 53ms
52ms Script
application/javascript 2600:9000:2120:ba00:1c:9484:cec0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/samsung.attn.tv.js
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ba00:1c:9484:cec0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d65efbcc28b71c870d2a006f53aa6012d27520d0721092abe68836e89d0fe28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: zFXmbsNRcmkPx6bcdji.smxdrmmonxvY
content-encoding: gzip
via: 1.1 96a64fa2174f29526cca2286fa3d1340.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:57:59 GMT
x-amz-cf-pop: EWR52-C4
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Feb 2023 21:11:08 GMT
server: AmazonS3
etag: W/"562100def864add69e4c1bbc59bc245b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-id: dFErkYlZVREkdQ7WUR7rhK7ygKaKHRJY-tMdGI5Yu0uT71HcNdg7yA==

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 46ms
45ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&e=gtag.config&eid=3&u=AgAAAAAAAAAAAACI&ut=ABA&h=Ag&tc=1&tr=5rep&epr=1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.2DC.2DC&ti=1rep&tdc=DC-1782317*DC-1782317&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 39ms
39ms Image
image/gif 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&e=gtag.config&eid=3&u=AgAAAAAAAAAAAACI&ut=ABA&h=Ag&tc=1&tr=5rep&epr=1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.1DC.2DC.2DC&ti=1rep&tdc=DC-1782317*DC-1782317&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2008 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 5BCF 30 KB
13 KB 32ms
31ms Script
application/javascript 108.138.113.246

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=a035d197-19b1-4d68-aca1-f4a37f434a91&u_scsid=7ac97178-1cb8-41a7-afbd-38906e949ce2&u_sclid=f0cdb4a5-6ee1-4f1b-877b-68734a0c6d4b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 09:53:25 GMT
content-encoding: gzip
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 54286
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 13327
x-amz-cf-id: CNIVCcbiOF4QZb79wrhz3qAsJxO_NThPgrxRRFoA6NIXV7YpWZsoOA==

POST
H2 201 / Show response
events.release.narrativ.com/api/v0/merchants/1242/impressions/page_impression/ 2 B
482 B 46ms
45ms XHR
application/json 54.81.120.153

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/merchants/1242/impressions/page_impression/?uid_bam=1802364440263474424

Requested by

Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.120.153 -, , ASN (),

Reverse DNS

Software

openresty/1.21.4.1 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: {"uid_bam":"1802364440263474424","BAMX_Opt_Out":""}
Referer: https://mail.amazon-service-tooklits.duckdns.org/
X-Howl-Pixel-Version: samsung
X-BAM-Params: {"uid_bam":"1802364440263474424","BAMX_Opt_Out":""}
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

x-bam-build-version: 98c6cb4e931cff8135f4ed29324c5a2060b726ac
date: Sun, 12 Mar 2023 00:58:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: openresty/1.21.4.1
x-bam-env: release
vary: Origin
content-type: application/json
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
x-robots-tag: none
content-length: 2

OPTIONS
H2 200 /
events.release.narrativ.com/api/v0/merchants/1242/impressions/page_impression/ Frame 0
0 128ms
44ms Preflight
text/html 54.81.120.153

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/merchants/1242/impressions/page_impression/?uid_bam=1802364440263474424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.120.153 -, , ASN (),

Reverse DNS

Software

openresty/1.21.4.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: accept,content-type,x-bam-params,x-howl-pixel-version
Access-Control-Request-Method: POST
Origin: https://mail.amazon-service-tooklits.duckdns.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: accept, content-type, x-bam-params, x-howl-pixel-version
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 00:58:11 GMT
server: openresty/1.21.4.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
x-bam-build-version: 98c6cb4e931cff8135f4ed29324c5a2060b726ac
x-bam-env: release
x-robots-tag: none

GET
H2 200 node_modules_babel_runtime_helpers_defineProperty_js-node_modules_babel_runtime_helpers_inter-37a80d.chunk.js Show response
halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/ 26 KB
6 KB 27ms
27ms Script
application/javascript 2600:9000:2510:9200:15:e09:8a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/node_modules_babel_runtime_helpers_defineProperty_js-node_modules_babel_runtime_helpers_inter-37a80d.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6528&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:9200:15:e09:8a80:93a1 -, , ASN (),

Reverse DNS

Software

3b54f534-1a75-e990-aed2-803b9a6d4446, AmazonS3 /

Resource Hash

c36ac03050f1699565b9534f52a24d411ea074e550c159cc09b7a9e4e9063c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:32:16 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: null
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 213955
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Mar 2023 10:22:22 GMT
server: 3b54f534-1a75-e990-aed2-803b9a6d4446, AmazonS3
etag: W/"d048a47a1a767fe249926ba719d61fe7"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: by-P3MjIzjLTdhLhw_cgEyOcHh4SrdXklYYxPS6sNuyRVyTgDeevzg==

GET
H2 200 full-mode.chunk.js Show response
halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/ 78 KB
19 KB 36ms
36ms Script
application/javascript 2600:9000:2510:9200:15:e09:8a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/full-mode.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6528&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:9200:15:e09:8a80:93a1 -, , ASN (),

Reverse DNS

Software

1276fced-ae5f-44c4-882a-c228fdb488c8, AmazonS3 /

Resource Hash

6f2fe8a955eaf90c4a16828403ac35a8e29b1a6910aa96719abce8ec4d4940c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:32:16 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: null
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 213955
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Mar 2023 10:22:22 GMT
server: 1276fced-ae5f-44c4-882a-c228fdb488c8, AmazonS3
etag: W/"0b7f38cdd07925034bdc2c85bf206550"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MEUMBytMsegNSMxIslYKkde_dvVT-7k10QIvfx9MFZuw5iE7JFa3QA==

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 135 KB
24 KB 108ms
49ms Script
text/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=cbc23c86ab8350459ba2424c2e6b0f73&lang=en&cb=67f89c3
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=cbc23c86ab8350459ba2424c2e6b0f73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3422e9829865eb80547e244abf20b4f7d1f46640944731f653d08308f7a4d39b

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
surrogate-key: prod cbc23c86ab8350459ba2424c2e6b0f73 67f89c3
last-modified: Sat, 11 Mar 2023 22:03:33 GMT
server: cloudflare
cf-cache-status: HIT
age: 4098
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 7a68165c08ddd15f-BUF

GET
H2 200 jquery.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 42ms
41ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=cbc23c86ab8350459ba2424c2e6b0f73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ee03384a8676e762042da84fe88f6a8c06f02ceb376264d4a905abadfa9fd7d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1308
etag: W/"6408cc49-17d8a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a68165ba87fd14f-BUF
expires: Mon, 11 Mar 2024 00:58:11 GMT

GET
H2 200 startup.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 428 KB
115 KB 51ms
51ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=cbc23c86ab8350459ba2424c2e6b0f73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 450c37ab3f57c19e5eaeaa0dd70ab049bc91e31b93f1c600bbd9f3dd3b8c9597

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Mar 2023 02:03:24 GMT
server: cloudflare
age: 1308
etag: W/"640a8fec-6ae80"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a68165ba880d14f-BUF
expires: Mon, 11 Mar 2024 00:58:11 GMT

GET
H2 200 s42034272569973 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 48ms
47ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s42034272569973?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&events=event102%3D0&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&v9=512gb&v10=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3E512gb&v11=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Econfigurator%3Egalaxy-s23-ultra%3Ecapacity%3E512gb&c15=D%3Dv9&c16=D%3Dv10&c17=D%3Dv11&c25=logged%20out&v41=0.1&v46=false&c57=D%3Dv46&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v104=configurator%3Ecapacity&v105=512gb&v106=select_capacity_512gb&v107=ut4.46.202303101941&pe=lnk_o&pev2=512gb&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

4d87740d96596dff004b33ebb41e221e22084e5baa2711bd092c3e05678984c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: R3DvdrttTO8=
date: Sun, 12 Mar 2023 00:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1405
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v045-0f4eccdd9.edge-va6.demdex.com 6 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:11 GMT
server: jag
etag: 3604728881175232512-4619582340527958396
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:11 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1058244264/ Frame 5C85 42 B
108 B 115ms
50ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058244264/?random=1678582690900&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3193733879&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1058244264/ 42 B
108 B 120ms
55ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058244264/?random=1678582690850&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1423989000&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1058244264/ 42 B
108 B 119ms
54ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058244264/?random=1678582690874&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dpage_view&fmt=3&is_vtc=1&random=4051748947&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/731047257/ 42 B
455 B 113ms
48ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/731047257/?random=1678582690530&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=174419221&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/731047257/ 42 B
108 B 112ms
51ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/731047257/?random=1678582690551&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dpage_view&fmt=3&is_vtc=1&random=3900260649&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 112ms
52ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690569&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=552580657&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 115ms
56ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690584&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2358447707&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 48ms
44ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690592&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2828864243&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 48ms
44ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690606&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648105423&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 49ms
45ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690678&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4150418574&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 51ms
47ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690684&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2272901915&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/325145837/ 42 B
108 B 52ms
48ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/325145837/?random=1678582690690&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2169687119&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975661385/ 42 B
108 B 49ms
45ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975661385/?random=1678582690718&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1319781105&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975661385/ 42 B
108 B 53ms
49ms Image
image/gif 2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975661385/?random=1678582690731&cv=11&fst=1678579200000&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&tiba=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20(T-Mobile)%20Phones%20%7C%20Samsung%20US&data=event%3Dpage_view&fmt=3&is_vtc=1&random=651521820&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 104ms
40ms Image
image/gif 35.241.45.82

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuNjQgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkJ1eSBHYWxheHkgUzIzIFVsdHJhLCA1MTJHQiAoVC1Nb2JpbGUpIFBob25lcyB8IFNhbXN1bmcgVVMiLCJwYWdlX3VybCI6ICJodHRwczovL21haWwuYW1hem9uLXNlcnZpY2UtdG9va2xpdHMuZHVja2Rucy5vcmcvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2Nzg1ODI2OTEyOTMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NmQzNTMzNWM0MmZlLTA5YjA1MWNjMjE5ZWRjLTE0MzAzMzdjLTFkNGMwMC0xODZkMzUzMzVjNTYxZiIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC13ZXN0IiwiYWNjb3VudElkIjogMTQ1MjcwLCJ1cmwiOiAiaHR0cHM6Ly9tYWlsLmFtYXpvbi1zZXJ2aWNlLXRvb2tsaXRzLmR1Y2tkbnMub3JnLyIsIndlYnNpdGVJZCI6IDE0NTI3MiwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiMGQwOS1hMDBkLWQ4MTctYzdhZC0zYTBkLTlmNGItNDU0OC1iZjQxIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2Nzg1ODI2OTEyODkiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTMyMCwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDkuMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDkuMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY3ODU4MjY5MTI5MywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 -, , ASN (),
Reverse DNS
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-tr0p
date: Sun, 12 Mar 2023 00:58:11 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 157ms
53ms XHR
application/json 34.117.93.237

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.93.237 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f9d826ec75c6446aa7da4c19c2cf446003c5d5e30e5927eec1aded7b413e9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 00:58:11 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 173ms
57ms XHR
application/json 34.120.230.25

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.230.25 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8894369000485a1fa48bd316aaabf1c5bfe2e059ddb0ea989fe35666d9c77a44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 00:58:11 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 157ms
52ms XHR
application/json 35.227.248.175

