www.gormans.com Open in urlscan Pro
104.17.198.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.michiganbestleather.com/
Effective URL:
https://www.gormans.com/leather/
Submission: On October 26 via api (October 26th 2024, 4:37:50 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 60 HTTP transactions. The main IP is 104.17.198.25, located in and belongs to CLOUDFLARENET, US. The main domain is www.gormans.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2024. Valid for: 10 months.

This is the only time www.gormans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
17	104.17.198.25 104.17.198.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.17.197.25 104.17.197.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c619	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:272... 2600:9000:2724:ba00:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
7	2600:9000:21f... 2600:9000:21f3:3600:1a:3af:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.200.232.249 216.200.232.249	6461 (ZAYO-6461) (ZAYO-6461)
1	20.116.34.211 20.116.34.211	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2	34.208.170.37 34.208.170.37	16509 (AMAZON-02) (AMAZON-02)
2	35.162.185.85 35.162.185.85	16509 (AMAZON-02) (AMAZON-02)
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:13a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	34.168.224.78 34.168.224.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.191.200.205 54.191.200.205	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.58 18.66.147.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:5000:1f:7c97:a480:93a1	16509 (AMAZON-02) (AMAZON-02)
60	20

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.michiganbestleather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.17.198.25 (None, )

ASN13335 (CLOUDFLARENET, US)

www.gormans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.197.25 (None, )

ASN13335 (CLOUDFLARENET, US)

retailer-secure.microdinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c619 (United States)

ASN13335 (CLOUDFLARENET, US)

premium-secure.microdinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:ba00:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:21f3:3600:1a:3af:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States)

ASN6461 (ZAYO-6461, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.116.34.211 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

udesign.canadel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.208.170.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-170-37.us-west-2.compute.amazonaws.com

capturelogger-prod-usa.localiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.162.185.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-185-85.us-west-2.compute.amazonaws.com

lab.analyticspodium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

jelly-v6.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:13a1 (United States)

ASN13335 (CLOUDFLARENET, US)

mind-flayer.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com

1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.191.200.205 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-200-205.us-west-2.compute.amazonaws.com

api2.analyticspodium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-58.fra60.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:5000:1f:7c97:a480:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gormans.com www.gormans.com	873 KB
13	podium.com connect.podium.com — Cisco Umbrella Rank: 28965 mind-flayer.podium.com — Cisco Umbrella Rank: 29667 assets.podium.com — Cisco Umbrella Rank: 46723	308 KB
6	microdinc.com retailer-secure.microdinc.com — Cisco Umbrella Rank: 413730 premium-secure.microdinc.com — Cisco Umbrella Rank: 354118	298 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	460 KB
4	analyticspodium.com lab.analyticspodium.com — Cisco Umbrella Rank: 28120 api2.analyticspodium.com — Cisco Umbrella Rank: 26486	11 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
3	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 15600 1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com	47 KB
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 18386	587 B
2	mdhv.io 1 redirects jelly.mdhv.io — Cisco Umbrella Rank: 6930 jelly-v6.mdhv.io — Cisco Umbrella Rank: 11889	643 B
2	localiq.com capturelogger-prod-usa.localiq.com — Cisco Umbrella Rank: 23965	579 B
1	gstatic.com fonts.gstatic.com	47 KB
1	canadel.com udesign.canadel.com	5 KB
1	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 3455	711 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	michiganbestleather.com 1 redirects www.michiganbestleather.com	318 B
60	15

	Domain	Requested by
17	www.gormans.com	www.gormans.com
7	connect.podium.com	www.gormans.com connect.podium.com
5	mind-flayer.podium.com	connect.podium.com
5	www.googletagmanager.com	www.gormans.com www.googletagmanager.com
5	retailer-secure.microdinc.com	www.gormans.com
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	api2.analyticspodium.com	connect.podium.com
2	lab.analyticspodium.com	connect.podium.com
2	capturelogger-prod-usa.localiq.com	cdn.rlets.com
2	www.google-analytics.com	www.gormans.com www.google-analytics.com
2	cdn.rlets.com	www.gormans.com cdn.rlets.com
1	assets.podium.com
1	1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com	cdn.rlets.com
1	region1.google-analytics.com	www.googletagmanager.com
1	jelly-v6.mdhv.io	www.gormans.com
1	jelly.mdhv.io	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	udesign.canadel.com	www.gormans.com
1	pixel.mathtag.com	www.gormans.com
1	fonts.googleapis.com	www.gormans.com
1	premium-secure.microdinc.com	www.gormans.com
1	www.michiganbestleather.com	1 redirects
60	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.houzz.com
www.pinterest.com
www.instagram.com
www.google.com
gormans.udesign.ws
recruiting.paylocity.com
www.microdinc.com

