urlscan.io logo urlscan.io
SecurityTrails logo

floraspring.com Open in urlscan Pro
149.28.34.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trimdownclub.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzYWZldHJrdGhyZWUuY29tJTJGJTNGRSUzRDdudDNxcW15UV...
Effective URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&...
Submission: On October 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 9 countries across 56 domains to perform 154 HTTP transactions. The main IP is 149.28.34.111, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is floraspring.com.
TLS certificate: Issued by R3 on August 28th 2022. Valid for: 3 months.
This is the only time floraspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.165.14.136 14618 (AMAZON-AES)
1 1 207.148.2.105 20473 (AS-CHOOPA)
1 1 144.202.19.192 20473 (AS-CHOOPA)
11 149.28.34.111 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.217.224.56 16509 (AMAZON-02)
2 2 3.120.61.165 16509 (AMAZON-02)
1 1 3.127.197.177 16509 (AMAZON-02)
2 76.223.111.18 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.96.102.137 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 142.250.185.66 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.120.247 16509 (AMAZON-02)
1 23.35.237.86 16625 (AKAMAI-AS)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
7 23.36.163.249 20940 (AKAMAI-ASN1)
3 151.101.1.44 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 54.225.120.86 14618 (AMAZON-AES)
1 18.192.108.151 16509 (AMAZON-02)
4 64.202.112.255 22075 (AS-OUTBRAIN)
1 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
30 151.139.128.11 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
1 178.250.2.146 44788 (ASN-CRITE...)
2 2620:1ec:40::45 8075 (MICROSOFT...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 3 178.250.0.163 44788 (ASN-CRITE...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 212.82.100.181 34010 (YAHOO-IRD)
2 20.120.65.166 8075 (MICROSOFT...)
4 35.190.43.134 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 2 18.194.110.242 16509 (AMAZON-02)
1 1 142.250.186.162 15169 (GOOGLE)
2 2 37.252.172.250 29990 (ASN-APPNEX)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2 54.155.65.255 16509 (AMAZON-02)
1 23.35.228.23 16625 (AKAMAI-AS)
1 3.120.54.154 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 69.173.144.138 26667 (RUBICONPR...)
1 52.57.80.202 16509 (AMAZON-02)
1 185.86.137.132 201081 (SMARTADSE...)
3 141.226.228.48 200478 (TABOOLA-AS)
1 23.35.237.56 16625 (AKAMAI-AS)
1 3.126.56.137 16509 (AMAZON-02)
1 37.157.3.29 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 54.205.127.85 14618 (AMAZON-AES)
1 162.19.138.83 16276 (OVH)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 96.16.132.239 16625 (AKAMAI-AS)
1 54.229.162.197 16509 (AMAZON-02)
4 107.178.211.97 396982 (GOOGLE-CL...)
9 35.190.27.197 15169 (GOOGLE)
2 2600:1901:0:d... 15169 (GOOGLE)
1 52.213.108.198 16509 (AMAZON-02)
1 3.141.157.49 16509 (AMAZON-02)
154 64
1    54.165.14.136 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-14-136.compute-1.amazonaws.com
trimdownclub.lt.acemlnb.com
1    207.148.2.105 (Dallas, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 207.148.2.105.vultrusercontent.com
safetrkthree.com
1    144.202.19.192 (Atlanta, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.19.192.vultrusercontent.com
safetrkpro3.com
11    149.28.34.111 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.34.111.vultrusercontent.com
floraspring.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.217.224.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    3.120.61.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-61-165.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    3.127.197.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-197-177.eu-central-1.compute.amazonaws.com
rtb-eu.mfadsrvr.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net
sc-static.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
7    23.36.163.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.225.120.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-120-86.compute-1.amazonaws.com
q.quora.com
1    18.192.108.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
treach-tutters.com
4    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
1    2600:9000:223e:7000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
30    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
quick.vidalytics.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    2620:100:a001::17 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms
4    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    18.194.110.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-110-242.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
2    54.155.65.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    3.120.54.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-54-154.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.57.80.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-80-202.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    54.205.127.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-127-85.compute-1.amazonaws.com
dpm.demdex.net
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    2600:1f18:612b:4264:5bf8:c9ae:fc1e:511b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.229.162.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-197.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    107.178.211.97 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.211.178.107.bc.googleusercontent.com
stats.vidalytics.com
9    35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com
analytics-ingress-global.bitmovin.com
2    2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
licensing.bitmovin.com
1    52.213.108.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-108-198.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.141.157.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-157-49.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
34 vidalytics.com
quick.vidalytics.com — Cisco Umbrella Rank: 213885
stats.vidalytics.com — Cisco Umbrella Rank: 167855
17 MB
11 bitmovin.com
analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 33611
licensing.bitmovin.com — Cisco Umbrella Rank: 10002
1 KB
11 floraspring.com
floraspring.com
126 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
sslwidget.criteo.com — Cisco Umbrella Rank: 1809
widget.us.criteo.com — Cisco Umbrella Rank: 18985
dis.criteo.com — Cisco Umbrella Rank: 679
14 KB
7 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 872
160 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 565
l.clarity.ms — Cisco Umbrella Rank: 5283
c.clarity.ms — Cisco Umbrella Rank: 1062
26 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5017
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
6 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 865
trc.taboola.com — Cisco Umbrella Rank: 697
sync-t1.taboola.com — Cisco Umbrella Rank: 1296
trc-events.taboola.com — Cisco Umbrella Rank: 1645
20 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6045
890 B
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2484
tr.outbrain.com — Cisco Umbrella Rank: 2281
sync.outbrain.com — Cisco Umbrella Rank: 832
5 KB
4 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 926
1 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 379
c.bing.com — Cisco Umbrella Rank: 236
14 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
rtb-eu.mfadsrvr.com — Cisco Umbrella Rank: 76098
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
853 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1351
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
1 KB
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1242
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 494
7 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
10 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5337
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
173 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
279 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1506
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 528
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114
220 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4441
522 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 23447
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2159
183 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2682
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1104
236 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1496
163 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1698
172 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 554
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 706
225 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1259
882 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 570
786 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
1 KB
1 treach-tutters.com
treach-tutters.com
1 quora.com
q.quora.com — Cisco Umbrella Rank: 2946
417 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
14 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 943
9 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 131
15 KB
1 amazonaws.com
s3.amazonaws.com
56 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 safetrkpro3.com
safetrkpro3.com
923 B
1 safetrkthree.com
safetrkthree.com
311 B
1 acemlnb.com
trimdownclub.lt.acemlnb.com
259 B
154 56
Domain Requested by
30 quick.vidalytics.com floraspring.com
quick.vidalytics.com
11 floraspring.com floraspring.com
9 analytics-ingress-global.bitmovin.com floraspring.com
7 analytics.tiktok.com floraspring.com
analytics.tiktok.com
5 www.google.de floraspring.com
5 gum.criteo.com 4 redirects static.criteo.net
4 stats.vidalytics.com floraspring.com
4 tr.snapchat.com sc-static.net
4 www.google.com floraspring.com
3 googleads.g.doubleclick.net www.googleadservices.com
3 tr.outbrain.com amplify.outbrain.com
floraspring.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
floraspring.com
2 trc-events.taboola.com cdn.taboola.com
2 licensing.bitmovin.com floraspring.com
2 dpm.demdex.net 1 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 c.clarity.ms 1 redirects
2 l.clarity.ms www.clarity.ms
2 www.facebook.com floraspring.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 trc.taboola.com cdn.taboola.com
2 region1.analytics.google.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 connect.facebook.net floraspring.com
connect.facebook.net
2 s.yimg.com floraspring.com
s.yimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dev.visualwebsiteoptimizer.com floraspring.com
2 www.googletagmanager.com floraspring.com
www.googletagmanager.com
2 eb2.3lift.com floraspring.com
2 rtb.mfadsrvr.com 2 redirects
1 s.thebrighttag.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 matching.ivitrack.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 ups.analytics.yahoo.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 c.bing.com 1 redirects
1 sp.analytics.yahoo.com floraspring.com
1 widget.us.criteo.com floraspring.com
1 sslwidget.criteo.com 1 redirects
1 mug.criteo.com floraspring.com
1 pixel.quantserve.com floraspring.com
1 rules.quantcount.com secure.quantserve.com
1 treach-tutters.com floraspring.com
1 q.quora.com floraspring.com
1 cdn.taboola.com floraspring.com
1 static.criteo.net www.googletagmanager.com
1 amplify.outbrain.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 rtb-eu.mfadsrvr.com 1 redirects
1 s3.amazonaws.com floraspring.com
1 fonts.googleapis.com floraspring.com
1 safetrkpro3.com 1 redirects
1 safetrkthree.com 1 redirects
1 trimdownclub.lt.acemlnb.com 1 redirects
154 76

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
partners.pineapple.co
Subject Issuer Validity Valid
floraspring.com
R3		 2022-08-28 -
2022-11-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-10-17 -
2022-12-07		 2 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.quora.com
R3		 2022-08-21 -
2022-11-19		 3 months crt.sh
treach-tutters.com
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-04 -
2023-02-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
exchange.mediavine.com
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
itm.ivitrack.com
R3		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-11 -
2022-12-12		 a year crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2		 2022-05-03 -
2023-06-04		 a year crt.sh

This page contains 4 frames:

Primary Page: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Frame ID: 7323DF456431DCAC1B9ADC0CB005FA96
Requests: 126 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag
Frame ID: C0E7EE2474D9E0F4612C4DAB0CA8264A
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cb973317-d0e8-4273-8280-d0607692ae5c&u_scsid=ea10e380-b470-4599-ab63-68ec98079045&u_sclid=eb798d5e-ae44-47b1-9884-38edb70c40d6
Frame ID: 06DF1FA1249355CFC281F663775DA7DD
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30
Frame ID: 353035BE19BF9AAE75D52BC4B7320965
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Video - Limited Time Only!

Page URL History Show full URLs

  1. https://trimdownclub.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzYWZldHJrdGhyZWUuY29tJTJGJT... HTTP 302
    https://safetrkthree.com/?E=7nt3qqmyQWKaeykwUXb%2bZkIWO1ngp8g1&s1=gvflr4aepfot21090003asjtl206&s2=628... HTTP 302
    https://safetrkpro3.com/?E=7nt3qqmyQWKaeykwUXb%2bZkIWO1ngp8g1&s1=gvflr4aepfot21090003asjtl206&s2=628... HTTP 302
    https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