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.248.175 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 066a1d0ca8739927212da5ca749914d066de699b9aae2614a4165eeecd11f0d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 00:58:11 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 inbox_02b49e81fdce836ab814f9ce203fce36.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 76 KB
20 KB 27ms
25ms Script
text/javascript 34.98.72.95

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_02b49e81fdce836ab814f9ce203fce36.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 60497a77878c8c06974db33c21ab74a3af653b5b153ff749f6ff695d37b081e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 14:30:22 GMT
content-encoding: br
age: 37669
x-guploader-uploadid: ADPycduPQYvg_Z_OQWiJOEFb8g-BMLF8qKHDaiv-eUlsqIQNjVlE9RwIQQCIpY0P_dwHd1Gnk4KJdWWuQwsMvYd3Fe8cxA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20196
last-modified: Wed, 01 Mar 2023 15:15:52 GMT
server: UploadServer
etag: "b0ee8431d1d6ab536d0b7db7fcc20162"
x-goog-generation: 1675872243813566
x-goog-hash: crc32c=t+saKQ==, md5=sO6EMdHWq1NtC323/MIBYg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 20196
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 onsite_bda9c9f9310c72a80bd530888378f236.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 164 KB
35 KB 32ms
31ms Script
text/javascript 34.98.72.95

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_bda9c9f9310c72a80bd530888378f236.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 98cb2f58c80faff9b6cd08f75a63eaf3571569e011d550c56274586fd65d0547

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 03:59:54 GMT
content-encoding: br
age: 75497
x-guploader-uploadid: ADPycdvhvRBGgWWCHEgQ-ldeuQ7oNBc4VqZbI8OPRlL5TPEMoTtyz295Q9DiohwsVr_xnxq71LjVU6hGcvs6-QJnbxF3yA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35592
last-modified: Wed, 08 Mar 2023 20:15:49 GMT
server: UploadServer
etag: "42c29dc404d880318f79b649ce995916"
x-goog-generation: 1677532366098274
x-goog-hash: crc32c=j7e0Nw==, md5=QsKdxATYgDGPebZJzplZFg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 35592
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 1049256285582240 Show response
connect.facebook.net/signals/config/ 528 KB
151 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1049256285582240?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

40411dd870b711d1d1a875937f9b5421fadc2f55de32a26ea9a237821f1b2979

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Mar 2023 00:58:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 154116
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pMZF1XVPYpRKmEcqrpzthOUa1OQmkGyTXRNPQlwmT1kAkJ+p/ksDBbYbAbiYEjGL0HaccH5rbaKBhgSwLvGQWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 30ms
29ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=255663235586551&ev=PageView&dl=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&rl=&if=false&ts=1678582691369&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.2.1678582690515.1019515181&it=1678582689939&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 12 Mar 2023 00:58:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/
www.google.com/pagead/1p-conversion/1058244264/ Frame 5C85
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1045168478&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKi...
https://www.google.com/pagead/1p-conversion/1058244264/?random=1045168478&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKiNzvgD&hn=www.googlead...

42 B
108 B

50ms
49ms

Image
image/gif

2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1058244264/?random=1045168478&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZJaPAcq-NYyKi-AD&cid=CAQSKQDUE5ymVYtX9qh25uud5MEixNG-5OcWMfNxtdCimR3MlmRaiIOoHM0b&random=4163895231

Requested by

Protocol

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1058244264/?random=1045168478&cv=11&fst=1678582690921&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=bpbZCOvHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZJaPAcq-NYyKi-AD&cid=CAQSKQDUE5ymVYtX9qh25uud5MEixNG-5OcWMfNxtdCimR3MlmRaiIOoHM0b&random=4163895231
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/1058244264/ Frame 5C85
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1592691493&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKi...
https://www.google.com/pagead/1p-conversion/1058244264/?random=1592691493&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKiNzvgD&hn=www.googlead...

42 B
108 B

47ms
46ms

Image
image/gif

2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1058244264/?random=1592691493&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZKyTAbGgoPMP36mlsAo&cid=CAQSKQDUE5ymS4wBtdtCGwAUbZQooh6EgFOLgBRQz1W53n_a-FnBXieoOKKW&random=2402114485

Requested by

Protocol

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1058244264/?random=1592691493&cv=11&fst=1678582690925&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=nfiaCOjHocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZKyTAbGgoPMP36mlsAo&cid=CAQSKQDUE5ymS4wBtdtCGwAUbZQooh6EgFOLgBRQz1W53n_a-FnBXieoOKKW&random=2402114485
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/1058244264/ Frame 5C85
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058244264/?random=1320560557&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKi...
https://www.google.com/pagead/1p-conversion/1058244264/?random=1320560557&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKiNzvgD&hn=www.googlead...

42 B
108 B

48ms
47ms

Image
image/gif

2607:f8b0:4006:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1058244264/?random=1320560557&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZOyUAYuSoPMPns2I4AI&cid=CAQSKQDUE5ymb9MjK3NLinqbwTTjrQUa3Cnm_0P6t39jFRLpwqTiZuux4xIK&random=3651719995

Requested by

Protocol

Server

2607:f8b0:4006:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1058244264/?random=1320560557&cv=11&fst=1678582690927&bg=ffffff&guid=ON&async=1&gtm=45be3360&u_w=1600&u_h=1200&label=sWmGCO7HocYDEKiNzvgD&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2F1782317.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOWsy-eX1f0CFaMKaAgdXhQDUw%3Bsrc%3D1782317%3Btype%3Dunisam17%3Bcat%3Dsamsu0%3Bu3%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Boref%3Dhttps%253A%252F%252Fmail.amazon-service-tooklits.duckdns.org%252F%3Bord%3D1%3Bnum%3D8219307388414.78%3F&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&gtm_ee=1&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oyMNZOyUAYuSoPMPns2I4AI&cid=CAQSKQDUE5ymb9MjK3NLinqbwTTjrQUa3Cnm_0P6t39jFRLpwqTiZuux4xIK&random=3651719995
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 2F05
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1678582691379&u_scsid=50b2323f-f473-45d2-bbb5-18f2fa5c5e8b&u_sclid=746e169d-f894-4d26-8903-3335a2e5aecf
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1678500838647%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1678500838647%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1678500838647&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b

0
18 B

76ms
75ms

Document
text/html

35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1678500838647&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Sun, 12 Mar 2023 00:58:11 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 12 Mar 2023 00:58:11 GMT
location: https://tr.snapchat.com/cm/p?rand=1678500838647&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 204 unrenderedCreative Show response
samsung.attn.tv/ 0
89 B 97ms
89ms Fetch 172.64.150.25

General

Check archive.org

Show headers Download Go to

Full URL: https://samsung.attn.tv/unrenderedCreative?v=4.17.4&r=&id=8ecc133e7ec24abbbda214f43a7b3b98&pv=1&l=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&w=1600&h=1200&ss_ref=ORGANIC&m=marketing&m=live-sms
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.25 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 14
cf-ray: 7a68165d7b9da1ed-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 targeting.chunk.js Show response
halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/ 68 KB
18 KB 28ms
28ms Script
application/javascript 2600:9000:2510:9200:15:e09:8a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/targeting.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6528&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:9200:15:e09:8a80:93a1 -, , ASN (),

Reverse DNS

Software

8b4a86d5-4fe0-72c1-0175-b448e3a65591, AmazonS3 /

Resource Hash

9060b1ae968610cd2369fea7dd1981ccd8b0e07c8de9324ce9864a8f024ac156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:32:16 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: null
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 213954
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Mar 2023 10:22:23 GMT
server: 8b4a86d5-4fe0-72c1-0175-b448e3a65591, AmazonS3
etag: W/"f7e706f43e96dca8c403e3dce9595336"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: djMU9LzAVOpFpAdX84PwoAXmsvPxgXd0DcaLzpoupl2T1Y5YHxdSfQ==

GET
H2 200 notificationOrchestratorEmitter.chunk.js Show response
halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/ 20 KB
8 KB 30ms
30ms Script
application/javascript 2600:9000:2510:9200:15:e09:8a80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://halc.iadvize.com/static/livechat/ff341c003c0e7cf9946fd502df628856f99e088b/notificationOrchestratorEmitter.chunk.js

Requested by

Host: halc.iadvize.com
URL: https://halc.iadvize.com/iadvize.js?sid=6528&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:9200:15:e09:8a80:93a1 -, , ASN (),

Reverse DNS

Software

cffa517a-16e0-fedf-3cec-434f109c4880, AmazonS3 /

Resource Hash

17ceb3946f81b874977b308b8d9274a8558e22ecbeaf2ad8f98ce75a054dc7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:32:16 GMT
content-encoding: gzip
via: 1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000;
x-amz-version-id: null
x-amz-cf-pop: JFK50-P5
cross-origin-embedder-policy: require-corp
x-amz-server-side-encryption: AES256
age: 213954
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Mar 2023 10:22:22 GMT
server: cffa517a-16e0-fedf-3cec-434f109c4880, AmazonS3
etag: W/"f0f7e63d81ab5a1e8dd4b0131f78e3ff"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: psqNNz1kXSS6f9bqXouzZw1qWkVZXgRRukTgRxCLkRP0kYoo8rR5RQ==

GET
H2 200 s47485461425508 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 48ms
48ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s47485461425508?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&events=event102%3D0&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&v9=green&v10=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Egreen&v11=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Econfigurator%3Egalaxy-s23-ultra%3Ecolor%3Egreen&c15=D%3Dv9&c16=D%3Dv10&c17=D%3Dv11&c25=logged%20out&v41=0.1&v46=false&c57=D%3Dv46&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v104=configurator%3Ecolor&v105=green&v106=select_color_green&v107=ut4.46.202303101941&pe=lnk_o&pev2=green&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

9f0e33ea0f42cf1b7c9ddfd419a2e326f5e4acd07191cd970d31eb302ee4d8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: BNrD8YvkTLI=
date: Sun, 12 Mar 2023 00:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1405
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v045-0257901a4.edge-va6.demdex.com 8 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:11 GMT
server: jag
etag: 3604728882416943104-4619772441723602903
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:11 GMT

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 3329 2 KB
1 KB 29ms
28ms Document
text/html 34.98.72.95

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 77978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 1073
content-type: text/html; charset=UTF-8
date: Sat, 11 Mar 2023 03:18:33 GMT
etag: "5031d168ae9c52fda41762d5042bfd0b"
last-modified: Wed, 08 Mar 2023 20:15:24 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1678306524792761
x-goog-hash: crc32c=Wuzmtw== md5=UDHRaK6cUv2kF2LVBCv9Cw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1073
x-guploader-uploadid: ADPycdtY5B-5X_xpL1287gsq98904i3YCZrpLQZaX_KokGkBSHG9_sEc5ZK_cgJO0xm_LLE1BVLeQwczaBBXXASCAOq_7A

POST
H2 200 events Show response
fbcapig.mkt.samsung.com/ 0
133 B 610ms
83ms XHR
text/plain 2600:1f1c:8ab:1e01:b35c:611a:73de:7d10

General

Check archive.org

Show headers Download Go to

Full URL: https://fbcapig.mkt.samsung.com/events
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f1c:8ab:1e01:b35c:611a:73de:7d10 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
date: Sun, 12 Mar 2023 00:58:12 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