Subject Issuer	Validity	Valid
www.gormans.com Cloudflare Inc ECC CA-3	`2024-03-10` - `2024-12-31`	10 months	crt.sh
retailer-secure.microdinc.com E5	`2024-10-25` - `2025-01-23`	3 months	crt.sh
premium-secure.microdinc.com E6	`2024-10-18` - `2025-01-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.rlets.com Amazon RSA 2048 M02	`2024-09-29` - `2025-10-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.podium.com Amazon RSA 2048 M02	`2024-04-23` - `2025-05-21`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-23` - `2025-04-30`	a year	crt.sh
canadel.com Go Daddy Secure Certificate Authority - G2	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.localiq.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-23`	6 months	crt.sh
*.analyticspodium.com Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh
podium.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
captureapi.localiq.com R10	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.reachlocalservices.com Amazon RSA 2048 M02	`2024-10-03` - `2025-11-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.gormans.com/leather/
Frame ID: D874BBC406DD1F1C619EF5A580CB8E00
Requests: 47 HTTP requests in this frame

Frame: https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Frame ID: 1A5199DC558ABC917C951075143ABEF9
Requests: 1 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 43AD603AEC505186CA5758F20ACB4D93
Requests: 3 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 84EF969D37572C8B16B61E67D260E816
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gorman's Home Furnishings & Interior Design - Furniture Store Serving The Metro Detroit Area

Page URL History Show full URLs

https://www.michiganbestleather.com/ HTTP 301
http://www.gormans.com/leather/ HTTP 307
https://www.gormans.com/leather/ HTTP 307
http://www.gormans.com/leather/ HTTP 307
https://www.gormans.com/leather/ Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

45 %
IPv6

15
Domains

22
Subdomains

20
IPs

4
Countries

2074 kB
Transfer

4448 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GormansFurniture/

Search URL Search Domain Scan URL

URL: https://www.houzz.com/pro/gormans/gormans

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/gormanshome/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gormansdesign/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Gorman's+3-Day+Clearance+Center/@42.462056,-83.417023,15z/data=!4m5!3m4!1s0x0:0x3210cb71a252e6c8!8m2!3d42.462056!4d-83.417023?ll=42.462056,-83.417023&z=15&t=m&hl=en-US&gl=IN&mapclient=embed&cid=3607606990438852296
Title: Map

Search URL Search Domain Scan URL

URL: https://gormans.udesign.ws/
Title: Design Your Own Dining

Search URL Search Domain Scan URL

URL: https://recruiting.paylocity.com/recruiting/jobs/List/23/Gormans
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.microdinc.com/?utm_source=customer&utm_medium=referral
Title: www.microdinc.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.michiganbestleather.com/ HTTP 301
http://www.gormans.com/leather/ HTTP 307
https://www.gormans.com/leather/ HTTP 307
http://www.gormans.com/leather/ HTTP 307
https://www.gormans.com/leather/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://jelly.mdhv.io/v1/star.gif?pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=30dd23b9-ca92-4a22-88b1-fade505135cd

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

404

Primary Request / Show response
www.gormans.com/leather/
Redirect Chain

https://www.michiganbestleather.com/
http://www.gormans.com/leather/
https://www.gormans.com/leather/
http://www.gormans.com/leather/
https://www.gormans.com/leather/

59 KB
13 KB

231ms
230ms

Document
text/html

104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gormans.com/leather/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8ac5cda522d79863e9a4a9884f76a933b54b3a3a18af3ccf6e7535b9e3132ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000, max-age=31536000, max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-apo-via: origin,host
cf-cache-status: EXPIRED
cf-ray: 8d8bdf657baa8f35-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 26 Oct 2024 16:37:44 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=31536000, max-age=31536000, max-age=31536000, max-age=31536000
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-client-image-vid: 53
x-client-vid: 1108
x-epiphany-vid: 18878-2339
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.gormans.com/leather/
Non-Authoritative-Reason: DNS