154
Requests

92 %
HTTPS

29 %
IPv6

56
Domains

76
Subdomains

64
IPs

9
Countries

18212 kB
Transfer

21306 kB
Size

69
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trimdownclub.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzYWZldHJrdGhyZWUuY29tJTJGJTNGRSUzRDdudDNxcW15UVdLYWV5a3dVWGIlMjUyYlprSVdPMW5ncDhnMSUyNnMxJTNEZ3ZmbHI0YWVwZm90MjEwOTAwMDNhc2p0bDIwNiUyNnMyJTNENjI4OTUzMSUyNnMzJTNEaDM=&sig=4mbgMJC4ZuLtDWpUd3c6dKnViPTcxE4TL18wtf2Rt3n8&iat=1666260376&a=%7C%7C224282103%7C%7C&account=trimdownclub%2Eactivehosted%2Ecom&email=mYrPhngjTN%2B6jVKVvxLmuQ%3D%3D&s=cd1153b55909ee86c9ed6db6b6a3599e&i=2170A25718A1A143277 HTTP 302
    https://safetrkthree.com/?E=7nt3qqmyQWKaeykwUXb%2bZkIWO1ngp8g1&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3 HTTP 302
    https://safetrkpro3.com/?E=7nt3qqmyQWKaeykwUXb%2bZkIWO1ngp8g1&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&ckmguid=790c2af8-65a0-4cc5-bdac-649395eeb5ea HTTP 302
    https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://rtb.mfadsrvr.com/pixel?id=521041&type=img HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img HTTP 302
  • https://rtb-eu.mfadsrvr.com/sync?ssp=triplelift&initiator=me HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=2893b28d-228d-4c8b-b73c-caa74f07ce97&dongle=31ac
Request Chain 52
  • https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qMlw2Xx6WWdwdnhXMFZseFpCeE9pcXZUMTlWU3dPTTA2a0hGcXdPQkI3c0s3S2c1UWRjci9vS3V1Z0pFSVdHVXZHS2I5STVvRm9sMFg3MldFdjF2UlYxOWU5SU8ybFNKSlZYTWlUK2ljclZpZndqNXhTYWhvcVh6MlA5d3gzcHkvcUczWjZ5aDdvNjlDQ0EvV2hCSENjZkpucXh3S05jM2RrNmhZM3kvODRiUllOdWtSNk5aOHZ2QXdBOTZYY013TE9CTG1nZGpNYXlTNkxwa3AwZ2hGV2g2N3drc3dZdWZITnU5VDBvQm9SQVJlNWhJci81WkIvVW1VUDR1TUZ5V2VZbVNIT3Z0eER2K3J3RThXcTNLM3MzOUZRQT09fA&cppv=2
Request Chain 69
  • https://sslwidget.criteo.com/event?a=77723&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA5Zzd3dEduVGVtakZGbXFyJTJGWmIlMkJ5N05IRzNIQVhkQ1Z6RXNZOTJrNW9nazM4aUNCNnVFbW1WMW0lMkZaZnZ6Mm5LMkE2dlR0MkxxN2FKZnNtJTJGZXBIMExEY1dKWmY2ZyUzRCUzRA&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1102%2526s1%253Dgvflr4aepfot21090003asjtl206%2526s2%253D6289531%2526s3%253Dh3%2526s4%253D%2526o%253D83%2526r%253D60110898%2526cr%253D274%2526campid%253D6819%2526utm_medium%253D1102%2526utm_source%253Dgvflr4aepfot21090003asjtl206&dtycbr=90890 HTTP 302
  • https://widget.us.criteo.com/event?a=77723&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA5Zzd3dEduVGVtakZGbXFyJTJGWmIlMkJ5N05IRzNIQVhkQ1Z6RXNZOTJrNW9nazM4aUNCNnVFbW1WMW0lMkZaZnZ6Mm5LMkE2dlR0MkxxN2FKZnNtJTJGZXBIMExEY1dKWmY2ZyUzRCUzRA&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1102%2526s1%253Dgvflr4aepfot21090003asjtl206%2526s2%253D6289531%2526s3%253Dh3%2526s4%253D%2526o%253D83%2526r%253D60110898%2526cr%253D274%2526campid%253D6819%2526utm_medium%253D1102%2526utm_source%253Dgvflr4aepfot21090003asjtl206&dtycbr=90890
Request Chain 75
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=39487C4DC01C473CB5B6E11F18F76D52&RedC=c.clarity.ms&MXFR=27416195797E6AAB14CC73D07D7E6438 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=39487C4DC01C473CB5B6E11F18F76D52&MUID=331D99ECF2B7632523E58BA9F31B6236
Request Chain 77
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30
Request Chain 78
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0WihcN5QYABSB2eB79LIJgAEAroe3rpxR2MUeg&google_cm&google_hm=ay0wV2loY041UVlBQlNCMmVCNzlMSUpnQUVBcm9lM3JweFIyTVVlZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0WihcN5QYABSB2eB79LIJgAEAroe3rpxR2MUeg&google_gid=CAESEDPTBCzzxSPM5u7Bw5VbXEE&google_cver=1&google_ula=913071,0
Request Chain 79
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5873993002519019102
Request Chain 80
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h-p5_N5QYABSB2eB79LIJgAEArqU1YWquBBYEQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h-p5_N5QYABSB2eB79LIJgAEArqU1YWquBBYEQ&C=1
Request Chain 81
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CJ_bg95QYABSB2eB79LIJgAEArpEh5IMh0ATjQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CJ_bg95QYABSB2eB79LIJgAEArpEh5IMh0ATjQ
Request Chain 95
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=S-u0mtvm31BBKejlK6dVsDEv6-gLH4Mb HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=S-u0mtvm31BBKejlK6dVsDEv6-gLH4Mb
Request Chain 108
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0GFQI25IcgBQ8xHECfD3Yd8PommmBA4w
Request Chain 109
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=82AAuugf2ApsFl5ePKMlU9PfjwwumEB2

154 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aff_special20.php
floraspring.com/z/
Redirect Chain
  • https://trimdownclub.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZzYWZldHJrdGhyZWUuY29tJTJGJTNGRSUzRDdudDNxcW15UVdLYWV5a3dVWGIlMjUyYlprSVdPMW5ncDhnMSUyNnMxJTNEZ3ZmbHI0YWVwZm90MjE...
  • https://safetrkthree.com/?E=7nt3qqmyQWKaeykwUXb%2bZkIWO1ngp8g1&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3
  • https://safetrkpro3.com/?E=7nt3qqmyQWKaeykwUXb%2bZkIWO1ngp8g1&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&ckmguid=790c2af8-65a0-4cc5-bdac-649395eeb5ea
  • https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
c61370b4617a6af7e544c5dedbc30001d76cb4e5c214878b2f6cd44765ae897b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
6770
content-type
text/html; charset=UTF-8
date
Sat, 22 Oct 2022 09:37:19 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx-rc
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
351
content-type
text/html; charset=utf-8
date
Sat, 22 Oct 2022 09:37:18 GMT
location
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
bootstrap.min.css
floraspring.com/z/inc/ 		110 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/inc/bootstrap.min.css
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-1b9ac"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 08:39:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 Oct 2022 09:37:19 GMT
buy-safe.css
floraspring.com/z/inc/ 		534 B
428 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/inc/buy-safe.css
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-216"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
jquery-ui.min.css
floraspring.com/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/css/jquery-ui.min.css
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-718e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
ouibounce.min.css
floraspring.com/z/css/ 		2 KB
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/css/ouibounce.min.css
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-98c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
vsl.css
floraspring.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/css/vsl.css?v=1
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
4469009ea5a9afd7a865fc77d1f50af984a04457eb295ae43feaa221d4352757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 17:21:19 GMT
server
nginx-rc
etag
W/"626c1e8f-ca6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
thumb6.jpg
s3.amazonaws.com/flora-spring/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/flora-spring/thumb6.jpg
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.224.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:20 GMT
Last-Modified
Fri, 19 Jun 2020 14:28:38 GMT
Server
AmazonS3
x-amz-request-id
ZRJ93F0DFTNFP5TR
ETag
"5903f97d5c1477d254c8f417bdd6cdd3"
Content-Type
image/jpeg
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
57352
x-amz-id-2
MBf5DTyuwfGXTTD5DP3sKv4RW8o4KBajWzpQ6pwlfQJuBs0t7/OXRy1d6rF5jCRAuE16lUOn4P4=
jquery.js
floraspring.com/z/inc/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/inc/jquery.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-147a2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
jquery-ui.min.js
floraspring.com/js/ 		246 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/js/jquery-ui.min.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-3d8ad"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
ouibounce.min.js
floraspring.com/z/js/ 		2 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/js/ouibounce.min.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-658"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
fadeInOut.js
floraspring.com/z/inc/ 		118 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/z/inc/fadeInOut.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-76"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/pixel?id=521041&type=img
  • https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img
  • https://rtb-eu.mfadsrvr.com/sync?ssp=triplelift&initiator=me
  • https://eb2.3lift.com/xuid?mid=4945&xuid=2893b28d-228d-4c8b-b73c-caa74f07ce97&dongle=31ac
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=2893b28d-228d-4c8b-b73c-caa74f07ce97&dongle=31ac
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=2893b28d-228d-4c8b-b73c-caa74f07ce97&dongle=31ac
Date
Sat, 22 Oct 2022 09:37:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
gtm.js
www.googletagmanager.com/ 		327 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00780bd463309743970dee8c3fe16f98856908146e37454df1104935dcaf7b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99759
x-xss-protection
0
last-modified
Sat, 22 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 Oct 2022 09:37:19 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&r=0.7816180702422717
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
5cc1b759fa202c806d0e6cac7cf447c1fe3ea6fed771a8ff24ab676ab9ebd594