POST
H2 200 events Show response
fbcapig.mkt.samsung.com/ 0
134 B 607ms
82ms XHR
text/plain 2600:1f1c:8ab:1e01:b35c:611a:73de:7d10

General

Check archive.org

Show headers Download Go to

Full URL: https://fbcapig.mkt.samsung.com/events
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f1c:8ab:1e01:b35c:611a:73de:7d10 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
date: Sun, 12 Mar 2023 00:58:12 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F990 0
18 B 30ms
29ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mail.amazon-service-tooklits.duckdns.org
Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:11 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 52CE 0
15 B 30ms
29ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mail.amazon-service-tooklits.duckdns.org
Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:11 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5EAF 0
15 B 34ms
29ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mail.amazon-service-tooklits.duckdns.org
Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:11 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 smartrems.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
39 KB 41ms
41ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c9f823e545a9686e974826b0568a53a651eff347af2f7abae879ed0a5ba3dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1307
etag: W/"6408cc49-21d47"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a68165f895bd14f-BUF
expires: Mon, 11 Mar 2024 00:58:11 GMT

GET
H2 200 s48896280933275 Show response
smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/ 1 KB
2 KB 44ms
43ms Script
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.samsung.com/b/ss/sssamsungnewusdev/10/JS-2.9.0/s48896280933275?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F2%2F2023%200%3A58%3A9%200%200&d.&nsid=0&jsonv=1&.d&mid=77729988410026120510445973534877820543&aamlh=7&ce=UTF-8&ns=samsung&g=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&cc=USD&events=event102%3D0&v1=en&c3=smartphones&v3=D%3Dc3&c4=galaxy-s23-ultra&v4=D%3Dc4&v9=sm-s918uzgfxau&v10=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Esm-s918uzgfxau&v11=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%3Econfigurator%3Egalaxy-s23-ultra%3Esku%3Esm-s918uzgfxau&c15=D%3Dv9&c16=D%3Dv10&c17=D%3Dv11&c25=logged%20out&v41=0.1&v46=false&c57=D%3Dv46&v66=D%3Dc25&c71=Buy%20Galaxy%20S23%20Ultra%2C%20512GB%20%28T-Mobile%29%20Phones%20%7C%20Samsung%20US&v85=Windows&v104=configurator%3Esku&v105=sm-s918uzgfxau&v106=select_sku_sm-s918uzgfxau&v107=ut4.46.202303101941&pe=lnk_o&pev2=sm-s918uzgfxau&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=48855C6655783A647F000101%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.547.js?utv=ut4.46.202206301949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

9a1a5207f8de2df3aaa48922ff264465bb8573d95a7acae7ac4a65bfb6948ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-aam-tid: /8TdatXRSKg=
date: Sun, 12 Mar 2023 00:58:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1405
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v045-0e73e8ebc.edge-va6.demdex.com 6 ms
pragma: no-cache
last-modified: Mon, 13 Mar 2023 00:58:11 GMT
server: jag
etag: 3604728881545609216-4619798239902854574
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 11 Mar 2023 00:58:11 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 470 B
829 B 128ms
69ms XHR
application/json 34.107.191.194

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=242139042&GCS2=YmQ0ZmFhOGItNWQ1Ny00MWMzLTk0ODMtZDIwYmQ5OGNiMDQwLmxvY2Fs&pe=false&wsid=3842&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3842%2C%22loadID%22%3A%22qcQQUZTieTZpc7G%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A163%2C%22IDStageStart%22%3A163%2C%22obsReqdata%22%3A433%2C%22obsReqview%22%3A434%2C%22obsReqpage%22%3A435%2C%22netComplete%22%3A710%2C%22IDStagePrefire%22%3A710%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf43272997feb4369e612064804ffca7ab2592f5d3ca9f0680d2e65cef0490f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame 0707 1 KB
726 B 38ms
38ms Document
text/html 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=67f89c3
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1306965
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 7a681660597fd14f-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 12 Mar 2023 00:58:11 GMT
last-modified: Fri, 24 Feb 2023 21:55:15 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 277ms
84ms Ping
text/plain 54.186.225.219

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.225.219 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:12 GMT
content-length: 0

GET
H2 200 3772.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
335 B 34ms
34ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1285
etag: W/"6408cc49-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a6816605980d14f-BUF
expires: Mon, 11 Mar 2024 00:58:11 GMT

GET
H2 200 5121.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
306 B 42ms
41ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1285
etag: W/"6408cc49-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a6816605981d14f-BUF
expires: Mon, 11 Mar 2024 00:58:11 GMT

GET
H2 200 874.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
224 B 35ms
34ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1292
etag: W/"6408cc49-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a6816605983d14f-BUF
expires: Mon, 11 Mar 2024 00:58:11 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8C01 0
15 B 29ms
29ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mail.amazon-service-tooklits.duckdns.org
Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:12 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 lookup Show response
pd.cdnwidget.com/ 49 B
178 B 126ms
59ms XHR
application/json 34.149.130.207

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.cdnwidget.com/lookup?deviceID=2MtMzxoREx7tTTYkKffGFRmnAhS&cookieID=2MtN014OLv6t2xwgzHLO87w06jW&bxwid=3842
Requested by: Host: mail.amazon-service-tooklits.duckdns.org
URL: https://mail.amazon-service-tooklits.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.130.207 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
content-type: application/json

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 2 KB
2 KB 220ms
51ms Script
text/javascript 34.111.8.32