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1666382599"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=2887&d=floraspring.com&u=D30613D62563B0DA5F03C3B7F95D00807&h=065bdba83122e2375bdfbe45fbbcd139&t=false&r=0.5138193992489164
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:18 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 22 Oct 2022 09:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1282
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 22 Oct 2022 11:15:57 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 29 Oct 2022 09:37:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15176
x-xss-protection
0
server
cafe
etag
444338200384796413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Oct 2022 09:37:19 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 22 Oct 2022 09:37:19 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1B2651958AF4315AFCEF246E7051D6F Ref B: FRA31EDGE0111 Ref C: 2022-10-22T09:37:19Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
scevent.min.js
sc-static.net/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-120-247.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
8764
x-amz-cf-id
9L48UWqV4mmMGWQgOiEPrefr7f0TQZM7ux6R5tcf_tGnFh8qPwtAZQ==
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Oct 2022 07:50:08 GMT
Server
AkamaiNetStorage
ETag
"0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3471
Expires
Sat, 22 Oct 2022 09:57:19 GMT
ld.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 25 Aug 2022 11:02:07 GMT
server
nginx
etag
W/"630756af-a8d9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 23 Oct 2022 09:37:19 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:36:33 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
E8Y0BCDDCCVR8TWN
age
47
x-amz-server-side-encryption
AES256
x-amz-id-2
IuK+jnj8+270hWzQ8L11XGuQCClSL3lcIt2nmHG3H2iTQIVFC4za0mii4bMOtCA3RFIBXUHr7/Y=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
events.js
analytics.tiktok.com/i18n/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C354507G09FC36CGKGPG&lib=ttq
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
acd0ed203da6e3fce09709cb5f2068dba59f9ca838510286f10c112c9754666a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
420a8871.152ba59d
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
89,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=81, origin; dur=8, inner; dur=2
content-length
985
pragma
no-cache
server
nginx
x-tt-logid
20221022093719FD83045029C7CC12532A
x-cache-remote
TCP_MISS from a23-39-229-31.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.39.229.31
x-tt-trace-host
01f7661108ed1e49070c4ee22c7183aa30cc4f94c5bcdff2e8bd0e64b07e9e6e6d31043d06f9db38bf4d0af1f7086114769369f8f844a47b2f90ac7465ded0591ddce26413e07053660faeffe038738a5355ca5ec8e78070bbb0ff542a6586fca9
expires
Sat, 22 Oct 2022 09:37:19 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1419346/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d9b4570fe5cc501048952b2d872634ef6dee9d313818352c0e7a398c5f58dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
eoowuLqKwaQHAkjPDcUj8FTgJLKh0CRE
content-encoding
gzip
via
1.1 varnish
date
Sat, 22 Oct 2022 09:37:19 GMT
x-amz-request-id
G94VDPGSG5EG6ZAG
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17951
x-amz-id-2
pSMy/8A/WAVDQuheB7hNdd2L/T95KwjO4y8ywsXyOwbnIr3bNiHCz+6wjgar6QmuqFzjgSkQY0I=
x-served-by
cache-hhn4060-HHN
last-modified
Sun, 16 Oct 2022 11:08:13 GMT
server
AmazonS3
x-timer
S1666431440.519335,VS0,VE101
etag
"e723c10b1cac45b43b0b419735f2bf1e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C91R3HSS1AB7D64TQ1S0&lib=ttq
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
caaf6f115e3fa7878d65adc435fa67b88d50379ec136afdb54ba1f8b12c07296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
7047efa3.152ba5a8
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
93,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=4
content-length
1189
pragma
no-cache
server
nginx
x-tt-logid
2022102209371960839641743C4B168E70
x-cache-remote
TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.220.104.19
x-tt-trace-host
01f7661108ed1e49070c4ee22c7183aa30a8fa1aed5faa664fe5142fec0d4423e7a47994f15b39227b3a5fd75ff4c5d0881958ae74cbe40e83a93f8b90f80ee6ec1b5007670a935191d1a4a711ae74258ca21aa78f5ca4424125c8c8c49f7d841c
expires
Sat, 22 Oct 2022 09:37:19 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Oct 2022 09:37:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
y2j0mkDGWesGj85Z97azPsDIGiTij0RhH/o8Dk6fMl/i+kI5sSa3h7UrT7rcA9b+hfrWG8m77ptvyqX1JbuPVg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6eb1edd1f1ec3c4d936b29befccaa94b2165adbc7a6e71b76ce538c46227b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77166
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 22 Oct 2022 09:37:19 GMT
pixel
q.quora.com/_/ad/5003d1ce923f4c3a9c19a748ab43029c/ 		43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/5003d1ce923f4c3a9c19a748ab43029c/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.120.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-120-86.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,343e9e02d567e2b4652cc68c5b2136ca,10.0.0.61,8134,81.95.5.43,,71005941016,1,1666431439.866,0.001,,.,0,0,0.000,0.004,-,0,0,197,268,134,10,35796,,,,,,-,
Content-Type
image/gif
.js
treach-tutters.com/d/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&lpt=Free%20Video%20-%20Limited%20Time%20Only!&vtm=1666431439479
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.192.108.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1793498565&t=pageview&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&ul=en-us&de=UTF-8&dt=Free%20Video%20-%20Limited%20Time%20Only!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=839902650&gjid=1073903921&cid=149896053.1666431439&tid=UA-113385709-1&_gid=17298124.1666431439&_r=1&gtm=2wgaj0MR9ZK4G&cd4=1102&z=1515747597
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://floraspring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00334f27e888e04062e48c656e1eda1b21
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
X-TraceId
b8447b8ad866f4246678888b00569343
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00334f27e888e04062e48c656e1eda1b21&obApiVersion=1.0-gtm&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&optOut=false&bust=010154059005877669&referrer=
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:19 GMT
Cache-Control
no-cache
content-encoding
gzip
X-TraceId
2b57bc21ca8e6061cba2f036ecd2f5dc
Content-Length
60
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00334f27e888e04062e48c656e1eda1b21&obApiVersion=1.0-gtm&obtpVersion=1.10.0&name=VSL-Page&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&optOut=false&bust=011171066961179088&referrer=
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:19 GMT
Cache-Control
no-cache
content-encoding
gzip
X-TraceId
27a5449f4225c899177a04cdf2324231
Content-Length
60
Content-Type
image/gif;
10135825.json
s.yimg.com/wi/config/ 		2 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135825.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
ZRJ7AMFBCFVGBT8M
age
0
content-length
22
x-amz-id-2
QljZVceSWW2Gd1tlCRTqbVLG7zrPrEO0lKLrCMWVBQdnqpBDLngCm1m+rPhxpJfO3d0AfDIDcic=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
rules-p-rXRXmwZSu3n0s.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-rXRXmwZSu3n0s.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
994e7cba872b1835499be600f85f99d12ae61b38d81ac0429ef39e2f587fd3f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
13
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:53:35 GMT
server
AmazonS3
etag
W/"4616f68031e96be3102ecbcf8f921399"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
b4Udh4ztnsZI09BYxl4nQXMAu41eU3w-953cXB9OtykXoSa9zFpo6Q==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1666431439515&cv=9&fst=1666431439515&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=304253631.1666431439&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0726aa0d2b80e14cad468c6b3860caa494362ffbe7ca7a6989915214c2e785a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1139
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1666431439517&cv=9&fst=1666431439517&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=304253631.1666431439&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff33c9a1912a26daaef92e8b2e7b7f33565ed81572b158845a7df9470fc85743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1138
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/332385166/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/332385166/?random=1666431439518&cv=9&fst=1666431439518&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&auid=304253631.1666431439&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbeca78309a4b4b099b8c4d2a4182adcf3c8437221858d9105c858ac2345f9fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1136
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
56270944.js
bat.bing.com/p/action/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56270944.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3310869d6a3211f1f0b9aaef9664020f3855353a44ecd6e0996fa82ab7832a8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 22 Oct 2022 09:37:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 906D3043D6AF43B793A08D6C9A9D0886 Ref B: FRA31EDGE0111 Ref C: 2022-10-22T09:37:19Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
1423
syncframe
gum.criteo.com/ Frame C0E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://floraspring.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Oct 2022 09:37:19 GMT
server
Kestrel
server-processing-duration-in-ticks
848321
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-113385709-1&cid=149896053.1666431439&jid=839902650&gjid=1073903921&_gid=17298124.1666431439&_u=YEBAAEAAAAAAACAAI~&z=369852616
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 22 Oct 2022 09:37:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://floraspring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JM1YLT9HG3&gtm=2oeaj0&_p=1793498565&_gaz=1&cid=149896053.1666431439&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&sid=1666431439&sct=1&seg=0&dt=Free%20Video%20-%20Limited%20Time%20Only!&en=page_view&_fv=1&_ss=1&epn.page_height=739&ep.fb_pixel_id=875470023133343&ep.event_id=1666432187416_16664319768601&ep.a_affiliate_id=1102
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://floraspring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JM1YLT9HG3&cid=149896053.1666431439&gtm=2oeaj0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://floraspring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JM1YLT9HG3&cid=149896053.1666431439&gtm=2oeaj0&aip=1&z=1243521124
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stop-pop.min2.js
floraspring.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://floraspring.com/js/stop-pop.min2.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.34.111 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.34.111.vultrusercontent.com
Software
nginx-rc /
Resource Hash
58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 20 Apr 2022 13:12:45 GMT
server
nginx-rc
etag
W/"626006cd-ae7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Mon, 21 Nov 2022 09:37:19 GMT
loader.min.js
quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/loader.min.js
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a4c1a074c4c4254bec46f83f8f770d0fe2808c27a56006da0ffb73118e99018b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
content-encoding
gzip
x-cdn
4
x-guploader-uploadid
ADPycduZh360Qt_Ywz1QpggzXRFb0g_XKndSCZZg4-7ZLEMsJosrYCmUKv8ahdLt_tcfXiUIOcNMbQoiSA1XCYdGpLxXgw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Fri, 07 Oct 2022 12:14:29 GMT
server
UploadServer
x-cdn-info
loader
etag
"e3c874a4607f582d504fb76d4ca95c22"
vary
Accept-Encoding
x-goog-generation
1665144869073417
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=IdYSFw==, md5=48h0pGB/WC1QT7dtTKlcIg==
access-control-expose-headers
Content-Type, x-hw, server, x-cdn, x-cdn-info
cache-control
no-store, private, max-age=0, s-max-age=0
x-hw
1666431439.cds220.fr8.hn,1666431439.cds220.fr8.hc,1666431439.cds276.fr8.sc,1666431440.cds276.fr8.p,1666431440.cds220.fr8.sl
x-goog-stored-content-length
10160
accept-ranges
bytes
expires
Sat, 22 Oct 2022 09:37:19 GMT
875470023133343
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/875470023133343?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
886042ef1981b731d1bffdcc5a2a9fb540d9bbc1c60fb16d07021afd8c0a7734
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 22 Oct 2022 09:37:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wfjKlhb7yVv2l4JDXTYE9vFTP2eymJfpw/EDLGB0WMo9ZJKD3MKBaajS6rquEsUMhj6ab01Vc+7ikZgQ1AYLpg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56270944&Ver=2&mid=f52ff0b3-fc43-4e75-8172-56a9686691c2&sid=1f7e641051ed11edb23d45f400ec09e8&vid=1f7ea9c051ed11ed9ee13d9bdfcc33b3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Video%20-%20Limited%20Time%20Only!&p=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&r=&lt=2309&evt=pageLoad&sv=1&rn=474506
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Oct 2022 09:37:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 91D50F334565497E9E274CFBDC2EF369 Ref B: FRA31EDGE0111 Ref C: 2022-10-22T09:37:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1502920720;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1502920720;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206;uht=2;fpan=1;fpa=P0-377066214-1666431439587;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=floraspring.com;dst=0;et=1666431439587;tzo=0;ogl=;ses=8fd1f60d-0c3f-4a18-9429-d07f9d772b38
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-113385709-1&cid=149896053.1666431439&jid=839902650&_u=YEBAAEAAAAAAACAAI~&z=9827501
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-113385709-1&cid=149896053.1666431439&jid=839902650&_u=YEBAAEAAAAAAACAAI~&z=9827501
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame C0E7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=qMlw2Xx6WWdwdnhXMFZseFpCeE9pcXZUMTlWU3dPTTA2a0hGcXdPQkI3c0s3S2c1UWRjci9vS3V1Z0pFSVdHVXZHS2I5STVvRm9sMFg3MldFdjF2UlYxOWU5SU8ybFNKSlZYTWlUK2ljclZpZndqNXhTYWhvcVh6MlA5d3...
425 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qMlw2Xx6WWdwdnhXMFZseFpCeE9pcXZUMTlWU3dPTTA2a0hGcXdPQkI3c0s3S2c1UWRjci9vS3V1Z0pFSVdHVXZHS2I5STVvRm9sMFg3MldFdjF2UlYxOWU5SU8ybFNKSlZYTWlUK2ljclZpZndqNXhTYWhvcVh6MlA5d3gzcHkvcUczWjZ5aDdvNjlDQ0EvV2hCSENjZkpucXh3S05jM2RrNmhZM3kvODRiUllOdWtSNk5aOHZ2QXdBOTZYY013TE9CTG1nZGpNYXlTNkxwa3AwZ2hGV2g2N3drc3dZdWZITnU5VDBvQm9SQVJlNWhJci81WkIvVW1VUDR1TUZ5V2VZbVNIT3Z0eER2K3J3RThXcTNLM3MzOUZRQT09fA&cppv=2
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0ff66e529e0c62957cdc20585a340b3560055b70ceeb4a0843ba4bf759e48fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2417569
expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qMlw2Xx6WWdwdnhXMFZseFpCeE9pcXZUMTlWU3dPTTA2a0hGcXdPQkI3c0s3S2c1UWRjci9vS3V1Z0pFSVdHVXZHS2I5STVvRm9sMFg3MldFdjF2UlYxOWU5SU8ybFNKSlZYTWlUK2ljclZpZndqNXhTYWhvcVh6MlA5d3gzcHkvcUczWjZ5aDdvNjlDQ0EvV2hCSENjZkpucXh3S05jM2RrNmhZM3kvODRiUllOdWtSNk5aOHZ2QXdBOTZYY013TE9CTG1nZGpNYXlTNkxwa3AwZ2hGV2g2N3drc3dZdWZITnU5VDBvQm9SQVJlNWhJci81WkIvVW1VUDR1TUZ5V2VZbVNIT3Z0eER2K3J3RThXcTNLM3MzOUZRQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
635797
content-length
0
expires
0
/
www.google.com/pagead/1p-user-list/693528767/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693528767/?random=1666431439515&cv=9&fst=1666429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=1006529506&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693528767/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693528767/?random=1666431439515&cv=9&fst=1666429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=1006529506&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1419346/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1419346/trc/3/json?tim=1666431439634&data=%7B%22id%22%3A341%2C%22ii%22%3A%22%2Fz%2Faff_special20.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666431439630%2C%22cv%22%3A%2220221013-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkendago-pineapple-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666431439634%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b46b0ccd72404899097822de989a8da2716c36959ba02b989f7f3e4c7ad9712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn4060-HHN
server
nginx
x-timer
S1666431440.662736,VS0,VE22
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
56270944
www.clarity.ms/tag/uet/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/56270944
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/56270944.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
841d168b2c0883a7e31254097260a74c0770b9a66ffc03fd90e809ec29589d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 22 Oct 2022 09:37:19 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0z7lTYwAAAAChGvUxxTOxS4IZCBVEhf5dRlJBMjMxMDUwNDE5MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
main.Mi4wLjAuNTlfMA.js
analytics.tiktok.com/i18n/pixel/static/ 		210 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTlfMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C354507G09FC36CGKGPG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0932ffdb353b42578e9cc168b616bd03d80c2946cfe769c275f64e8747afc55f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
152ba6a1
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202210201300004C7212EED70B0B56D1ED
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015cd8173f5f5a3555210b7fd89152ff4a11706a24bc362e2cc802911ae512783275d26b33ec12276bc930dee4443c1d5c6de7cfa3f0a8c06b18c9202bf4a626ae245774655f430d0558c22a1ede930b7c
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
61815
/
www.google.com/pagead/1p-user-list/332385166/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/332385166/?random=1666431439518&cv=9&fst=1666429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=3001151023&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/332385166/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/332385166/?random=1666431439518&cv=9&fst=1666429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=3001151023&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.Mi4wLjAuNTlfMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		222 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTlfMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C91R3HSS1AB7D64TQ1S0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
53bc31217d7d597e9e0298d513f6ef532c9aded264aa6e0d66e22f32cb60b557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
152ba6ad
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202210201300004AB90BF978ED7A4E04D6
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015d0db9a4922f3fa1abcdf3f6abf8ea8081bb79a1ee9c288603d18cbadc04110a445c93da876c08013bdaaffa5d6072bbe133861024f9e4f9a13fc84c45c0488a7c924db8a1829cf13e97267b1b898925
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
63983
/
www.google.com/pagead/1p-user-list/693528767/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693528767/?random=1666431439517&cv=9&fst=1666429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=1792012636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693528767/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693528767/?random=1666431439517&cv=9&fst=1666429200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=1792012636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify_a1d3b.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_a1d3b.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTlfMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id
152ba706
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20221020130000367262280DF29B283C74
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01589f032d856eca0d22338700e0b58f2d7ce71fd71edd733348a1911d5dabe46a6c80c109eb6bb6a87948e3eb735a890b5ea015a8c9c8c3a2337fdd8136f4803b5071723e14770183f6875be5ae5acd0e
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30849
pixel
analytics.tiktok.com/api/v2/ 		0
686 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTlfMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2d3da6aa.152ba7c4
date
Sat, 22 Oct 2022 09:37:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
109,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=15, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022102209371929AED4BAA993B217475E
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.220.104.8
x-tt-trace-host
01f7661108ed1e49070c4ee22c7183aa30a8fa1aed5faa664fe5142fec0d4423e7bf8582f7aa9cc977179bc3f9ee64435d8026f09d1c211600076195c93c2c14f7ce943691d578aad57daee4341cb13e8ac8bcf1258519f6bdc9e8f009d5f72cd7
expires
Sat, 22 Oct 2022 09:37:19 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
689 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTlfMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
420a8909.152ba7c6
date
Sat, 22 Oct 2022 09:37:19 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time
136,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=54, inner; dur=44
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221022093719FD83045029C7CC12535D
x-cache-remote
TCP_MISS from a23-39-229-31.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
54,23.39.229.31
x-tt-trace-host
01f7661108ed1e49070c4ee22c7183aa30cc4f94c5bcdff2e8bd0e64b07e9e6e6d31043d06f9db38bf4d0af1f70861147600ba5e7ad35b9eaab705469bc6e80306f702191b9785d925cc5aa99c4a27f7eafa4587afdd2f7300c71ae5e6dfaf74e5
expires
Sat, 22 Oct 2022 09:37:19 GMT
unip
trc.taboola.com/1419346/log/3/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1419346/log/3/unip?en=view_content&tim=1666431439637&vi=1666431439630&ri=10a52b74468704d89fccb4253aae29a0&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&tos=144&ssd=1&scd=100&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
via
1.1 varnish
x-served-by
cache-hhn4060-HHN
server
nginx
x-timer
S1666431440.779290,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://floraspring.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=875470023133343&ev=PageView&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&rl=&if=false&ts=1666431439789&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666431439788.837418783&it=1666431439580&coo=false&eid=1666432187416_16664319768601&rqm=GET
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Oct 2022 09:37:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/eus-e/s/0.6.43/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-e/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56270944
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
"1d8e50224f25c4c"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
x-azure-ref
0z7lTYwAAAABlz1QI+cObTIAW4bgdvqVwRlJBMjMxMDUwNDE5MDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=77723&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA...
  • https://widget.us.criteo.com/event?a=77723&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=77723&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA5Zzd3dEduVGVtakZGbXFyJTJGWmIlMkJ5N05IRzNIQVhkQ1Z6RXNZOTJrNW9nazM4aUNCNnVFbW1WMW0lMkZaZnZ6Mm5LMkE2dlR0MkxxN2FKZnNtJTJGZXBIMExEY1dKWmY2ZyUzRCUzRA&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1102%2526s1%253Dgvflr4aepfot21090003asjtl206%2526s2%253D6289531%2526s3%253Dh3%2526s4%253D%2526o%253D83%2526r%253D60110898%2526cr%253D274%2526campid%253D6819%2526utm_medium%253D1102%2526utm_source%253Dgvflr4aepfot21090003asjtl206&dtycbr=90890
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Server
2620:100:a001::17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f6a768cf1f4f821b9d9df7974ec0d80a16de90610134e3acf04f6a586c2f1f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
21594510
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.us.criteo.com/event?a=77723&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA5Zzd3dEduVGVtakZGbXFyJTJGWmIlMkJ5N05IRzNIQVhkQ1Z6RXNZOTJrNW9nazM4aUNCNnVFbW1WMW0lMkZaZnZ6Mm5LMkE2dlR0MkxxN2FKZnNtJTJGZXBIMExEY1dKWmY2ZyUzRCUzRA&tld=floraspring.com&fu=https%253A%252F%252Ffloraspring.com%252Fz%252Faff_special20.php%253Fa%253D1102%2526s1%253Dgvflr4aepfot21090003asjtl206%2526s2%253D6289531%2526s3%253Dh3%2526s4%253D%2526o%253D83%2526r%253D60110898%2526cr%253D274%2526campid%253D6819%2526utm_medium%253D1102%2526utm_source%253Dgvflr4aepfot21090003asjtl206&dtycbr=90890
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8272569
timing-allow-origin
*
content-length
0
expires
0
sp.pl
sp.analytics.yahoo.com/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2022%20Oct%202022%2009%3A37%3A19%20GMT&n=0&b=Free%20Video%20-%20Limited%20Time%20Only!&.yp=10135825&f=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sat, 22 Oct 2022 09:37:19 GMT
collect
l.clarity.ms/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-e/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://floraspring.com
date
Sat, 22 Oct 2022 09:37:19 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
player-dash-mse.min.js
quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/ 		2 MB
572 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/player-dash-mse.min.js?hash=jidambiul
Requested by
Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/OvEB6FVZrV20oq_j/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
26f42b365e4b1b207112b67ecdb4d7922240f839aed9a52d31635e11cedeb478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
content-encoding
gzip
x-cdn
4
x-guploader-uploadid
ADPycdtRh3n58Oq_rNRe_ynBJncGMR-NnHOhP6kOg-8pt07td8QFYO9OYCSCs3x5SWvEAJ0uzv98g1TI-BnWFuccGNEdWw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Fri, 07 Oct 2022 12:14:29 GMT
server
UploadServer
etag
"41d045dd4915ed5c6e76e8ebbae0be3b"
x-goog-generation
1665144869430557
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Zb+mZg==, md5=QdBF3UkV7VxudujruuC+Ow==
access-control-expose-headers
Content-Type, x-hw, server, x-cdn, x-cdn-info
cache-control
public, max-age=300, s-maxage=2592000
x-hw
1666431440.cds279.fr8.hn,1666431440.cds279.fr8.hc,1666431440.cds259.fr8.c,1666431440.cds279.fr8.sl
x-goog-stored-content-length
502557
accept-ranges
bytes
init
tr.snapchat.com/ 		126 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=cb973317-d0e8-4273-8280-d0607692ae5c
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
7cb0be351287c5401cdf58a448cb878b8a0c7c3c8da267f4fdfef3d271ad3b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://floraspring.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
is_enabled
tr.snapchat.com/collector/ 		79 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=cb973317-d0e8-4273-8280-d0607692ae5c&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6bc04cf09f9d87d0b8035912f983a190bff9f70fde3c04a475279867bad9019f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://floraspring.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=39487C4DC01C473CB5B6E11F18F76D52&RedC=c.clarity.ms&MXFR=27416195797E6AAB14CC73D07D7E6438
  • https://c.clarity.ms/c.gif?CtsSyncId=39487C4DC01C473CB5B6E11F18F76D52&MUID=331D99ECF2B7632523E58BA9F31B6236
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=39487C4DC01C473CB5B6E11F18F76D52&MUID=331D99ECF2B7632523E58BA9F31B6236
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:20 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4EFA964C82E246BA9A63386285835E94 Ref B: FRA31EDGE0111 Ref C: 2022-10-22T09:37:20Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=39487C4DC01C473CB5B6E11F18F76D52&MUID=331D99ECF2B7632523E58BA9F31B6236
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
i
tr.snapchat.com/cm/ Frame 06DF 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=cb973317-d0e8-4273-8280-d0607692ae5c&u_scsid=ea10e380-b470-4599-ab63-68ec98079045&u_sclid=eb798d5e-ae44-47b1-9884-38edb70c40d6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://floraspring.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 22 Oct 2022 09:37:20 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
sync
x.bidswitch.net/ul_cb/ Frame 3530
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30
Protocol
HTTP/1.1
Server
18.194.110.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-110-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-WpYAY95QYABSB2eB79LIJgAEArrZKM22wvS4Wg&expires=30
Date
Sat, 22 Oct 2022 09:37:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3530
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0WihcN5QYABSB2eB79LIJgAEAroe3rpxR2MUeg&google_cm&google_hm=ay0wV2loY041UVlBQlNCMmVCNzlMSUpnQUVBcm9lM3Jwe...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0WihcN5QYABSB2eB79LIJgAEAroe3rpxR2MUeg&google_gid=CAESEDPTBCzzxSPM5u7Bw5VbXEE&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0WihcN5QYABSB2eB79LIJgAEAroe3rpxR2MUeg&google_gid=CAESEDPTBCzzxSPM5u7Bw5VbXEE&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
724011
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0WihcN5QYABSB2eB79LIJgAEAroe3rpxR2MUeg&google_gid=CAESEDPTBCzzxSPM5u7Bw5VbXEE&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3530
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5873993002519019102
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5873993002519019102
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2383302
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 09:37:20 GMT
AN-X-Request-Uuid
94090350-6828-4e0a-8565-bf54a33b4001
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5873993002519019102
Connection
keep-alive
X-Proxy-Origin
81.95.5.43; 81.95.5.43; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame 3530
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h-p5_N5QYABSB2eB79LIJgAEArqU1YWquBBYEQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h-p5_N5QYABSB2eB79LIJgAEArqU1YWquBBYEQ&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-h-p5_N5QYABSB2eB79LIJgAEArqU1YWquBBYEQ&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 09:37:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 09:37:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-h-p5_N5QYABSB2eB79LIJgAEArqU1YWquBBYEQ&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
match
ad.360yield.com/ul_cb/ Frame 3530
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CJ_bg95QYABSB2eB79LIJgAEArpEh5IMh0ATjQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CJ_bg95QYABSB2eB79LIJgAEArpEh5IMh0ATjQ
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CJ_bg95QYABSB2eB79LIJgAEArpEh5IMh0ATjQ
Protocol
H2
Server
54.155.65.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 09:37:20 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CJ_bg95QYABSB2eB79LIJgAEArpEh5IMh0ATjQ
date
Sat, 22 Oct 2022 09:37:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame 3530 		45 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-f5DrvN5QYABSB2eB79LIJgAEArpMYOEjQbAKrA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 22 Oct 2022 09:37:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sat, 22 Oct 2022 09:37:20 GMT
push
exchange.mediavine.com/usersync/ Frame 3530 		0
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-nc-MTN5QYABSB2eB79LIJgAEArqRb5j80Tt0lw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.54.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-54-154.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 3530 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-2QqoI95QYABSB2eB79LIJgAEArrn7qk_IcvyEg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 22 Oct 2022 09:37:20 GMT
Cache-Control
no-cache
X-TraceId
6c052a47a4bd74c32e1d3927bcb3c721
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3530 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-BW54qt5QYABSB2eB79LIJgAEArqWZpoWdEwb9g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 22 Oct 2022 09:37:19 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame 3530 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-8vrFlt5QYABSB2eB79LIJgAEArr5F9ChSH9lgw&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 3530 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-vFlmad5QYABSB2eB79LIJgAEArrizKr6aTzEoQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.80.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-80-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 3530 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-yItMGt5QYABSB2eB79LIJgAEArrgB0zEVbxN7w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3530 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-9OnNRt5QYABSB2eB79LIJgAEArogw6IVxFrxFQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12661
um
criteo-sync.teads.tv/ Frame 3530 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-7IRf2d5QYABSB2eB79LIJgAEArpQ-WWeSrkFHA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Sat, 22 Oct 2022 09:37:20 GMT
pragma
no-cache
date
Sat, 22 Oct 2022 09:37:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 3530 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-XozQUN5QYABSB2eB79LIJgAEArqeuZ8mjseCtQ&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3530 		0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-UoPPcd5QYABSB2eB79LIJgAEArrzvo-awhuTog
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 3530 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ENUXy95QYABSB2eB79LIJgAEAro-4cK-Cl6G8Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
last-modified
Fri, 07 Feb 2020 08:03:00 GMT
server
nginx
accept-ranges
bytes
etag
"5e3d19b4-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 3530 		49 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-MooYFd5QYABSB2eB79LIJgAEArrZPNmZ0cOd6A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:20 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
19
content-length
49
expires
0
demconf.jpg
dpm.demdex.net/ Frame 3530
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=S-u0mtvm31BBKejlK6dVsDEv6-gLH4Mb
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=S-u0mtvm31BBKejlK6dVsDEv6-gLH4Mb
42 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=S-u0mtvm31BBKejlK6dVsDEv6-gLH4Mb
Protocol
HTTP/1.1
Server
54.205.127.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-127-85.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v043-07429bd48.edge-va6.demdex.com 11 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gXb1PZI8QH8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v043-0ec81ad9b.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dAi7af6KS+0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=S-u0mtvm31BBKejlK6dVsDEv6-gLH4Mb
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 3530 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-TRz5ct5QYABSB2eB79LIJgAEAroECwCeEsfawQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 22 Oct 2022 09:37:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
sync
matching.ivitrack.com/ Frame 3530 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-sS71Yd5QYABSB2eB79LIJgAEArpSc7wDTjxS1Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:19 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
criteo-partners.tremorhub.com/ Frame 3530 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-A8_bjd5QYABSB2eB79LIJgAEArrt5oIMIdc8Cg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5bf8:c9ae:fc1e:511b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 22 Oct 2022 09:37:20 GMT
server
Apache-Coyote/1.1
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 3530 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-TycM7t5QYABSB2eB79LIJgAEArr3BisNISEPbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 09:37:20 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 3530 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-MkxK_t5QYABSB2eB79LIJgAEAro9NAgZ9cGeCA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Oct 2022 09:37:20 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 21 Oct 2022 09:37:20 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 3530 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-3v3ROd5QYABSB2eB79LIJgAEAroHYxNGYRDyog&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.162.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 22 Oct 2022 09:37:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
p
tr.snapchat.com/ 		68 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?trackId=f70d6cce-85d0-4350-b2ec-bb7ea564ca10&pid=cb973317-d0e8-4273-8280-d0607692ae5c&ev=PAGE_VIEW&pl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&ts=1666431440250&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=2250&m_rd=2988&m_pi=2308.5999999046326&m_dcl=2309.699999809265&m_fcps=2116.5&m_pl=2966.699999809265&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=2d1bff74-e465-4f98-96ec-197cbd57cb01&u_scsid=ea10e380-b470-4599-ab63-68ec98079045&u_sclid=eb798d5e-ae44-47b1-9884-38edb70c40d6&s_r_ids=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
awesome-log
stats.vidalytics.com/ 		43 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/awesome-log?cid=KwmJQD4K
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
server
istio-envoy
etag
"KwmJQD4K/Hgg5c7Jb7QHeyNZo"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
12
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
licensing
analytics-ingress-global.bitmovin.com/ 		117 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
licensing
licensing.bitmovin.com/ 		165 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
165
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:20 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
stream.mpd
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/stream.mpd
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b552c41452c73a75231ffb2bc6d7e14a6182e0d1e1800f68753e8f6d6e67ed50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
x-cdn
4
age
1441
x-guploader-uploadid
ADPycduO5H6LCzgHGSIiYmpBqTS38NiRqLoHhlGRH8l8L7zxeQ0A_JCHro4J0ZMlYZfBdDnlw4tbsiykTGScCWeKmQo4YQdF0D9x
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5841
last-modified
Wed, 11 May 2022 17:52:17 GMT
server
UploadServer
etag
"18e6a25085dceb81070af1b56735493a"
x-goog-generation
1652291537378848
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-hash
crc32c=LRUdAw==, md5=GOaiUIXc64EHCvG1ZzVJOg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431441.cds279.fr8.hn,1666431441.cds238.fr8.c
x-goog-stored-content-length
5841
accept-ranges
bytes
usermatch.gif
beacon.krxd.net/ Frame 3530
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0GFQI25IcgBQ8xHECfD3Yd8PommmBA4w
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0GFQI25IcgBQ8xHECfD3Yd8PommmBA4w
Protocol
H2
Server
52.213.108.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-108-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Sat, 22 Oct 2022 09:37:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1666431440
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0GFQI25IcgBQ8xHECfD3Yd8PommmBA4w
date
Sat, 22 Oct 2022 09:37:20 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1152837
content-length
0
cs
s.thebrighttag.com/ Frame 3530
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=82AAuugf2ApsFl5ePKMlU9PfjwwumEB2
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=82AAuugf2ApsFl5ePKMlU9PfjwwumEB2
Protocol
H2
Server
3.141.157.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-157-49.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:21 GMT
x-bt-requestid
207d1241-51ed-11ed-bbeb-0000ac17012b
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=82AAuugf2ApsFl5ePKMlU9PfjwwumEB2
date
Sat, 22 Oct 2022 09:37:20 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
2760123
content-length
0
scribe
stats.vidalytics.com/ 		16 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 09:37:21 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
16
access-control-allow-methods
POST,OPTIONS
content-type
application/json
truncated
/ 		696 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
init.mp4
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/480x270_h264_157500/ 		671 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/480x270_h264_157500/init.mp4