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1889&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2ADgFZSAmQgTiqP02AC8QoAGTAdwFMAjHKmC8A+qgAmUAMykALFUwAnXjhAAbOGgwFCHDgA98Vfct4xeSlUqjYAhuvWoEAc1Fwl6qAAtgwAA44AKTSAIJBVABiEZEAtnao6gB0dvFsCAC0OJYAbqhIvBmgIADWTsA4SRJwSCUSCJUgSi4xmHlCwKJIIKWovFBBxABCEVTq-qMh4VRUvgHBVORhEeRRK1HxiSlpGFm5+YXFZcKV1bX1jc3r0TMRAMKjSpPLt68PM7wGz6FEZJRycloRGkckGABFsD0Sn0BsNRhJJN9RsQFERaIRpMRyNjSPhyHJ8HJCJMqO8qHkJN9fhRqHR8LjSKQOLR7qMcki4R8cpZROoQC4XLwJOIEN8YA5sqyZkg7EpOjkHHBeN8OFKqP4lCBhQhUsrbmFxepJaTRjK5eIRLEFlQpobjWTUPwDF1ZZ0QPwwGKJXqyWbOtlgF6jT7Ro7nRreDlxJT9aE7SGZmHRBGozgSnAg-bQ07RHZgEho5mE1Q-UW1XyBUKRdHeAg0DA+jGbQbvWrgEo7BIxM5RDhgHm4Nbba2TdLXcnNWdOuLYokAJ5l0fquwICR2UQNlRN4fBtUqbJKbldECxfzqXgiRe+8cInDdRCdUD99RX0a8fz+UTcpSoBtC18fB+NZ1r+jYAVQ+65GIsQYMITTgbwp58nOvBiBWgrCs4ZbEGCaoSC4kSoEofYADIgJ23ztkqao5AgL6xkE5AjOQuFLt4soSAAkqxzbTDMACywAAHIcISADyJE5IQwBUAY3AuCwAASJFiaQxDcBwhBgAA6iSZJqDAwDcUiMxUIJ-EsAYIAAEoAKIGMQwAACpOQAmiUADSMAwAA4pE1mxAgoTeAAynp8ItAxnJUKgOAAAoqHkICDncg6gLEljgbFIVwIISA-vwmWxvG4Lgm0so4AA2uhVbOAAurA3rlcRlWRjyNWYQgDXxs1VV+qIACOwBzg1XAKi1-UKpovCjb1lUalqE4HN1TXjVVC3arqK3BnNPZ9iAtTbdkc39cIiE4EdvBzdwJSri65qoPEgqXSdUJ9KIMFruoE6qLWwAvWtlVJv17pgADFWVf1Abgy1SYptGMNVXDiW9umiNAzmeYFpI6N+ujG01P6uUyiILhNCNjU7YD-jeBgYg6hl+O0wg3ZPWIHjqOj7adt2CCiF2eQFKI-AdquXMdl21YCwcogMzNlPHYD3OSz20tC49diCu4njizzUuRjLt73nW6MddWkh-aBQr45OhMuqT5Po7wSA41AxDu1QtC0IyBL6DQxgcOQ+AcAC5C0MQ0hLHIalkCY+LSBEY0Q-4msXnO-jyyTvBk0oc5zcrvO9v2wCDrj44EygG6pPO6MsKgn7dJLMDJWLCtXYDyEOMNRcDhdbcnbKP48tk54oNbUBORk-Huok7fJyua4bkR489YDkGHmI3RIRe8urxDm59vdnQa89-eA-1Rst4+IDPk7QHflbEh35+FsgX+T9nxD69HjBCBwUoTskIgBQmhfkGERRlysH0JQwsVwswAWfLsMBIbjimkqWaOQkEoIepaPuq8sHA3HKDAGWCoYXhIeYDG4YUau3wZQ5GkZUZwAocgvGiDKEF2rH2XuLDsGdArtOau6gKZ0OQSnVc65Nwr1WqQm8sVjbX1vuw5B74X5djfo2F63RehiGKLyWUgp+78H8JwTAF4TGVQAER+ksQAGmsXmbO5M7HWO8M7EoyVgAuNphlFxAiXHZFlEgbwli6qYH8BUKAWcc55y3meVAK4hYwHUJrWwOR2K2HYkoTCUgzLCVEnICSUkZJyQUspVS6lNI6UwAZY+uTzKWRsvZRyLl3JeV8v5QKwUQpAA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541616b2881193eb92563d52dcb8813d5897bb829e45e33c5df6543f1418a69d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:12 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 12 Mar 2023 00:58:12 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 18
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F7E5 0
15 B 29ms
28ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mail.amazon-service-tooklits.duckdns.org
Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://mail.amazon-service-tooklits.duckdns.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:12 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
106 B 118ms
48ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJfJZGenpVOUYNNgBlFAAzFCQQJ3pXd1UAMlAIGCQEGuQepBwO8ChoCj4eNFN0BFgkUhw0yEhTYWpm4xp6Oi26LJQyRhR9ogJMAFpEJFB4hHPIAgII8MgwRl5YRN5MN4IkNF2tGGXWgPTABFIsEgIDOuhwklUzGYwNGYIhUJhmAAnvCdMjOqN4vAHllgPUQCgbJYwDhKC5tNRSAQ0BheAB9Hg0ajyTbUah1UiILkhLkIYDINlMlkIdmcvk8rkCoXy6ihPnxeqQNkAR0gWOFcl5OmFqq5GqQWrJkNy3MNXNYKrV1FMmXZLpAtwNRqVNpFfJdBHZmGOvrtfJ9JqdPDZYAeiS9ipQgt9pvVmo5kAQWTWtu9SeV3NT1AEET4bPNWpA+wwCfD+ZTTvijwiIAQbKygaTbJdCEQ2Fr-Prka5IBsunL6YINgAVgOI46zenEJA50OF3zR+Oe8AObxV8nhxux92ejuwBFYPuC37qJu2ShIPFd1eG4uLS-D87XZ8tWBYDYNUzNA-n1eUw0HA912dNIzjbYMcg-KDTBgzA2yrGY2TmUhEMLJ1IFQXg0MwNlCJuNsbFQPgcJvfCUEIjliNIj04JDaii1o+joyY24OWrNssLYvCCKIkixWYkjwCbWB+zAvNINwrkpVZBjdywaEalbPdZMTeSbwDD54i1QCEGApBQNzHTryLBIQC0iy+RcRzqAATmcgAONz1GkZhqFUSQdHoaR1HUehnJcORmnUNzHLcgL1DkNhP2mDA9VMUMjWM0zzJo4SVNjB94EEt8tX0n82TqLIyGy8D5wUvkSFMctAzbGoCGkuyFTrXSiyZLEkz1GNIAKnNOogqzG3qBoJUQSxDJlAcxHOQgbDIV9-RQPgUHKkAeg6mq1zq6gwWQcUmqyCwEEzIrwx22MJwtXiZmu6gKwksApOwNkHiG7DtK68bRXMNlxQaDT5r+sa1uoBAgdstSQDBva5IBvljuuNsO0wKA-merMLAILEEDbJSZQY57zSmpA2RsDbUKQaiXAAERRGAmyeVtaXpLleFsgcXHUagEWc0oXGKeg3MkegvPUTwoNAJGERcNzxd85zqA8fnJASotgATLmmZvXg0FoW7IACAg6K9fDYFyJ1gEwX6LPoJR6EZm80nqXgAEk3Yh6g8EgERmEkdQAHkAmAVRIGoXQBDQIgfACUPooEZhVGnThP3BGpIB9gd-cgPAiF0AgACUAFFdBcSAxDEABNCI7BqGoYloUuskwYw0kqT8jb1hlwAABVPGF4GCYlsmQL15yjMBKn-d6GhsKfZIjA2ixqYAV1kxXldi1Q1ZvFACC9B0nVIUwByWFY1g2QFAX2Q5jhQU4LiuMj7mbF43gMiJvl+f498oIoBGoaM+XJgCmF1jvQ2A4OpFnphDT88Qt5el3irA+h0IBI3OJIG8aB4iINzILG8WRT43lIKgneqglYYMPkzNo8BkAzGwNACiggrg4HSJkHIjCrgsJgCDCAZx4QFBkMUUo5R1B8OYRgVhFgHytSQFkHAKh+BCCkMiJhqA5EwG4pdLEaUcCEXPA8UwbQiSxknkgaAHt3pnBBpmXgOBkQYAINAD6+EsRNkIjgAAqpUNobiPFtWwGZHxCA5D+MqMYIJCB3GeLMvBBA-isZOKqENTMYA4nuJ6GgTEOARB1xyaCEymJkmFIQAINgdc-gRBKfEKAOIFCwGbkmAgJTTAEHyqQCJ8IBY+QaWcaEqFsB9JELEjsvjkQCFsF0BAtkcByE8tQFmiz0H7zVhrLycg2j6MWfzQWB8RZiwllLEO7RkpiSqestoiBtQ20wLcRZyJ4jhDUtCHI+VzrwhoXvVW6tnKvPedgFApgQBCIKUNNAuz9HGLaFcr6hiUmZRAnctqSBbg4FmTYNoAicDaPRTnXcOAC5FxLhXKuNd66N2bq3dundu5tA9kgWUziC5BxDuHSO0dY7x0TsnFwqd06cCAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 8
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
174 B 104ms
35ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAtiDOgHQhMBeA9gHYC0hCKlgBjCP1zduAa3QxchVgBNkomct5LuqMPQBkoSLASJRyQlIZQQqGCABG6CIUzEA7ACFqVdNzCQygD6MLw+ZJRUVABmIOhC4VQAwj7QwkF+ARDBoeEUPrHxEIkpUaK2uEEAjrgAnnmRVAAMJT7lqJU26MjFURE+LX3JPsCo3MGjMOINBXEJQ6VUo+NBvBy9VP1RhfObw1GhQZbc6jPbcxvUi+2VChAMJH3550WtUfAyvME3IUyQZzELm8qKJpDI4EEGOM4kFRi4ILxcACdpd9lQYA4AB5BH7cBwAK2RQIWbQqRwgSKejRRwIx2LhUBCyiJrxJByxsNQ0COMmQLN2Vx8dKCIFwoiZ-NR1wqkuBy1UokqhGQDnKuAgYB09Sps1Ze0WwGwfAgq3WsrZSyNvBNMD+JrQ6HN+p8uFQIGUNt4QQ9YhNDjdXydgqirvdnu90CmJrWDEuz0BeuDVFDHpCXp9Ud+4HtGCDaJT4Yz4m9MEIoOQiLzi0ygTTTIRuBg0TgzJ1LwFaPlakqao1WqrqVEMFbm3j7nHVAAnJOABwzgAsAEYmk0qAA2RfNACsy-n863k-cpC3pHnM-HM+389I1EGzqiRgptWAccavc1qG19+TbtTh0sooWAOZRkl2ipBLEDAsF+WwJh2iycDAwA4uMJrRNwFYjrBNIWn4tRxHURy4IBjyjtSxLfu0djpEIziKtkAIACr8AAsniLBSiMIBfCAEEwFyWHxjh35ckIIgmqCDDAM46rATE-GWDiZK2tmck-MopbloiQRSMRjptnBnFRBAwDIVAwhNi2ckmchw4NpZDEGcJSaicI5mQnwCg6NZUl4RAJo1tkaZqbY1GoEEDjcdaqBBu4AAihjZiYSCgrIcCEDAnAQJgM5bvOiXGHAKXcZ55RYHgBAkM8dC0PAdWsIQHDKrwYCsJJ9BAbQhBMB0hrGo8NBgHEICYrUghUKQ-DIOgob0A4yDaoNw2jeNk3TaG-A7lQYAOFNvB+Oo2SCAwgiTouM7IJwYDRJiIAgAYknAGYUmYE0+iPYgYrRK973cFJKCEMAP1Qh6P3wBADgZeqw6YKQC5UPosBQzDi5ru4uWXmuk4TWjS6kPoRYQDD7jzlQqOTmupDuFuNMzoueWLvOa4FZGCAo-oQhVD0vDiOzojyA2jaxgBL2o+jW6Y9jpCTvl-NwIiIDADA5moBlfCYMRYD44TmDKCzOnPtl75ahzGGoOImDgw4+jZoimAWMIpvRLcyiYFQLG4CxnCYtwABKACimLuLgjGMQAmjIADS0TRAA4jQvsMLw5DYAAyvo2C2Dkrvu7gAByTSMwA8gAMlAa64FQmLwGAnAABIl0X57wE0a74gA6kAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2

200

hash.gif
pix.cdnwidget.com/
Redirect Chain

https://pix.cdnwidget.com/redirect?CID=2MtN014OLv6t2xwgzHLO87w06jW&DID=2MtMzxoREx7tTTYkKffGFRmnAhS&v=&iv=&deviceid=7421696375558154146&visitid=1678582692367413&wsid=3842&apikey=2^HIykD
https://pippio.com/api/sync?pid=5749
https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none

68 B
635 B

55ms
54ms

Image
image/png

34.149.254.212

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
Protocol: H2
Server: 34.149.254.212 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pix.cdnwidget.com/hash.gif?md5=none&sha1=none&sha256=none
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 202 graph
idr.cdnwidget.com/ 0
100 B 111ms
52ms Image
text/plain 34.149.130.207

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idr.cdnwidget.com/graph?cookieID=2MtN014OLv6t2xwgzHLO87w06jW&deviceID=2MtMzxoREx7tTTYkKffGFRmnAhS&bxdid=7421696375558154146&bxvid=1678582692367413&bxwid=3842&gm=true&apikey=2^HIykD&loadID=qcQQUZTieTZpc7G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.130.207 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 id_sync
events.bouncex.net/track.gif/ 42 B
106 B 36ms
36ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/id_sync?id_sync:id_type=sid&id_sync:id_source=graph&soft_id=2MtMzxoREx7tTTYkKffGFRmnAhS&source=web&agent=cjs&deviceid=7421696375558154146&visitid=1678582692367413&websiteid=3842&pageviewid=1&sequenceid=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:12 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H3 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
1 KB 55ms
54ms Script
text/javascript 34.111.8.32