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
edd7d8d4427a3d17e311a9463909736ff7cad6ca819bda82d2e540a9d082c061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
x-cdn
4
x-guploader-uploadid
ADPycdv8pQ8QWquVYfQMpsb5MtCg_-FMEsvgUvoA8VRTJmsqTM2Vkyxd1ZXZjNU-jprHOcZ5nxxnPmKVKbJOcDxV9pYDbg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
671
last-modified
Wed, 11 May 2022 17:43:02 GMT
server
UploadServer
etag
"1c8513710770e3f735fbbc36dc1c415b"
x-goog-generation
1652290982025580
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=V5g6pw==, md5=HIUTcQdw4/c1+7w23BxBWw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431441.cds279.fr8.hn,1666431441.cds160.fr8.c
x-goog-stored-content-length
671
accept-ranges
bytes
init.mp4
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		606 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/init.mp4
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
x-cdn
4
age
1005
x-guploader-uploadid
ADPycdt68L2mL-g02dKahGEU6AEINynPbiocOAQHTNyHfFJNwt05s4xq669DZkbdUVeugG2NvjWIPoXP9viOcLrQsxu7mg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
last-modified
Wed, 11 May 2022 17:44:00 GMT
server
UploadServer
etag
"af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation
1652291040020148
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431441.cds279.fr8.hn,1666431441.cds262.fr8.c
x-goog-stored-content-length
606
accept-ranges
bytes
collect
l.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-e/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://floraspring.com
date
Sat, 22 Oct 2022 09:37:20 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
scribe
stats.vidalytics.com/ 		16 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 09:37:21 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
16
access-control-allow-methods
POST,OPTIONS
content-type
application/json
unip
trc-events.taboola.com/1419346/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1419346/log/3/unip?en=pre_d_eng_tb&tos=1629&scd=100&ssd=1&est=1666431439632&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666431441261&vi=1666431439630&ri=10a52b74468704d89fccb4253aae29a0&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://floraspring.com
pragma
no-cache
date
Sat, 22 Oct 2022 09:37:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=875470023133343&ev=Microdata&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&rl=&if=false&ts=1666431441291&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Free%20Video%20-%20Limited%20Time%20Only!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40type%22%3A%22VideoObject%22%2C%22name%22%3A%22RP_FS_VSL%20%20Crypton%20Intro_%20Chuck%20Story_050722_1061_seconds%22%2C%22description%22%3A%22RP_FS_VSL%20%20Crypton%20Intro_%20Chuck%20Story_050722_1061_seconds%22%2C%22uploadDate%22%3A%222022-05-11T17%3A38%3A59%2B00%3A00%22%2C%22duration%22%3A%22PT46M%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fquick.vidalytics.com%2Fvideo%2FKwmJQD4K%2F_alt1Cu7sIZOiLky%2F65184%2F55860%2Fthumb%2Fthumbnail-5_0.png%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206%22%7D%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666431439788.837418783&it=1666431439580&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 22 Oct 2022 09:37:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
s_0.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/480x270_h264_157500/ 		76 KB
76 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/480x270_h264_157500/s_0.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b2fa29489b561be3a3defc0e58cb24eb46b3d4c890dc48d22215887333a31caa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
x-cdn
4
age
0
x-guploader-uploadid
ADPycdtI3VFUUgkQLwrGad5RDwaVwJEI2nBJnkqhlcVVlXfRiW5yydGWM8KfPV9LFP9qcHHs2eG0shXF6TF4PTdCCm-EB-Gb2bG9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77820
last-modified
Wed, 11 May 2022 17:43:02 GMT
server
UploadServer
etag
"3c7b98fe85345a38a1f22c5b0b62d374"
x-goog-generation
1652290982259178
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=axq02g==, md5=PHuY/oU0Wjih8ixbC2LTdA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431441.cds279.fr8.hn,1666431441.cds129.fr8.c
x-goog-stored-content-length
77820
accept-ranges
bytes
s_0.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_0.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5ed5ee7d2f88513a21b105e38900681e30de2b40d2ff5d97d20b14bde1f2a87b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
x-cdn
4
x-guploader-uploadid
ADPycduPe94dvwf74ztEh6OZzrMaag7FXNQPBvEre4Pb67ga3m30Y976tvtcLclvvxidgripD0lrTjVZ8kJWh1NvVPT7LyXGDskT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48229
last-modified
Wed, 11 May 2022 17:44:00 GMT
server
UploadServer
etag
"135b54826bb6e72afeb944dfac225f94"
x-goog-generation
1652291040227519
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=FWC8tw==, md5=E1tUgmu25yr+uUTfrCJflA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431441.cds279.fr8.hn,1666431441.cds220.fr8.c
x-goog-stored-content-length
48229
accept-ranges
bytes
s_1.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_1.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9d7daba2671a1cb3aa750ea2636543b44a0ced52c7a87608ac6a6b9b4341716d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:22 GMT
x-cdn
4
age
950
x-guploader-uploadid
ADPycdt9q_PYmiBGIvUUMJHSKnNTsYJKvHZxHpCyW9SOdHIrtzzzHtSRv7Iz743nRe1UHF7EOTgV9RE1_f43PaixI764kaiS7DdG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47809
last-modified
Wed, 11 May 2022 17:44:00 GMT
server
UploadServer
etag
"c786954026d6c2817d26bf16b8667ecb"
x-goog-generation
1652291040318459
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=HZAPjw==, md5=x4aVQCbWwoF9Jr8WuGZ+yw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431442.cds279.fr8.hn,1666431442.cds217.fr8.c
x-goog-stored-content-length
47809
accept-ranges
bytes
impression
licensing.bitmovin.com/ 		0
13 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://licensing.bitmovin.com/impression
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 09:37:22 GMT
via
1.1 google
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:21 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:22 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
init.mp4
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		672 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/init.mp4
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
71d7577a1e8ec552b7408e07fb6fb88216d05b9b810514f2a6c297be85c711b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:22 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtnRiCDb1N7PoRtzYc9Ukg1fmtxkp0Z9wvVqg5SuAcTnH1HDoTfAz7Dxx7pW0FXjYB_s74uT1nj6LdBpDded69JxbJS9hGY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
672
last-modified
Wed, 11 May 2022 17:43:03 GMT
server
UploadServer
etag
"de0beafa3fb2e7422536c42656474052"
x-goog-generation
1652290982942256
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=adaXuw==, md5=3gvq+j+y50IlNsQmVkdAUg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431442.cds279.fr8.hn,1666431442.cds286.fr8.c
x-goog-stored-content-length
672
accept-ranges
bytes
s_1.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_1.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
34e8b99a2574c4748d63c313657e192faaf6be39a42d38868f0d2eb8c5e8a374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:23 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsw0X5UkS73TTSDgEfw0c9liOTuAQjBWPcI-GRqwOWjIviDsrU3bnEvUbgtW7oiOtB-Ts7o8Q0i6DJbdpmyFzJPylPMZiNQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1526716
last-modified
Wed, 11 May 2022 17:42:41 GMT
server
UploadServer
etag
"d4cd0af847817be6dc0330817a585c7e"
x-goog-generation
1652290961682672
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=7deM4A==, md5=1M0K+EeBe+bcAzCBelhcfg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431443.cds279.fr8.hn,1666431443.cds219.fr8.c
x-goog-stored-content-length
1526716
accept-ranges
bytes
s_2.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_2.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b8da56041e89fd42f694e6adeeeeb1dec747002cb2df3a1b110ba0f842dcb1b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:23 GMT
x-cdn
4
age
998
x-guploader-uploadid
ADPycdvN6B7yB-IZE-fzsC2r8jVqW6HhKChKzNuekzlrWa3TUrvJK_tKYRaDctUBv9CMC9eTnJjBOIrJFIjlW5Y3Q17xRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47444
last-modified
Wed, 11 May 2022 17:44:00 GMT
server
UploadServer
etag
"027f5e63597d0cd34bd866926e28682c"
x-goog-generation
1652291040519076
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=OsyoNQ==, md5=An9eY1l9DNNL2GaSbihoLA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431443.cds279.fr8.hn,1666431443.cds275.fr8.c
x-goog-stored-content-length
47444
accept-ranges
bytes
s_2.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_2.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ba014cd60f64ed0c76bde747b1cb6c8e82e809bf3330cd8b73885f50e170df39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:23 GMT
x-cdn
4
x-guploader-uploadid
ADPycdt3cbz1wz-bAeuYcpOoV96lWC3XtTv860Inj2o8z89fk_LW01lWZ7W24_sDGySNksVHK2bKOBxjoVs8NPX4eClRmQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1510441
last-modified
Wed, 11 May 2022 17:43:02 GMT
server
UploadServer
etag
"eeb7a95ca685531ee41cb81ccc7be919"
x-goog-generation
1652290982825996
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=g1UT4w==, md5=7repXKaFUx7kHLgczHvpGQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431443.cds279.fr8.hn,1666431443.cds131.fr8.c
x-goog-stored-content-length
1510441
accept-ranges
bytes
s_3.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_3.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0258a5a4c0ef9a9fb39ed3ea40c13ac2d47e3c7609045023158ee31233e1aaa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
997
x-guploader-uploadid
ADPycdvJeWMJC-02MQKKfS4lpqL11f_3BfRvHtK5LdeDIyK4nSOszMHTGlt6VR9iTDiBrF_Kn3jmqVKx1PkyQmKhya2BIA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47632
last-modified
Wed, 11 May 2022 17:44:00 GMT
server
UploadServer
etag
"e83b84a3e3d924d37ecac841a8053733"
x-goog-generation
1652291040649159
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=KzxaJw==, md5=6DuEo+PZJNN+yshBqAU3Mw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds240.fr8.c
x-goog-stored-content-length
47632
accept-ranges
bytes
s_3.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_3.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
efc301d09208db103d96a40b70934b55ff649ca91802415fe18542deb2465a49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdvxBMlKhTpSZ-q1gNI5jfqWXRC1f6dDJyVOEosXTdfrw2NkyuBTJknw46c2b0vu3unzaezmdnb_DAAt2xq1lfw5rA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1558281
last-modified
Wed, 11 May 2022 17:42:56 GMT
server
UploadServer
etag
"32dc0f2b35fccab293d3b48e4ebfab5f"
x-goog-generation
1652290976469524
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=Z1e0ig==, md5=MtwPKzX8yrKT07SOTr+rXw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds220.fr8.c
x-goog-stored-content-length
1558281
accept-ranges
bytes
s_4.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_4.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e42f6b33db242867f2607350ea7b8804f4cf55e0fa6c677ebf11ee3cf92a9e4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
997
x-guploader-uploadid
ADPycdtf7BaMVemxtpO9a9hkEBoqOvJtz7pcQwhSc77FbPQaLhfLO4eQk5MGkaF3kyjPiLqT6tn3xXZGQ5pzB0DIXdUIhu6dx-qf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47559
last-modified
Wed, 11 May 2022 17:44:00 GMT
server
UploadServer
etag
"52254416c3e8d1bb3d82d6c38ade92aa"
x-goog-generation
1652291040844801
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=nOl6lw==, md5=UiVEFsPo0bs9gtbDit6Sqg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds274.fr8.c
x-goog-stored-content-length
47559
accept-ranges
bytes
s_4.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_4.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0fb819ab3895940a9f1f009d6413723d7666f84195c09b2485c9a750b627e081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtoBf00tVgr3i8dZMbwTicerlHQ1pKkDW51QSS30WU0xKZElp3Oy8DULyMxHZZkWXV1khThoS43SR9uOL8drINS6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1562742
last-modified
Wed, 11 May 2022 17:43:04 GMT
server
UploadServer
etag
"785a88136c6985f90a907c2af61006ce"
x-goog-generation
1652290984040489
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=Z74A5A==, md5=eFqIE2xphfkKkHwq9hAGzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds154.fr8.c
x-goog-stored-content-length
1562742
accept-ranges
bytes
s_5.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_5.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ff4b1286e2e445c650dc2d3e315c4294511b9a66de21dfa073d766adee740343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
995
x-guploader-uploadid
ADPycdvISuS9tgGMfZkEcM44YffLu9SU7PrmGDq9xBVR6cS4sjJ0nk6yYkwlu6I5UgIhcXi-RIIf6O1Yc-qjSiP1Olxwo7rPaFuP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47774
last-modified
Wed, 11 May 2022 17:44:01 GMT
server
UploadServer
etag
"69a3db45d573c7234179eadc2a8b883d"
x-goog-generation
1652291041016182
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=ABxFgA==, md5=aaPbRdVzxyNBeercKouIPQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds103.fr8.c
x-goog-stored-content-length
47774
accept-ranges
bytes
s_5.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_5.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
05669f6021b27b1343d566e296264c8311dc89fb5199de61b983d59d97c13d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdvJrKU-Lb8LJ481HPREuu6iXdEj-GrTkRIduiw30ogMnrjXtPMNWjYx2E9OJ_Yb7HmU1O_wkfr3T0WPSswKoxKq
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1492124
last-modified
Wed, 11 May 2022 17:43:03 GMT
server
UploadServer
etag
"5326ae272f5f3503145bb5f0cb3b3dd9"
x-goog-generation
1652290983209073
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=ynZyRA==, md5=UyauJy9fNQMUW7Xwyzs92Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds283.fr8.c
x-goog-stored-content-length
1492124
accept-ranges
bytes
unip
trc-events.taboola.com/1419346/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1419346/log/3/unip?en=pre_d_eng_tb&tos=4630&scd=100&ssd=1&est=1666431439632&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1666431444262&vi=1666431439630&ri=10a52b74468704d89fccb4253aae29a0&ref=null&cv=20221013-3-RELEASE&item-url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://floraspring.com
pragma
no-cache
date
Sat, 22 Oct 2022 09:37:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
s_6.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_6.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7bd06558684581b5c99aab47ebeea622a7eeb4d12db214fdde14985d44f74337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
997
x-guploader-uploadid
ADPycdtFIEdS4IxiKjbDB5M2AhOXeT9A_3iNGvccxCMRtODRRK2WJh0XgxbXV1m8uiprkwnWTjVi_M_LszxbdVyljh7qg3k36iGB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47367
last-modified
Wed, 11 May 2022 17:44:01 GMT
server
UploadServer
etag
"d92db29fa571ce2aad9c31b8cb99d7c6"
x-goog-generation
1652291041156499
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=VsCUXQ==, md5=2S2yn6VxziqtnDG4y5nXxg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds282.fr8.c
x-goog-stored-content-length
47367
accept-ranges
bytes
s_6.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_6.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c562af82db9d8b080006ab0e148911d6e06a7538d537fe0ada31d98408144a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdufBhnIO6owRDUgAmy57yveVrN4c0oqYG6E_N0wMlDnm3ajASPqmrIOqp1-sqnCtrmKDQVoTuExfbQOms75xzscZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522670
last-modified
Wed, 11 May 2022 17:43:16 GMT
server
UploadServer
etag
"726af5b7ff804d29fff63df0df6bc45a"
x-goog-generation
1652290995993464
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=g6xhWw==, md5=cmr1t/+ATSn/9j3w32vEWg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds242.fr8.c
x-goog-stored-content-length
1522670
accept-ranges
bytes
s_7.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_7.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a34be781aa9311e3c5703d709bcc2acf352b080a90c7930ba50f3601521394d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
996
x-guploader-uploadid
ADPycdsAiFhhhr7I_MBsAIVAE9UHTvTnoDH1czWbjH9dywVL4HEPFUJx1q9ycIlJy6jPeVHvoGmEPsrsWFmcfVoKeBJHaKszkQPC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47785
last-modified
Wed, 11 May 2022 17:44:01 GMT
server
UploadServer
etag
"ea0b153395311de898b4719520e0562f"
x-goog-generation
1652291041316804
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=loJ3Uw==, md5=6gsVM5UxHeiYtHGVIOBWLw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds235.fr8.c
x-goog-stored-content-length
47785
accept-ranges
bytes
s_7.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_7.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9cb6ed30b251e4b97ed3f8ed4cab5e913db702397d49c44387cbf61a5bd1aa47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdvnLjSXh-2zdBgdhjj59T-7QGZGxqfAAgOKCEom8KidRz6OlfgKSihRaiuW7NLq1HDuN-z96t7CHTMCG8bXVeuIL4i4PVFu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1477992
last-modified
Wed, 11 May 2022 17:43:17 GMT
server
UploadServer
etag
"a117edb40d163749f6d1a5103f774849"
x-goog-generation
1652290997110936
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=cZhg5g==, md5=oRfttA0WN0n20aUQP3dISQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds276.fr8.c
x-goog-stored-content-length
1477992
accept-ranges
bytes
s_8.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_8.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cfabe42281ed2f09322871a326b54dace5174cdb28264838d90df52cc7e5e79b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
997
x-guploader-uploadid
ADPycdvzhrsOT20LYBeftNs_UKHN9n7BgdsitNVSIZJKMG4JFEItMY6RIGzgJwYiDAuGerOwahwhcZSCbq4aT05J1G0WtoiFkz0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47445
last-modified
Wed, 11 May 2022 17:44:01 GMT
server
UploadServer
etag
"d71ce9fba6a6b5b9ec0d7e1c6c8e03a9"
x-goog-generation
1652291041501219
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=0eyPmQ==, md5=1xzp+6amtbnsDX4cbI4DqQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds166.fr8.c
x-goog-stored-content-length
47445
accept-ranges
bytes
s_8.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_8.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bb1727e928e3d066824a2329c7ed02c04e08d37d1484adb237a70f2440675ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtfD6yws-cSpMnG3nwXxn2Q9IsDXN5DqySi_TFBR2-AuJVR9hIs4ZFnM3c_1eHISoeNagj1XKGW_QMI1fujezqIJw4DaAqf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1515519
last-modified
Wed, 11 May 2022 17:43:17 GMT
server
UploadServer
etag
"1b8489390166b0c6ede357bb9603850a"
x-goog-generation
1652290997648034
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=Z4f7nw==, md5=G4SJOQFmsMbt41e7lgOFCg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds203.fr8.c
x-goog-stored-content-length
1515519
accept-ranges
bytes
s_9.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_9.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3de72f5e8a70a2b35ecc16f84c129ade0bfc2f0988062c8c80565f407f71a3af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
age
995
x-guploader-uploadid
ADPycdvdMD35HF6Bngjaw0U0LX-X1hpILVxKt9p7G8TIbkGvtzKDD5DXPpq_Tn25lyh08fcVWKGGqBq-6ASw8WNubW23QQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
last-modified
Wed, 11 May 2022 17:44:01 GMT
server
UploadServer
etag
"2d6fce07985004e8a1f629229072961a"
x-goog-generation
1652291041653572
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=PAfcGQ==, md5=LW/OB5hQBOih9ikikHKWGg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds245.fr8.c
x-goog-stored-content-length
47676
accept-ranges
bytes
s_9.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_9.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e4b2151214890e0a7ac5efa36484785c03d4248700f9fca82f03878b06cb9943

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdu1C1DWq_jg0zjV1M1tlOemEQRbmRT0mTBirdNs1cScZq7Ijl-BJb43oBl35jttdnEUHPHMdNlfFa9XTjucTD9ViA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1527327
last-modified
Wed, 11 May 2022 17:43:15 GMT
server
UploadServer
etag
"0783aa90ee132dbce02aedece1be7693"
x-goog-generation
1652290995479833
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=lH8BfQ==, md5=B4OqkO4TLbzgKu3s4b52kw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds207.fr8.c
x-goog-stored-content-length
1527327
accept-ranges
bytes
s_10.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_10.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7218678bd6af304a3e66df37b924fa34d332037f7e789c3f1b4ce9d26ef196fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycdve66QPaViJI1Sfbn_v_uYMfsIF2o2WCn6CqdBFjetVrD_XI5klLYqueKOJyFAlXvKbZJKsh4EOw3kALyNlyGjN4ave_Apg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47511
last-modified
Wed, 11 May 2022 17:44:01 GMT
server
UploadServer
etag
"5d9daf571947cb12600ffe8f1dfc1312"
x-goog-generation
1652291041828067
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=sCXLiA==, md5=XZ2vVxlHyxJgD/6PHfwTEg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds213.fr8.c
x-goog-stored-content-length
47511
accept-ranges
bytes
s_10.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_10.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6202fdcba1218494bc4513a8742609aacd0a9da3f542ddf5db8e6feeb4ad340c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:24 GMT
x-cdn
4
x-guploader-uploadid
ADPycduZn6rUKRdhfq-_fp39zQBV8PrOBlj-IJGf8BtVIbJ2BrZoVLPQB6740Vjc8Un-XP3sj5lipRwZQxgzRhZU1nt1tg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1492354
last-modified
Wed, 11 May 2022 17:43:07 GMT
server
UploadServer
etag
"eb3e7cd9ed5f35444fa4a4cd326be4ff"
x-goog-generation
1652290987164558
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=A6crAw==, md5=6z582e1fNURPpKTNMmvk/w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431444.cds279.fr8.hn,1666431444.cds106.fr8.c
x-goog-stored-content-length
1492354
accept-ranges
bytes
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JM1YLT9HG3&gtm=2oeaj0&_p=1793498565&cid=149896053.1666431439&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&sid=1666431439&sct=1&seg=0&dt=Free%20Video%20-%20Limited%20Time%20Only!&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JM1YLT9HG3&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 22 Oct 2022 09:37:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://floraspring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
scribe
stats.vidalytics.com/ 		16 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 22 Oct 2022 09:37:26 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
16
access-control-allow-methods
POST,OPTIONS
content-type
application/json
s_11.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/audio/h265_96000/s_11.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1426a2059871d4cd46b4b82bdd2e06e34992a3e4cd79c8b526b781ee6974928b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:26 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtsbhDrP8xEIyo_2JYLj5kiu5jdn43s6cSkRkwC9ckg4r8FPaHTv5cEIxy8xHfCOAKA-O-hiYDKVKf2ll956YWH-HYDX1wi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47759
last-modified
Wed, 11 May 2022 17:44:02 GMT
server
UploadServer
etag
"60d7b622ce800c68e5b6d0072cf4f012"
x-goog-generation
1652291041985224
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=cg8TlQ==, md5=YNe2Is6ADGjlttAHLPTwEg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431446.cds279.fr8.hn,1666431446.cds206.fr8.c
x-goog-stored-content-length
47759
accept-ranges
bytes
s_11.m4s
quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/KwmJQD4K/_alt1Cu7sIZOiLky/65184/55860/fmp4/video/1920x1080_h264_3000000/s_11.m4s
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4e02209fb4ef1df1c689025b232f23cf95f58e8f7ccd05e4f04e1df99441158f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://floraspring.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 09:37:26 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtPxT8vPAoHLoP5HDhTwn91WJG0PFs9E2GVaFTvfp3dzrVZTPoBJk0EdSpRI9htHWSSpUY0o2slTA5AiAf3MFsEhRdY7zh1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1366977
last-modified
Wed, 11 May 2022 17:43:12 GMT
server
UploadServer
etag
"4743b5864204b758195122a524f16d69"
x-goog-generation
1652290992346452
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=i2Mg0g==, md5=R0O1hkIEt1gZUSKlJPFtaQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1666431446.cds279.fr8.hn,1666431446.cds228.fr8.c
x-goog-stored-content-length
1366977
accept-ranges
bytes
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:26 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1102&s1=gvflr4aepfot21090003asjtl206&s2=6289531&s3=h3&s4=&o=83&r=60110898&cr=274&campid=6819&utm_medium=1102&utm_source=gvflr4aepfot21090003asjtl206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://floraspring.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 Oct 2022 09:37:25 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| _vwo_code number| settings_timer number| _vwo_settings_timer undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| google_tag_manager object| google_tag_data number| gtmPageLoadId string| GoogleAnalyticsObject function| ga object| _qevents function| snaptr function| obApi function| obTag string| qp object| uetq object| dotq function| dtpCallback string| TiktokAnalyticsObject object| ttq object| _tfa string| PIXELID function| fbq function| _fbq function| $ function| jQuery object| stateObj number| backflag object| gaplugins object| gaGlobal object| gaData object| eventHandler object| YAHOO function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_63760ecff3 object| criteo_q string| deviceType function| onYouTubeIframeAPIReady function| ouibounce string| fadeOutDiv function| submitForm function| validateEmail boolean| allowSubmit string| emailInput object| script string| specialOffer string| EMBED_CODE_ID object| vidalyticsPlayerAPI function| initializePlayerAPI function| getPlayer function| onPlayerAPIAvailableCallback object| Vidalytics object| VidalyticsL object| _vidalytics function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| getParameterByName object| theBody function| disablelinksfunc function| disableformsfunc number| stopExit_settings_timer boolean| StopExit object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| clarity object| webpackChunkbitmovin_player_name_ object| bitmovin