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=2045&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2ADgFZSAmQgTgGZqAGTYALxChYHcBTAIxypgvAPqoAJlEYAWKpgBOvHCAA2cNBgKEmTAB74quxbxi8FShVGwBDVatQIA5qLgLVUABbBgABxwApPQAggFUAGJh4QC2NqiqAHQ2sRwIALQ45gBuqEi8aaAgANYOwDgJEnBIRRII5SAKTlGYOULAokggxai8UAHEAEJhVKq+w0GhVFTefoFU5CFh5BFLEbHxSSkYGdm5+YUlwuWV1bX1jauRU2EAwsMK44vXz3dTvHqPwURklDIytFRGKRbsNUDhRE4QKJMjghBhPjA7JkQVMwRDfNDlHCEAikbx+gARbBdIo9PqDYYSSSfYbEOREWiEejEcis0j4cgyfAyQjjKivKg5CSfb4Uah0QEkLn0FGCmkUt5ZcyiVQgJxOXgScQ464hRGqZH84ZIGwKdpZOxwfG6yZGPkC3wKEBahDJa1UCb6w0Ck1m8QiaJzD1PKhe92y1D8PQdU3tED8MA0qZh+3G2OY4BJ0N41OoqOiR28LLiYU24Ypl6g-OF4s4IpwLMVj1GvPRmzAJAl3EG60+2ONnOVqaq9Wa7Ul3gINAwHql4PBCsC4AKGwSMSOaHAdtwIMTcuD5t9v2O51VdqI6LxACeA57uaovhsCAkNlEM6Uc73yYPsqUmQUSodCA0S+KovAiN23ppn6VI4J0iDtKAW6qLehqHsMvC+BiSoKKgM6apBvYYVhE5Tnhs6oeGLZUH+2RiNEGDCA0hGyrwIGqlevBiCOGpao4LHEASsoSE44SoAoODAAAMiAq6fMuVqylkCAoWW5BDOQQnUZ4poSAAklp87DFQACywAAHJMNyADyUlZIQwBUHo3BOGwAASUnWaQxDcEwhBgAA6veKgwMABlZqZwAmWweggAASgAonoxDAAAKqlACaRQANIwDAADi4RxdECDBJ4ADK94ifKQyojgAAKSg5CAO43DuoDROYLHUWC5VwIISC4fwXU2imgmyjAWSZjaoqUDQAKyjYICfEwsqjFmMz+EsTzLFcu3rIkyQ2KkOwAXsBQkqUxxVDUdQJA0TTzCsQ5UDYu4hKt1FZL4WQisJWaftRDxls86FTEgU0iiQYrzWDVBCJ+IT4LKTiDZ8VDI9R0QrWtkMzdDc0SoSLSmjgADaPFjo4AC6sB4iTElk0WyqU3xCC02GDPk767QAI7AFetMsBajM86IFrqLwQtc2TJ5ao6ewc-TIvk3Loiup1Ss9jLG6SSA1Ra5kMti8IbE4IbvAy9wRTPjGfqoLEGoW8bJI9KIDEvqoBa0VOzsq2TkbRmL8ZgH7pNk2LmTAGHjOB97RYljH5NxzW0L1knAf5u2naSBnPMZ3LZ7Qv1JoiJCCiC3T2v+74ngYGIGtS1XRs13XCDro7YhuKoGfLqu64IKIa45Hkoj8Cuz69yua7jsPezq26U-97PRbzw7Ngaq47hLzPG5z6PsHwb7zeW-7rPjpIk7TrOBdOic7Sl7w5eV5z-u8EgudQMQ39ULQtCkKQLkugaCGCYOQfATA-jkFoMQegCwZDeTIEYTkMojAy0fBqAWvgm6P2fjLPuu9B6SW3ObE+xt0yFxQG+ZI14M5sFQBiToM8YAtUnmQs+IArx2AFpuEhedTS4WVJkMCKBNS01SmkEy8Z4in3Do+Z8r53xiPYeHWiAExCdHYuBJur9w7vkknbdo68nYqNFumQ+rDEIgGQhnTC2FzDkWUboxmdjSLXyccrVRyg6Lu0YqABQtj2KcK4iqNUvFtT8IsD0BQY8nztwCWQzo3QxCFBVKaDUZD+C+C4JgcC2SyYACIeYFIADRFPbE-BoV5SlFM8O-IoLVgA1Lrp1GplCmllMyKaJAngCnU0wL4MoUBcFVOJOxVAT5R4wFUBvawWQdI5J+pIAgihVBYN6O-SQJSMHgSvNgkpvpBExOEe-EQEhVmNygCLCZ-AwKYB0goPiUhIqWRsnZByTkXLuU8t5Xy-kAqYBCkY55ZloqxUSslNKmUcp5UKsVUqFUgA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_f8216d0602277e8f456d8bf82fa4aa07.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b27141b6f9ad71ffd72023164939ccdaf2385050d99abafb41327c8ab47e04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:13 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 12 Mar 2023 00:58:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 20
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
60 B 36ms
35ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHyDBhAwA+miy8erAMwBBSQDMoYHCEm8AwpJAUQwEQKGjx6uYuWr1PLXwTASIgI4kAnqfl8ADFZs87DqjBCNT4ZDx5vUOtJZGAIUVi0OBCpMz4lFRTNGLjRLCQstJ4MyyjfcRFSCDgAa3dzTJ9JfzESEEQcevSLLOi+AHcarFEWtEQoIS7inqbbCAgatBARRHjlEVimECwSKZLe8roADxEWiDoAKz2ZsubqB1Vd0KL92Z40Y43QCjEYa8bbnwPidNj8cDVCP9SlI+u9PlASHBflCDnd7Ci3rF4oQ4A9CHQEG0MBBgG5nuFXoCeMgABYQLDLfKIQoUm4w3y0+nLMYTZaEYBgDFUkjAWDcrAiGA6JLLOii4ZC9mSEVisQSqUUGUiJkshrQ7J8FVStWS6XJMTjIQifmC8l61GG0XGioarUwNA4OAQQg7RUG-gQQTCE1oKU7NAKJZ-O3dAFKvhYmA4hyEkDE0l+2EgOChqbsfM8ACchYAHCWACwARk8nh4ADZKxEAKzV8vlpuF9jSJvScsl-Ml5vl6S8SLx6m81zIXW2BFpklk8dG8WVEgI4iZ3wtRPJkRKRBoMCLsL2t4ALzQyFO8WWCm9Cpj0zj-sgLmUrlX686j8p47sND0SpwGzNpo1ScIABUAFoAFlzkPB0J2GKA9zQUAwJPWN9VhUBVGAXRrxQRg2k3RQ0NIU57gtXlSNnexJQ9L0fQcMg11tcDTypEBkCvXQaEjYRaJ4bir1DbYSAjKMhNwvQCNWLA0DIYAhPaZBXxAZZDGDEwfzZf1-yWfQ6CgLAGWU3Tn3YAARAAyUBIFgBAUHQbB8B1ZgqBoehGDs8BoHgJBUEwXA8CnEBmGzXNrFQIQws0AzANURhcWEGzVilZhPBs-oQDoHBFJAUNmGkCseBszV8okmBmErOt2BLJtBzrQseGkOqq2kGzXWSIr2HLHhasLOtpHYJsxpLSsmyrcs6xsmLpRAfoisrGzVEcYIsB66qyrgMAlh2CTmVIQKarqhqmsLErWps3b9rXZA0D4-L6WYNcME67rwpgObeREMLmFTdMXFW71gGSZgcroGzeR2ZhiD0EGFAcIqeBgkgYLPI4IAAJQAUSOdgSAgiCAE0agAaQUBQAHEADFscQLBZBpABlGyaWoYxtrRgA5TxK3LAB5AAZCg6xIHgjn6DAzwACWFwX+36Tw6wuAB1IA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:13 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 utag.2028.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 5 KB
2 KB 26ms
25ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2028.js?utv=ut4.46.202303101941
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23f62c737a250376b41d6d5ee40dbf4d20e9082a149e0869ba239bf76f1748e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: CTT5oOKbRxLlT1ipwpqnq0xJbtup7klM
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:57:02 GMT
last-modified: Fri, 10 Mar 2023 19:42:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 73
x-amz-server-side-encryption: AES256
etag: W/"9fa2e6835e2919fe286ccd56f9b27c31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EGY4Nv1jV_JyHNJYDvqM9U_8Awv8ifnsN37rYaHrWC3-f3ghTeL1lg==

GET
H2 200 utag.2907.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 145 KB
12 KB 27ms
26ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.2907.js?utv=ut4.46.202303101941
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c85b515c3c699c5ee07e47fd538adecf7fc6a678adb24ba2ccdb8fcf10bf6b1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: piCGu2JR_eZg7J8FUwQhnk2dqFBdbzFo
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:57:56 GMT
last-modified: Fri, 10 Mar 2023 19:42:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 43
x-amz-server-side-encryption: AES256
etag: W/"19a6147b6f7c4997d077975cc0f08669"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HwOETpiIYyB3bBU8daK_WFZ55f2_vSnfFgOl_6bmkcFAObBKmuUWUw==

GET
H2 200 utag.3142.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 4 KB
2 KB 27ms
26ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3142.js?utv=ut4.46.202303101941
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 431b8a42c4a6d134fda560a76d9ac286b66bd2caac7962f15b1ea9353c33832f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: cvpmsgucwqSTcixCFD2lrkvQKv5eROA1
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:57:56 GMT
last-modified: Fri, 10 Mar 2023 19:42:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 47
x-amz-server-side-encryption: AES256
etag: W/"bb9d707a5d3bf6cc45ab5b001b543511"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IOvlA-ooyMBA5vZMv3UgN0FBkrDoyScnZ_2i3hrocITUxGoK-qwKFg==

GET
H2 200 utag.3419.js Show response
tags.tiqcdn.com/utag/samsung/main/prod/ 8 KB
3 KB 27ms
26ms Script
application/javascript 2600:9000:2511:d400:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.3419.js?utv=ut4.46.202303101941
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b13015300227c45df733ced420616ee50e92b7f4ae74479d667041c7a78c7cc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: v8iNIIlUJRGyPMwuh_Q3VSAbXNc00e7w
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 00:57:28 GMT
last-modified: Fri, 10 Mar 2023 19:42:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 47
x-amz-server-side-encryption: AES256
etag: W/"c30d9694b485ba241e699a1d0697cb02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QZHw-qgjRXppQYPAt_9tusSlHCXXX6u3RVxQdMSsQ9Gx_YM7kuNNlg==

GET
H3

200

activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215 Show response
1782317.fls.doubleclick.net/ Frame 0B80
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=;cat=;ord=7944568027910.215?
https://1782317.fls.doubleclick.net/activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215?

324 B
195 B

45ms
45ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

cc13074aa65c6e0e09161aee9ae67a1ee7ec6c9145496bbde3ef915aa650eaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 172
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:14 GMT
expires: Sun, 12 Mar 2023 00:58:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdn... Show response
1782317.fls.doubleclick.net/ Frame E676
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duck...
https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2...

2 KB
727 B

49ms
48ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088?

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/samsung/main/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7304da3ea1ea336d3d82d2fe133dc58c69d54cd23df0e07b57587a89d65dc9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 704
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:14 GMT
expires: Sun, 12 Mar 2023 00:58:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-servi... Show response
1782317.fls.doubleclick.net/ Frame 72ED
Redirect Chain

https://1782317.fls.doubleclick.net/activityi;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-ser...
https://1782317.fls.doubleclick.net/activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~...

439 B
289 B

99ms
99ms

Document
text/html

142.250.80.38

General

Check archive.org

Show headers Download Go to

Full URL

https://1782317.fls.doubleclick.net/activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1782317

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4fb0496d3a4535029b2388dc265a1394295e2438f893457accb220e648be5e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:14 GMT
expires: Sun, 12 Mar 2023 00:58:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 00:58:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://1782317.fls.doubleclick.net/activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 49ms
49ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=gtag.config&eid=70&u=AgAAAAAAAAAAAACI&ut=ABA&h=Ag&tc=1&epr=1DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 44ms
44ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&es=1&e=*&eid=71&u=AgAAAAAAAAAAAACI&ut=ABA&h=Ag&tc=1&epr=1DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215
adservice.google.com/ddm/fls/z/ Frame 0B80 42 B
63 B 50ms
49ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CLvL9-mX1f0CFYiSnwod3cULgQ;src=1782317;type=;cat=;ord=7944568027910.215?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ Frame E676 42 B
96 B 45ms
41ms Image
image/gif 151.101.1.140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?id=t2_9gd7ik41&event=AddToWishlist&integration=noscript
Requested by: Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame E676 4 KB
2 KB 30ms
27ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:26:37 GMT
Content-Encoding: gzip
Via: 1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 1898
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: mbkq_rljpBmZwB9dQOaZucs_e3PTZoSaqK8EsyjoWrqM1YT3pwcncQ==

GET
H3 200 dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;o...
adservice.google.com/ddm/fls/z/ Frame E676 42 B
63 B 50ms
50ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame E676 30 KB
13 KB 38ms
37ms Script
application/javascript 108.138.113.246

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=COKV-OmX1f0CFUkNaAgd5MQLog;src=1782317;type=unisam17;cat=samsu00;u3=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F;ord=1;num=8256575048066.088?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 09:53:25 GMT
content-encoding: gzip
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 54289
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 13327
x-amz-cf-id: RWhvhsYk0r8-pIXguD0YCtVIaUSn0-BNEYQE34KY8UW52C7KfD4mfA==

GET
H3 200 dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F
adservice.google.com/ddm/fls/z/ Frame 72ED 42 B
63 B 47ms
46ms Image
image/gif 2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=*;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F

Requested by

Host: 1782317.fls.doubleclick.net
URL: https://1782317.fls.doubleclick.net/activityi;dc_pre=CIqY-umX1f0CFfoOaAgdnoQF2A;src=1782317;type=unisam17;cat=pcqua0;ord=1;num=4035547181599;gtm=45fe3360;auiddc=1649324596.1678582690;gdid=dYmQxMT;~oref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1782317.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 00:58:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i Show response
tr.snapchat.com/cm/ Frame 3CFE 672 B
389 B 71ms
69ms Document
text/html 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a035d197-19b1-4d68-aca1-f4a37f434a91&u_scsid=d65479cc-68b8-4643-85f1-03affaf7907d&u_sclid=1d490db9-30e6-4548-91c3-cc8070a45d93

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://1782317.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Sun, 12 Mar 2023 00:58:14 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 7

GET
H2 200 a035d197-19b1-4d68-aca1-f4a37f434a91.js Show response
tr.snapchat.com/config/net/ Frame E676 143 B
243 B 64ms
61ms Script
application/javascript 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/net/a035d197-19b1-4d68-aca1-f4a37f434a91.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

caaa42516a2023d7cf6bd6d7ddf959bd8e0429118ab573b31e44652b23429090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://1782317.fls.doubleclick.net/
Origin: https://1782317.fls.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://1782317.fls.doubleclick.net
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 p
tr.snapchat.com/ Frame E676 68 B
89 B 65ms
64ms Ping
text/html 35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://1782317.fls.doubleclick.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://1782317.fls.doubleclick.net
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 launcher.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 79 KB
20 KB 42ms
41ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ca11d1428bc0be4d01394845ac8038051f9a473d59de50723e29f1d886396ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1241
etag: W/"6408cc49-13dc6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a6816731d45d14f-BUF
expires: Mon, 11 Mar 2024 00:58:14 GMT

GET
H2 200 compliance.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 151 KB
44 KB 45ms
45ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e53cc02ca1113b7ec0bfd8b2ce542c884fab4c8a8fff00eed85a41b4116bc067

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1241
etag: W/"6408cc49-25c34"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a6816731d46d14f-BUF
expires: Mon, 11 Mar 2024 00:58:14 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 50ms
50ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&e=gtag.config&eid=70&u=AgAAAAAAAAAAAACI&ut=ABA&h=Ag&tc=1&epr=2DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 3CFE 30 KB
13 KB 87ms
87ms Script
application/javascript 108.138.113.246

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=a035d197-19b1-4d68-aca1-f4a37f434a91&u_scsid=d65479cc-68b8-4643-85f1-03affaf7907d&u_sclid=1d490db9-30e6-4548-91c3-cc8070a45d93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 09:53:25 GMT
content-encoding: gzip
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 54290
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 13327
x-amz-cf-id: -OnQgbjXWLUcGKXUS7ve8JHo4eIKCbVUffpQUoYbO3Aqu5-iUzQBXw==

GET
H2 200 site-menu.bundle.67f89c3.js Show response
wsv3cdn.audioeye.com/v2/build/ 53 KB
15 KB 40ms
40ms Script
application/javascript 2606:4700:4400::ac40:97de

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/site-menu.bundle.67f89c3.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.67f89c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:97de -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d60139f58477d38a3af4ad413b885e8899664f0e3a8ae93922032c57eff7f504

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 17:56:25 GMT
server: cloudflare
age: 1027
etag: W/"6408cc49-d357"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a6816741d6ad14f-BUF
expires: Mon, 11 Mar 2024 00:58:15 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame CCAA
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1678582695106&u_scsid=50b2323f-f473-45d2-bbb5-18f2fa5c5e8b&u_sclid=746e169d-f894-4d26-8903-3335a2e5aecf
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1678500222838%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1678500222838&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b

0
18 B

76ms
76ms

Document
text/html

35.190.43.134

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1678500222838&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 -, , ASN (),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Sun, 12 Mar 2023 00:58:15 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 15

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 12 Mar 2023 00:58:15 GMT
location: https://tr.snapchat.com/cm/p?rand=1678500222838&pnid=140&pcid=02435126-fd12-4201-b56d-8d02b7c81c3b
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 73BB 907 B
2 KB 53ms
52ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mzbudiqj&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=fo9pygm&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 15202b1c7736c46b21d1e102d3d9a81dc78e1776fa51be109ca8ba6b40112e1f

Request headers

Referer: https://1782317.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 00:58:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 41ms
40ms Image
text/html 2607:f8b0:4006:824::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-1782317&cv=1&v=3&t=t&pid=2029722526&rv=3360&e=*&eid=71&u=AgAAAAAAAAAAAACI&ut=ABA&h=Ag&tc=1&epr=2DC&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.amazon-service-tooklits.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 00:58:15 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 73BB 487 B
963 B 27ms
26ms Script
application/x-javascript 143.204.138.162

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=mzbudiqj&ref=https%3A%2F%2Fmail.amazon-service-tooklits.duckdns.org%2F&upid=fo9pygm&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 00:27:57 GMT
Via: 1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 1819
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: mcTi9GWc4kjF7ZBT7tedylrJ3a-Oc4a2Z_qIlA-hAHgnRtAActly-Q==

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 7DC8
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=59e02a57-5252-4d8a-8626-bee1fbe33a27&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0

70 B
700 B

50ms
49ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Sun, 12 Mar 2023 00:58:15 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ryrbCs5E2uIc4fNvgZ1oH1U_wg.mjW4-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 776C
Redirect Chain

https://tags.bluekai.com/site/5386?id=59e02a57-5252-4d8a-8626-bee1fbe33a27&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

70 B
700 B

49ms
49ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

content-length: 0
date: Sun, 12 Mar 2023 00:58:15 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame D6AD
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=59e02a57-5252-4d8a-8626-bee1fbe33a27&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D02435126-fd12-4201-b56d-8d02b7c81c3b%252Chttps%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8451906731249194627&pt=02435126-fd12-4201-b56d-8d02b7c81c3b%2Chttps%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Fcmf%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad

70 B
700 B

50ms
50ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 12 Mar 2023 00:58:15 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 12 Mar 2023 00:58:15 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 90ms
30ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.amazon-service-tooklits.duckdns.org/
Origin: https://mail.amazon-service-tooklits.duckdns.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:19:42 GMT
x-content-type-options: nosniff
age: 200314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 17:19:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.samsung.com
URL: https://www.samsung.com/us/api/v1/bridge/cacheable/bridge-data?data_type=TradeIn&store_type=B2C&group_id=828

Domain: www.samsung.com
URL: https://www.samsung.com/us/api/iadvize/agentpresence/?lang=en&ids[]=451315&platform=ha

Domain: www.samsung.com
URL: https://www.samsung.com/us/api/v4/configurator/cacheable/delivery-pickup-availability?groups=828&postal_code=99790

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 14:35:34	Name: demdex Value: 77691174874026009110449837571737762531
.amazon-service-tooklits.duckdns.org/	1969-12-31 23:59:59	Name: AMCVS_48855C6655783A647F000101%40AdobeOrg Value: 1
.amazon-service-tooklits.duckdns.org/	1970-01-20 19:52:22	Name: AMCV_48855C6655783A647F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19429%7CMCMID%7C77729988410026120510445973534877820543%7CMCAAMLH-1679187484%7C7%7CMCAAMB-1679187484%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1678589885s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.rlcdn.com/	1970-01-20 19:01:58	Name: rlas3 Value: P9mX5Km7UHTyAhtWWziR+sN5j0+bULJ4ntI3yMz/oWY=
.doubleclick.net/	1970-01-20 19:52:22	Name: IDE Value: AHWqTUlLwcidUqUCAZihgM_pNFuQqJhyWMnNl-3axOU4gj4oDfhropVWrn-IYzkh93w
.rlcdn.com/	1970-01-20 11:42:46	Name: pxrc Value: CJ3HtKAGEgUI6AcQABIGCPHrARAA
.twitter.com/	1970-01-20 19:52:22	Name: personalization_id Value: "v1_Yn+oyGsSsxCCpdMccbME7w=="
.dpm.demdex.net/	1970-01-20 14:35:34	Name: dpm Value: 77691174874026009110449837571737762531
.adsrvr.org/	1970-01-20 19:03:25	Name: TDID Value: 59e02a57-5252-4d8a-8626-bee1fbe33a27
.adsrvr.org/	1970-01-20 19:03:25	Name: TDCPM Value: CAESEgoDYWFtEgsIzv3C8Nun0TsQBRgFIAEoAjILCNSk_5zyp9E7EAU4AQ..
.adgrx.com/	1970-01-20 19:45:10	Name: ADGRX_UID Value: f2960fba-c070-11ed-a2f8-2c64eb274ee4
.adgrx.com/	1970-01-20 10:17:49	Name: ADGRX_CM_ADOBE_AAM_BRIDGED Value: 1
.demdex.net/	1970-01-20 14:35:34	Name: dextp Value: 477-1-1678582685152\|771-1-1678582685253\|1123-1-1678582685354\|903-1-1678582685455\|58342-1-1678582685561\|80742-1-1678582685663\|152416-1-1678582685764
.undertone.com/	1970-01-20 19:01:58	Name: UTID Value: ec5b6d902d8949478fa284e8d68b0b3f
.undertone.com/	1970-01-20 19:01:58	Name: UTID_ENC Value: dzqtfiihsjkwehetk89mx2am7
.innovid.com/	1970-01-20 12:25:58	Name: uuid Value: e5b991ad-47cb-49bd-9472-c6bec2abf60f-20230311 19:58:06