69 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.safetrkpro3.com/ Name: som
Value: /MV23mDNIEOLEwi4w6a7n3c6LNhOXRRFWStpb+4vOqsJ3XUpf3vG6g==
.safetrkpro3.com/ Name: tm
Value: BV+VJ631D/CLEwi4w6a7n3c6LNhOXRRFWStpb+4vOqsJ3XUpf3vG6g==
floraspring.com/ Name: PHPSESSID
Value: r2dg1f73tvi8liv7r99t5dt071
floraspring.com/ Name: affid
Value: 1102
floraspring.com/ Name: fraff1
Value: yeahaff20
.floraspring.com/ Name: _vwo_uuid_v2
Value: D30613D62563B0DA5F03C3B7F95D00807|065bdba83122e2375bdfbe45fbbcd139
.floraspring.com/ Name: _gcl_au
Value: 1.1.304253631.1666431439
.floraspring.com/ Name: _gid
Value: GA1.2.17298124.1666431439
.floraspring.com/ Name: _gat_UA-113385709-1
Value: 1
.bing.com/ Name: MUID
Value: 331D99ECF2B7632523E58BA9F31B6236
.floraspring.com/ Name: _ga
Value: GA1.1.149896053.1666431439
.floraspring.com/ Name: _uetsid
Value: 1f7e641051ed11edb23d45f400ec09e8
.floraspring.com/ Name: _uetvid
Value: 1f7ea9c051ed11ed9ee13d9bdfcc33b3
.criteo.com/ Name: uid
Value: 40328a15-170b-4b05-a39e-2a27c6df37d6
.mfadsrvr.com/ Name: tuuid
Value: 2893b28d-228d-4c8b-b73c-caa74f07ce97
.mfadsrvr.com/ Name: c
Value: 1666431439
.mfadsrvr.com/ Name: tuuid_lu
Value: 1666431439
.quantserve.com/ Name: mc
Value: 6353b9cf-95148-24418-b7eca
.floraspring.com/ Name: __qca
Value: P0-377066214-1666431439587
.floraspring.com/ Name: _tt_enable_cookie
Value: 1
.floraspring.com/ Name: _ttp
Value: fb235703-a900-4e89-93f9-93cd481373bf
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1666431439
www.clarity.ms/ Name: CLID
Value: cb01a10b112043c4ac156667141ed4c5.20221022.20231022
.floraspring.com/ Name: _fbp
Value: fb.1.1666431439788.837418783
.floraspring.com/ Name: cto_bundle
Value: w4jvaV9YQ0dibkN1dm5EbWJ2RTk4cjRsMGtsTmR5RmdJTEtmTmFlU0RYVHdRbjNYSXl3emVzRTh5OEt1QjA5Zzd3dEduVGVtakZGbXFyJTJGWmIlMkJ5N05IRzNIQVhkQ1Z6RXNZOTJrNW9nazM4aUNCNnVFbW1WMW0lMkZaZnZ6Mm5LMkE2dlR0MkxxN2FKZnNtJTJGZXBIMExEY1dKWmY2ZyUzRCUzRA
floraspring.com/ Name: outbrain_cid_fetch
Value: true
.floraspring.com/ Name: _clck
Value: 1u4f6bi|1|f5x|0
.yahoo.com/ Name: A3
Value: d=AQABBM-5U2MCEHU-WSrKuBIJte3AxGUc3ogFEgEBAQELVWNdYwAAAAAA_eMAAA&S=AQAAAiZlJeZ5TmseaADa07y7Oyk
.floraspring.com/ Name: _scid
Value: 2d1bff74-e465-4f98-96ec-197cbd57cb01
.floraspring.com/ Name: _ga_JM1YLT9HG3
Value: GS1.1.1666431439.1.0.1666431440.59.0.0
.adnxs.com/ Name: uuid2
Value: 5873993002519019102
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAA3IwQ0AMQgDsImQCI1C17kWMQXD9/x09w2pYIlIY9VnBxnW/gcY+/iegSQukD7+AIkNBWcyAAAA
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%221fe78900-51ed-11ed-8184-e78471f64d90%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%221fe78900-51ed-11ed-8184-e78471f64d90%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%221fe78900-51ed-11ed-8184-e78471f64d90%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%221fe78900-51ed-11ed-8184-e78471f64d90%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-nc-MTN5QYABSB2eB79LIJgAEArqRb5j80Tt0lw%22%2C%22version%22%3A%22criteo%22%7D
.bidswitch.net/ Name: tuuid
Value: 8cdf7936-f975-4ae7-8e92-b2f6d83307c9
.bidswitch.net/ Name: c
Value: 1666431440
.bidswitch.net/ Name: tuuid_lu
Value: 1666431440
.doubleclick.net/ Name: IDE
Value: AHWqTUntFIdg4jg2GbJYTiW7fut0dmFfAmh4TgslGpL-yhYoSx8HQg3VWhlmAP08m8A
.casalemedia.com/ Name: CMID
Value: Y1O50NgTJzFSigDELoyNcQAA
.casalemedia.com/ Name: CMPS
Value: 1139
.casalemedia.com/ Name: CMPRO
Value: 1139
.media.net/ Name: visitor-id
Value: 3094330408173978000V10
.media.net/ Name: data-c-ts
Value: 1666431440
.media.net/ Name: data-c
Value: k-f5DrvN5QYABSB2eB79LIJgAEArpMYOEjQbAKrA~~3
.360yield.com/ Name: tuuid
Value: 5e22cc3b-1d4c-4a09-b6c0-2feaf2eea43c
.360yield.com/ Name: tuuid_lu
Value: 1666431440
.c.bing.com/ Name: SRM_B
Value: 331D99ECF2B7632523E58BA9F31B6236
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 331D99ECF2B7632523E58BA9F31B6236
.c.clarity.ms/ Name: ANONCHK
Value: 0
.360yield.com/ Name: um
Value: !38,LXXqPM9Ob70EQ6fSdu-9mLqjOhl47ZyLEVI.vWTM0aunIy4vZfMx30SMyPBkr0L2UPd18rXp,1674207440
.360yield.com/ Name: umeh
Value: !38,0,1728639440,-1
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~27ux
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.yieldlab.net/ Name: id
Value: 9ca80726-b487-4fb3-b33a-2c203a1cb5bd
.floraspring.com/ Name: _clsk
Value: 1evmk29|1666431440479|1|1|l.clarity.ms/collect
.demdex.net/ Name: demdex
Value: 09068838176279302551952128267566713618
floraspring.com/ Name: bitmovin_analytics_uuid
Value: a11872b4-57d0-4772-83cb-6f4f850d44c1
.dpm.demdex.net/ Name: dpm
Value: 09068838176279302551952128267566713618
.krxd.net/ Name: _kuid_
Value: PJyQ7jYa