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mail.amazon-service-tooklits.duckdns.org/ Message: Access to fetch at 'https://www.samsung.com/us/api/v1/bridge/cacheable/bridge-data?data_type=TradeIn&store_type=B2C&group_id=828' from origin 'https://mail.amazon-service-tooklits.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.samsung.com/us/api/v1/bridge/cacheable/bridge-data?data_type=TradeIn&store_type=B2C&group_id=828 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://mail.amazon-service-tooklits.duckdns.org/undefined Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://mail.amazon-service-tooklits.duckdns.org/ Message: Access to fetch at 'https://www.samsung.com/us/api/iadvize/agentpresence/?lang=en&ids[]=451315&platform=ha' from origin 'https://mail.amazon-service-tooklits.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.samsung.com/us/api/iadvize/agentpresence/?lang=en&ids[]=451315&platform=ha Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyBKhZ2_YOd49CZVRjw-qXfVG474-oTxsf8 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://mail.amazon-service-tooklits.duckdns.org/ Message: Access to fetch at 'https://www.samsung.com/us/api/v4/configurator/cacheable/delivery-pickup-availability?groups=828&postal_code=99790' from origin 'https://mail.amazon-service-tooklits.duckdns.org' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.samsung.com/us/api/v4/configurator/cacheable/delivery-pickup-availability?groups=828&postal_code=99790 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c.go-mpulse.net/api/config.json?key=VRZKC-5BSTD-4EWS3-R2J59-B8GYB&d=mail.amazon-service-tooklits.duckdns.org&t=5595276&v=1.720.0&sl=0&si=2c7ee821-9e27-4780-9882-ab258ca8c870-rrduop&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://mail.amazon-service-tooklits.duckdns.org/ Message: The resource https://mail.amazon-service-tooklits.duckdns.org/files/gnb-header-menu.json was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1782317.fls.doubleclick.net
ads.undertone.com
adservice.google.com
ag.innovid.com
alb.reddit.com
analytics.audioeye.com
analytics.tiktok.com
analytics.twitter.com
api.bounceexchange.com
assets.bounceexchange.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
c.go-mpulse.net
cdn.adgrx.com
cdn.attn.tv
cdn.linkedin.oribi.io
cm.adgrx.com
cm.g.doubleclick.net
configurator.ecom-mobile-samsung.com
connect.facebook.net
data.cdnbasket.net
dpm.demdex.net
events.attentivemobile.com
events.bouncex.net
events.release.narrativ.com
evt.undertone.com
fbcapig.mkt.samsung.com
fonts.gstatic.com
googleads.g.doubleclick.net
halc.iadvize.com
ib.adnxs.com
idr.cdnwidget.com
ids.cdnwidget.com
idsync.rlcdn.com
image-us.samsung.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
mail.amazon-service-tooklits.duckdns.org
match.adsrvr.org
p6-qa.samsung.com
page.cdnbasket.net
pd.cdnwidget.com
pippio.com
pix.cdnwidget.com
pixel.rubiconproject.com
pixel.tapad.com
pt.ispot.tv
px.ads.linkedin.com
px4.ads.linkedin.com
resources.digital-cloud-west.medallia.com
rtb.adgrx.com
s.yimg.com
samsung.attn.tv
samsungelectronicsamericainc.demdex.net
sc-static.net
secure.adnxs.com
smetrics.samsung.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.narrativ.com
t.co
tag.rmp.rakuten.com
tag.wknd.ai
tags.bluekai.com
tags.tiqcdn.com
tr.snapchat.com
udc-neb.kampyle.com
ups.analytics.yahoo.com
usermatch.krxd.net
view.cdnbasket.net
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googleapis.com
www.googletagmanager.com
www.linkedin.com
www.samsung.com
www.samsung.com
104.244.42.5
104.244.42.67
104.76.100.229
104.76.100.66
107.178.254.65
107.23.31.66
108.138.113.246
108.138.128.62
13.107.42.14
142.250.65.162
142.250.80.38
142.251.32.98
143.204.138.162
151.101.1.140
151.101.130.137
151.101.194.132
162.247.243.29
172.64.144.208
172.64.150.25
173.231.178.81
18.164.116.73
18.164.96.50
184.29.167.219
199.232.36.157
199.232.37.230
2001:4998:1c:800::1000
23.33.40.197
23.52.148.147
23.54.68.97
2600:141b:13:69d::11a6
2600:141b:9000::b857:ad60
2600:1f16:b8a:8e00:6050:aa15:5244:b3b3
2600:1f1c:8ab:1e01:b35c:611a:73de:7d10
2600:9000:2120:ba00:1c:9484:cec0:93a1
2600:9000:21ec:d800:2:53b2:240:93a1
2600:9000:2510:9200:15:e09:8a80:93a1
2600:9000:2511:d400:7:2bfb:7c00:93a1
2606:4700:4400::ac40:97de
2607:f8b0:4006:809::2003
2607:f8b0:4006:80e::2004
2607:f8b0:4006:816::200a
2607:f8b0:4006:816::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:824::2008
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.102.147.248
34.107.191.194
34.111.113.62
34.111.8.32
34.117.93.237
34.120.230.25
34.120.253.250
34.149.130.207
34.149.254.212
34.98.72.95
35.190.43.134
35.190.60.146
35.227.248.175
35.241.45.82
52.223.40.198
52.54.145.159
54.175.87.114
54.186.225.219
54.81.120.153
54.81.46.5
54.85.136.197
54.91.182.28
63.140.38.15
68.67.179.87
69.173.151.100
76.13.32.146
96.126.101.78
003490b6a6321fb2d064e5001a56968a0f361ae6703fbed3fcc9cd7617b99dc6
00674cfae3144161805acec3b597f83f61ea876466ba059043988703656a84f5
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
066a1d0ca8739927212da5ca749914d066de699b9aae2614a4165eeecd11f0d8
076f28df4f3a54b3b91255e9b6e02b3a927a91728f5c37e385816c7c47ff89f8
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a00826905c1ee2b39117ea74c215e219dde0636703aa2872c4e3e2ddbeb6d94
0caa20830e30e1c27983749e1b245948a0fdae613a712b5bfa9fb6aa335ca015
0d65efbcc28b71c870d2a006f53aa6012d27520d0721092abe68836e89d0fe28
0d7094e9f11a322267e8153518aef03f0039f65c5fa2d7bff4e57ed750109e45
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0faeaa4868c637c4073345ce376585786c58f976a4744fdb533def79ccbcbcbe
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
104ffefd4569f4a030e346e518411d9b449a8db1eb39a7efda291647abee8a6d
10b1d1207bf8cf4f8eddfedc6adb88726de8d9cbafdaf12e5232d564124439e4
1244953e6aeb0464778abbf9b9cb6c3a141afdcbac837eb54bea85c318fe0d40
131c8a1a1c3688391d291ebebf284224ebd2bc6e1fc40a6924cdb13c23cb65b0
149dce4cacbbbb875aeebb52c456d5b996b693c6129ae83e1677eff308410439
15202b1c7736c46b21d1e102d3d9a81dc78e1776fa51be109ca8ba6b40112e1f
15c9f823e545a9686e974826b0568a53a651eff347af2f7abae879ed0a5ba3dd
17ceb3946f81b874977b308b8d9274a8558e22ecbeaf2ad8f98ce75a054dc7b3
180a0558617f4ae63971a81a60ba3074a7de0aa9758a310f8992f39d159cf1c6
189fdedc2dc3d6db6b6190fb5f65969811026a063ded0dddf6af77b38c767b77
1cced91732919ed0331aa1c757d45045ba4256ee04529499e1aef9c6cfbdfe4a
1d0524553f68da3760c2a2bdee0fb3e30ea8e6b5d1f072f30f72a1de57d88a63
1d6f6c9843b9f653e6e1d3a05dd85028fa0f528983b44a37e2853d7e3222830d
20d241c8aaae7a56278070fbe89b50e873ca9633f2caee038bdbb806bcfd24ec
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
2210784070a38f50ef14b29bc7341343c5b982987241b77868e8c3e636430d33
22fad5f94c48c9ac085b645abc743e1cf9a268820e745de6105f9105fda24bcc
23f62c737a250376b41d6d5ee40dbf4d20e9082a149e0869ba239bf76f1748e3
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26904430ca9a08c1fa70cf5794150200f1d69d1ac9c4f56e92f5f123a0b851b1
29bdb09d13893af37efea28433c977f4cde8d2490360f1e94b06aabb9a70e38d
2c419131dded8359bfd253ecebe887059ded52c3bd996b37ff4796a4bafb6d3d
2e18bb06540f8a390908c03238cac9c6f22a39a9f273c4ff5f5ff6b339486516
2ffbea64afdf2171aec5ef8a43194217ea8fd1dce43c7a824e4ec5fb0fe947c9
30b27141b6f9ad71ffd72023164939ccdaf2385050d99abafb41327c8ab47e04
32566ba62df38d2cf3852cbd9e153b30ae3242e9f16288f46fb7e6c7f1519dc7
32dea7108ffed0abf44a6b87aea6ac4209a7dd7867ba38d6fa181570086b953d
33f9d826ec75c6446aa7da4c19c2cf446003c5d5e30e5927eec1aded7b413e9d
3422e9829865eb80547e244abf20b4f7d1f46640944731f653d08308f7a4d39b
34f77d850ed8f47fdf182c0584f9fa12089da2a20df483392770705591b1fe2d
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
38b506c2b3d1dbb864484e285560d2c474a9568f30385761894484bb8e29a36e
39097cb00a2d5ad7f284bbd3eca73dda8ed99803ba9f65be1c43cb6fa68940cb
392f2352445f1ca01f2cd6580307cf437dfbfdec82206361571d167678c856ce
3b8553796393722271730a45493783dd30759ad8c0137e765a5515d16f0aceb7
3ca11d1428bc0be4d01394845ac8038051f9a473d59de50723e29f1d886396ad
3fa99cb9ad72505ec13948f58047d070c4708ef482a8906b67c146645d84d239
402c735d7bd08eace2f5b566af9d25e33838e1b37c3f544fe2533d0bab2e915b
40411dd870b711d1d1a875937f9b5421fadc2f55de32a26ea9a237821f1b2979
40adac45a4532f3dd13d4e8532d3373f99c4a30520fa347c9968ffe6e7a7c941
41cb119006aae73587cb18c99081e8d2b7b7ded4dd1982bb6e410f1155cdafa0
431b8a42c4a6d134fda560a76d9ac286b66bd2caac7962f15b1ea9353c33832f
434c3a6195c14f6b6fd111b8934aa4b9f69424edf180840f4b93e6efe7008707
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444ee9ab2244cf739d772ea95e1b075c67ad9a994298ad28def5517f69bfc6cb
450c37ab3f57c19e5eaeaa0dd70ab049bc91e31b93f1c600bbd9f3dd3b8c9597
476447d0d5e4f51f00fd429f4da62bb1e0cd7a440fb8099ea9f485e029b97fcd
48681ba54fa0eed2749b572838ad6ecd5c7584398242e5eeeba35527e884edfe
4a3b4f726f0656dc3704e31173872015b0911371f170b6914f114f619553d903
4b5ecfe6dc4f94afa989d9469a0c6a0e294026ebed56e92fd8cab56058846bc0
4b9c883510acb57091a673a9d1d7fa3ce5270e9a4d588005c6c4fcef135ef8ce
4d87740d96596dff004b33ebb41e221e22084e5baa2711bd092c3e05678984c7
4f68c87ed6b91fd45f5ae45c27383accabb8a1e4d9ef71b0a52de50bbac91dae
4fb0496d3a4535029b2388dc265a1394295e2438f893457accb220e648be5e1f
52be68b3321596da1eff1d3fe8945ffb20cd4cc13d99a066f93adfc55728556a
538277f8967c6203a0ae76e7e1b4bfcc256fae956c0dbeea55803a98f3a2c41c
541616b2881193eb92563d52dcb8813d5897bb829e45e33c5df6543f1418a69d
5565415a1f0ae2a8c188e6f98684ba89426d74bec4e188ecc1075194f3025438
56c082678c7dd1d9fb9f5ffe7b97f126a6be3aa2c2bb3d04d96f5dfbf8afedac
56c27fd3958b9ead8fa7181445d4b3d44411b11b4387d50ee16a3200028a5ae6
57591c22e42a0e547d868892ce4858183d4b28ee11bb9d29955b921d64632f58
578c5f13cb444ba4734cbeda37cc5dcc1cdfd7b2c856bab8f660708cc06b69a3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cc3985356394e490ef66b6382d03aabcf33aabb1b9e883f99a9370ab1e75c67
5d2c456c0edbae1badbe5df60b7b992161ea13ffe7aceaef50c473f848883ad8
5e994a4cf7f30cd6b6ded53962426d6d6a5a53db9da3b7663b2f60e96973c5fa
5fa15e0c1199a2542b002bbfe85d73f831a2faab933c3aa737173a58ca723b14
6038e277a7106d9e3b49074087a969019cb206d191eba957d8e9062cf4453b96
60497a77878c8c06974db33c21ab74a3af653b5b153ff749f6ff695d37b081e8
6090439954ec1628e618fd1c9f8e33982f1d807e68d4d22f7c5c189bb6c50070
626bd692d4dd69d9b2127ba40fbf4b500d19c010050f06c2154e9e30fafd419b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64782947ce2dc5eb4e2d844197ccd9da884e594564e48554814661695b5f426a
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
699ee9f5211b3349c2ffd15afe9434ae7cfcba1b2ec5582ff852691882819e08
6cf43272997feb4369e612064804ffca7ab2592f5d3ca9f0680d2e65cef0490f
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
6f2fe8a955eaf90c4a16828403ac35a8e29b1a6910aa96719abce8ec4d4940c4
6f413176657503d94a8ae034ef7d2ee86d75b07f1f64de2dd378b24bb22bcbbc
71c800c673fb367c89c7f3db5df766148b559b382bf7a545131ef4408bc46700
72ad346d62ab722e73970d8443e7c84f8ba5ceb0ffc71c8f1ff681aff0958f48
7304da3ea1ea336d3d82d2fe133dc58c69d54cd23df0e07b57587a89d65dc9cc
76f357eb0c2007c17f3a859782d8b5af58d7245b590ff61c9d1bac170c522e22
771196c556ce9fe2914aa0d336cf0f11fbd579c7cdd52e8436b19e0fffdd783b
773795bfba8848fb7ec3d092cbc4aaf409025c2c700ac083f4510bc5541a06c3
77df749f6bbe85442500437f7e798f46b9635da344811ae3b4bf7d43048ee9bb
78f001a59f1b1cb15544ea5606d037c8a8ba3f568007907a9317ef0644b6e822
792cfdbd7f9dc4e60294ab295ca4ae167983d06dcf25d17fcb31c6b7d715e63a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b3af341216e09de0546861424cffbdd875b9c533044b2a1ef8e6071f440fe1e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d5203fa136df9ebd825a18f81bc1da1c165dedc54c171e80286439bf26de7e2
7dbe299789df772aa7d0ffb9ce6931c2a82aa33bfb2f9b81fbec39e650df9a38
7e7c16b5fa053c476073377d7c3788c89f605886e619f108dfeb7d9458009353
7f09d6e199b32fee95ad9a918ce61a7311dec952acfd7db266af9cf950d88753
7fa17a3a46c9f69c176f52ea5b6b4fc6dff9410e6eb48d4985101aa35fbf5d3e
80a753875454bcf755f7ad9db038ba5343393a646a8fd1ad09f09de5d90c3a75
80d49d62bce2cd67cace41d4b2d7c7936ac1c29b04d23936c3f04f5b6c4f9782
81a383a04ef053baa18811a798c0dfb9aabb5fcbc225a8bdf726955466959e33
8311410be7aa7a68e620a33f40e34c2aa19ab650cea95cc47b881018e9bbab53
84bde751227f9a7dcd57216ba824822414f7aef41352722f932d8b5700976359
8894369000485a1fa48bd316aaabf1c5bfe2e059ddb0ea989fe35666d9c77a44
89663c2221fb601b72651ba43aa30fea5ceb559e1999f17103ff0fcaa05740a2
897ae5cf073c1451f0a7da27c683fa824b287616c1c5f07f81bc60df14194624
8ae43cade222a5b97da4c97be406d5c233106a63fbcc4c96d3b8bb7787fc158d
8b7d05cee857fcf36a33b62bf495f8eb1027556d0cdaa3d56d026ed3286a6dec
8cc08c487ed47ad99e3ffb655d75b8853cca202082c3be6ac45c4e88818da433
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc5cc161e9fd461b2ef1e19ff62419e2c7421068a066b31c88bd11ebf751ccf
8ddf2671f1d240e84f00d594e42c02ff2b72f5aa2fd8ae7cdbd151ad5a9daeed
8e89f3db475521d7b0eed134a96becf9b6cc5ac13f709c6cb0f8105ed3895705
8fa4774adf373260cfca7502d646d39da9b96dec00c6f5f623eb1f209be817eb
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
9060b1ae968610cd2369fea7dd1981ccd8b0e07c8de9324ce9864a8f024ac156
96015989d16efacb8ef36822a5e8ef8fa91a782f1b81cfea47e502ef366c508c
98cb2f58c80faff9b6cd08f75a63eaf3571569e011d550c56274586fd65d0547
99e97f3676a17cf08f598c12df23fdadedae138c4eed09ca2dce24aa53634b6f
9a1a5207f8de2df3aaa48922ff264465bb8573d95a7acae7ac4a65bfb6948ec5
9a8811b558cb16edf7b1a3f0186120d39fabbc808e036dc7a82ae72063d9a630
9ac195f96185a410ded23f3b57691f38f414eae4d53d5498e2607762b0aa7f9c
9c552061e61b990f970093451a43216e1f8560fe893d1809962ca6ea76632f38
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
9f0e33ea0f42cf1b7c9ddfd419a2e326f5e4acd07191cd970d31eb302ee4d8c3
a11c17125ef8a9245d6f9854e31394f907fdefee1949d4bc5b9f7d8bb1dc6cf1
a19c9c15a10911e27d8ffa5dd07ed095b6ffd6404b06aa94b112a8212e4ea96c
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3567defab7ed0a20783b047cc655d3f1e14e5068f5ee8c9dfa0736c5e45b50e
a439f0fd3315a13118ea54eadfebdfab12017756f088a4cb815d5442298f0213
a44516f491bd84a9e7c8a1ad388436891b80af7e79c06b20bd5d67e7d0996f53
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd
a9151d2808c958e3f300d4b736abb79fa220fa41d75860b71604ba549d8a65bf
a95d646abf4feaa1461631b68bdd42fdc213a45e39e29af282128908027be2f7
a98a4e6ab2439a3d54f7113cfbd91e2ea4e18c3ec6f6cb1788a82b9c2298ebe6
aa333cca4d6045d2964c3f9a13e8ccfb04111d184641e0e2b475c06b9e400b48
ab9febc0dcec8158ed57ded75d2cd95fa9be77fc0eba599bcf9073ff1a5e5e55
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca9da0acb7ef703b064a01a8a64c6009a459e544a20ed0eb3cd2d5c9bd4b4cc
ae875bac071824e7a740de11f2727265209e9330ec3262c939e494004ad0cabd
b0e52650d66f2194189ef77437337eb5c309f4057c1624ae1b53e14a68abe32d
b13015300227c45df733ced420616ee50e92b7f4ae74479d667041c7a78c7cc8
b3c77228dbaf036416458b45211e70fbc7f3f2eb9ee9a4f106bc14a6d0122fdf
b60313dac69a8e414668cb554f5e4a96aed3d5c8ab9ab80da039b3b9fca1596c
b6b6a86c92eaf681c1c5b4bacc41b35116825a58235e930bcf18cdf91908b52b
b8e7b8f2a9080a5457ae9e12be4bf78d2ecb875f36d4fdbeecdb61bc721d0688
bedad9519020bdb19ccf98e0e5a1a10b7b69996b73d30acff6e90c2554d468b8
bf708c33ad6a457c51b8dda5a20375393d785bfbd4f6ee95edc4aa06376118bf
c28ea6ca4206579c08a0e7fb10ef61dbe196e537affab6a975eaaf7ece84e09e
c36ac03050f1699565b9534f52a24d411ea074e550c159cc09b7a9e4e9063c7e
c829852ee2341e3d0d3d451862be0d9c62bfdfa77e446ebc41b7c4f62380bb69
c85b515c3c699c5ee07e47fd538adecf7fc6a678adb24ba2ccdb8fcf10bf6b1f
c9cabb40a3a00da7544812b30999f856663d6690f1e5f6ad4593466a7ea769ad
c9ebe80b2763333210e6fd88005329896e63d251b37ef91102620c03b3447b34
caaa42516a2023d7cf6bd6d7ddf959bd8e0429118ab573b31e44652b23429090
cc13074aa65c6e0e09161aee9ae67a1ee7ec6c9145496bbde3ef915aa650eaaf
ce8af7a7ff7edcc864dd666e240fd4fae2320fe830a55bc023eb12d043aaadb7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfff8f6b28f4ef55029d9d8a057c8d86c5a64499fb753f21f43371d9fd292a14
d04065b06346c4d46509368097e4d4fd9098f19984abb4e9eced749ae511ddb5
d11c0113e7a0c852e92679e49e117b4a06d71032c902f3309534185730840a52
d35a053b71e19af0b29fd56ad78428017921ffa6ab41f0a5834e91e87c2ae67d
d49b3a4656fdbd1d885850d7da46524bbb1c34c85cb8674869e66c4a12045efe
d50b19caee9bde353ff52cb71ddbc543576a193c8f93fcdfa2037063df09ad65
d60139f58477d38a3af4ad413b885e8899664f0e3a8ae93922032c57eff7f504
d674ce8117d88a4ccc1d8e02bcbb8fd5deda786a521b1d6d39d874d4791df095
d7650fab27ed8f7e6eea6a9c8cc02d0251b41a0af9fb73221180ed953561b031
d777a9061d2add35bf413c03c75a00a4239baf78e508bb96a8a0302edbc2e9b7
d7f2eba316740f62d551e869b66d0e9b1bb6231cd7661f4737a1f1e5056f3d43
d8d4346c4fd04fe5aff1950b0e1028896db20f0f0b67ff3edd542a44ea08ffdf
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db47976ce58cb48bfd88f27e50d102efd4776aea1edd96654c4a45f7328970cf
db9ad9b10473a608d7b97e5c784b40007802ae2b2079b36c0bf1fd12a38f39a4
dd353716d28febf1746ea9fbb38c887a7ca35384cce06502a87abf06ebb32ff6
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50875f831701e57eb6c5b86250b92a847bb57bb61005ecd5f4db5669da8f833
e53cc02ca1113b7ec0bfd8b2ce542c884fab4c8a8fff00eed85a41b4116bc067
e89135b1deb4a833375d5f90e13c6933e7e0d3f7a0e423daaa1496179f7f7b97
ee03384a8676e762042da84fe88f6a8c06f02ceb376264d4a905abadfa9fd7d1
ee0d2674f470ae46b95105ce15271cbc3d434a184b3280595835f876c5d5211f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d9abd186aa683aab0c0c889a360463e23daeb7966ff0f95eb7abea66032d13
f497fbbc8233623152f9bb2b396159b6833e17f90a73f68f3a5c18200646e83e
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f50057054cbb0e057d4ba7da7a0e0ed594d8d9dbb54806f86e7260e3644ffc7b
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f596a84341b5a8c23ac1aa923d3e8b01edf7ac2b1b48401ce5ed78706dbd9b2e
f6d1bb5d071cc7c58fe9603f5a2124e8eb74f2668d2c0dfa7bbf136ea6dbea7a
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f78e8f172c30a0e3eb8754d6b016b348ad53f6afbf7a94370f1a71e8dc9ac9da
f9be09bc2d5b8d41fc355ec0499577745a8b6cf1a2ca2ce01805c8139ea37aaa
f9eec46e1f2dc82b66f11198be2bf4707c63fb4f7eb4ac7aa6e1b2862127ee3b
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c
ff77fdbc19aa1ebcc2e136122c359d1d93345f98fdf25cd53c7b0ee53044e0fd

mail.amazon-service-tooklits.duckdns.org Open in urlscan Pro 96.126.101.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

331 Requests

89 %HTTPS

28 %IPv6

55 Domains

83 Subdomains

64 IPs

1 Countries

5234 kBTransfer

22323 kBSize

16 Cookies

45 Outgoing links

Page URL History

Redirected requests

331 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.amazon-service-tooklits.duckdns.org Open in urlscan Pro
96.126.101.78 Public Scan

Screenshot
Live screenshot

Full Image

331
Requests

89 %
HTTPS

28 %
IPv6

55
Domains

83
Subdomains

64
IPs

1
Countries

5234 kB
Transfer

22323 kB
Size

16
Cookies

331 HTTP transactions
0 data transactions