1 Console Messages

Source Level URL
Text
network error URL: https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1102%26s1%3Dgvflr4aepfot21090003asjtl206%26s2%3D6289531%26s3%3Dh3%26s4%3D%26o%3D83%26r%3D60110898%26cr%3D274%26campid%3D6819%26utm_medium%3D1102%26utm_source%3Dgvflr4aepfot21090003asjtl206&lpt=Free%20Video%20-%20Limited%20Time%20Only!&vtm=1666431439479
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
amplify.outbrain.com
analytics-ingress-global.bitmovin.com
analytics.tiktok.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
floraspring.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
l.clarity.ms
licensing.bitmovin.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.quantserve.com
pixel.rubiconproject.com
q.quora.com
quick.vidalytics.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.mfadsrvr.com
rtb.mfadsrvr.com
rules.quantcount.com
s.thebrighttag.com
s.yimg.com
s3.amazonaws.com
safetrkpro3.com
safetrkthree.com
sc-static.net
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
stats.vidalytics.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
treach-tutters.com
trimdownclub.lt.acemlnb.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
107.178.211.97
141.226.228.48
142.250.185.66
142.250.186.162
144.202.19.192
149.28.34.111
151.101.1.44
151.139.128.11
162.19.138.83
178.250.0.163
178.250.2.146
18.192.108.151
18.194.110.242
18.66.120.247
185.255.84.153
185.64.189.110
185.80.39.216
185.86.137.132
20.120.65.166
20.234.93.27
2001:4860:4802:32::36
207.148.2.105
212.82.100.181
23.35.228.23
23.35.237.56
23.35.237.86
23.36.163.249
2600:1901:0:df23::
2600:1f18:612b:4264:5bf8:c9ae:fc1e:511b
2600:9000:223e:7000:6:44e3:f8c0:93a1
2620:100:a001::17
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:40::45
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.54.154
3.120.61.165
3.126.56.137
3.127.197.177
3.141.157.49
34.117.157.22
34.96.102.137
35.190.27.197
35.190.43.134
37.157.3.29
37.252.172.250
52.213.108.198
52.217.224.56
52.57.80.202
54.155.65.255
54.165.14.136
54.205.127.85
54.225.120.86
54.229.162.197
64.202.112.255
69.173.144.138
76.223.111.18
85.215.5.31
96.16.132.239
00780bd463309743970dee8c3fe16f98856908146e37454df1104935dcaf7b5a
0258a5a4c0ef9a9fb39ed3ea40c13ac2d47e3c7609045023158ee31233e1aaa9
05669f6021b27b1343d566e296264c8311dc89fb5199de61b983d59d97c13d42
0726aa0d2b80e14cad468c6b3860caa494362ffbe7ca7a6989915214c2e785a8
0932ffdb353b42578e9cc168b616bd03d80c2946cfe769c275f64e8747afc55f
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fb819ab3895940a9f1f009d6413723d7666f84195c09b2485c9a750b627e081
0ff66e529e0c62957cdc20585a340b3560055b70ceeb4a0843ba4bf759e48fc7
1426a2059871d4cd46b4b82bdd2e06e34992a3e4cd79c8b526b781ee6974928b
16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662
1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d9b4570fe5cc501048952b2d872634ef6dee9d313818352c0e7a398c5f58dae
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
26f42b365e4b1b207112b67ecdb4d7922240f839aed9a52d31635e11cedeb478
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3310869d6a3211f1f0b9aaef9664020f3855353a44ecd6e0996fa82ab7832a8f
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34e8b99a2574c4748d63c313657e192faaf6be39a42d38868f0d2eb8c5e8a374
3de72f5e8a70a2b35ecc16f84c129ade0bfc2f0988062c8c80565f407f71a3af
411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4469009ea5a9afd7a865fc77d1f50af984a04457eb295ae43feaa221d4352757
4b46b0ccd72404899097822de989a8da2716c36959ba02b989f7f3e4c7ad9712
4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6
4e02209fb4ef1df1c689025b232f23cf95f58e8f7ccd05e4f04e1df99441158f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53bc31217d7d597e9e0298d513f6ef532c9aded264aa6e0d66e22f32cb60b557
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5
5cc1b759fa202c806d0e6cac7cf447c1fe3ea6fed771a8ff24ab676ab9ebd594
5ed5ee7d2f88513a21b105e38900681e30de2b40d2ff5d97d20b14bde1f2a87b
6202fdcba1218494bc4513a8742609aacd0a9da3f542ddf5db8e6feeb4ad340c
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac
6bc04cf09f9d87d0b8035912f983a190bff9f70fde3c04a475279867bad9019f
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
71d7577a1e8ec552b7408e07fb6fb88216d05b9b810514f2a6c297be85c711b9
7218678bd6af304a3e66df37b924fa34d332037f7e789c3f1b4ce9d26ef196fc
7bd06558684581b5c99aab47ebeea622a7eeb4d12db214fdde14985d44f74337
7cb0be351287c5401cdf58a448cb878b8a0c7c3c8da267f4fdfef3d271ad3b78
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841d168b2c0883a7e31254097260a74c0770b9a66ffc03fd90e809ec29589d77
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
886042ef1981b731d1bffdcc5a2a9fb540d9bbc1c60fb16d07021afd8c0a7734
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413
97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f
97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6
994e7cba872b1835499be600f85f99d12ae61b38d81ac0429ef39e2f587fd3f0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb6ed30b251e4b97ed3f8ed4cab5e913db702397d49c44387cbf61a5bd1aa47
9d7daba2671a1cb3aa750ea2636543b44a0ced52c7a87608ac6a6b9b4341716d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a34be781aa9311e3c5703d709bcc2acf352b080a90c7930ba50f3601521394d4
a4c1a074c4c4254bec46f83f8f770d0fe2808c27a56006da0ffb73118e99018b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acd0ed203da6e3fce09709cb5f2068dba59f9ca838510286f10c112c9754666a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fa29489b561be3a3defc0e58cb24eb46b3d4c890dc48d22215887333a31caa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b552c41452c73a75231ffb2bc6d7e14a6182e0d1e1800f68753e8f6d6e67ed50
b6eb1edd1f1ec3c4d936b29befccaa94b2165adbc7a6e71b76ce538c46227b73
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
b8da56041e89fd42f694e6adeeeeb1dec747002cb2df3a1b110ba0f842dcb1b2
ba014cd60f64ed0c76bde747b1cb6c8e82e809bf3330cd8b73885f50e170df39
bb1727e928e3d066824a2329c7ed02c04e08d37d1484adb237a70f2440675ae9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c562af82db9d8b080006ab0e148911d6e06a7538d537fe0ada31d98408144a2a
c61370b4617a6af7e544c5dedbc30001d76cb4e5c214878b2f6cd44765ae897b
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
caaf6f115e3fa7878d65adc435fa67b88d50379ec136afdb54ba1f8b12c07296
cbeca78309a4b4b099b8c4d2a4182adcf3c8437221858d9105c858ac2345f9fc
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cfabe42281ed2f09322871a326b54dace5174cdb28264838d90df52cc7e5e79b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42f6b33db242867f2607350ea7b8804f4cf55e0fa6c677ebf11ee3cf92a9e4a
e4b2151214890e0a7ac5efa36484785c03d4248700f9fca82f03878b06cb9943
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3
edd7d8d4427a3d17e311a9463909736ff7cad6ca819bda82d2e540a9d082c061
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc301d09208db103d96a40b70934b55ff649ca91802415fe18542deb2465a49
f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a
f6a768cf1f4f821b9d9df7974ec0d80a16de90610134e3acf04f6a586c2f1f08
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
ff33c9a1912a26daaef92e8b2e7b7f33565ed81572b158845a7df9470fc85743
ff4b1286e2e445c650dc2d3e315c4294511b9a66de21dfa073d766adee740343