GET
H3 200 omnivue.min.css
retailer-secure.microdinc.com/vid18878-2339/css/epiphany3/css/ 274 KB
59 KB 190ms
44ms Stylesheet
text/css 104.17.197.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://retailer-secure.microdinc.com/vid18878-2339/css/epiphany3/css/omnivue.min.css
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.197.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ccc2a862b00ac83e4821a6d67acb0bef25bb11cdbaa6c57369fb42f42060ed0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"80193966fd19db1:0"
age: 71791
cf-ray: 8d8bdf6aba06d3a9-FRA
expires: Sun, 26 Oct 2025 16:37:44 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: text/css
last-modified: Wed, 09 Oct 2024 03:43:27 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 omnivue.min.js Show response
retailer-secure.microdinc.com/vid18878-2339/css/js/epiphany3/ 115 KB
41 KB 176ms
30ms Script
application/javascript 104.17.197.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://retailer-secure.microdinc.com/vid18878-2339/css/js/epiphany3/omnivue.min.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.197.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ae4bb3cd5f8187e4b83968afea7a5ba6c12c421e571736aac29ff4b4dc00fbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"80d37542fd19db1:0"
age: 71791
cf-ray: 8d8bdf6aba05d3a9-FRA
expires: Sun, 26 Oct 2025 16:37:44 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 03:42:27 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style.min.css
retailer-secure.microdinc.com/vid18878-2339/css/epiphany3/bravo/ 42 KB
9 KB 174ms
28ms Stylesheet
text/css 104.17.197.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://retailer-secure.microdinc.com/vid18878-2339/css/epiphany3/bravo/style.min.css
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.197.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc3d9684171a2c695425379f6988415653550c5008c904a432f407ec9068518c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"80ec765fd19db1:0"
age: 71791
cf-ray: 8d8bdf6aba03d3a9-FRA
expires: Sun, 26 Oct 2025 16:37:44 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: text/css
last-modified: Wed, 09 Oct 2024 03:43:25 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 customized.css
www.gormans.com/cid1108/css/20034/ 48 KB
9 KB 40ms
38ms Stylesheet
text/css 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/customized.css
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 86374ecb912dd68f6ec86a065233edf0c9166a977ab6314296c96955777375ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"e193ff8713d81:0"
age: 771217
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origSize=72357
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: text/css
last-modified: Thu, 27 Jan 2022 14:13:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c8858f35-FRA
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fontawesome-webfont.woff2
premium-secure.microdinc.com/css/epiphany3/fonts/ 75 KB
76 KB 189ms
30ms Font
application/font-woff2 2606:4700::6811:c619
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://premium-secure.microdinc.com/css/epiphany3/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gormans.com
Referer: https://www.gormans.com/

Response headers

cf-cache-status: HIT
etag: "0dbb47dc12ed81:0"
age: 742170
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 16:37:44 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/font-woff2
last-modified: Thu, 03 Mar 2022 05:42:38 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6acb6ddbfb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 181ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:500,600,700,800,900,400,300

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81d2121635db8ac4faad8fdeebcc22e5b9655e3412b8cc01bb4c44419c841800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 16:37:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 26 Oct 2024 16:37:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 slick.css
www.gormans.com/cid1108/css/20034/slick/ 1 KB
662 B 43ms
42ms Stylesheet
text/css 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/slick/slick.css
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"b62f5b5326e1d11:0"
age: 771217
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origSize=1729
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2016 18:58:09 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c8878f35-FRA
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 slick-theme.css
www.gormans.com/cid1108/css/20034/slick/ 2 KB
945 B 44ms
43ms Stylesheet
text/css 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/slick/slick-theme.css
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"8245305326e1d11:0"
age: 117878
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origSize=3145
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2016 18:58:09 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c88a8f35-FRA
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 jquery.cookie.js Show response
www.gormans.com/cid1108/css/20034/scripts/ 2 KB
1 KB 44ms
43ms Script
application/javascript 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/scripts/jquery.cookie.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"8ce17d445810d21:0"
age: 145332
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origSize=3121
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2016 20:24:03 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c88c8f35-FRA
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 mms.js Show response
cdn.rlets.com/capture_static/mms/ 3 KB
2 KB 69ms
9ms Script
application/javascript 2600:9000:2724:ba00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/mms.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:ba00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be21727dc36aa9c43e3cd14f636395c34c582e6b6f16e42d094d9aa47a66b8e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

x-amz-cf-pop: FRA56-P12
content-encoding: gzip
etag: W/"a46d4f410fa58956733bebecc815d4f9"
age: 48891
via: 1.1 ea7cd71b17e29a29176686830f1a76c4.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: uX58mq26MYERX3Cz74ZxXbAt6zyb4zd0rkczLRdufkCrzYy2w6pLIg==
date: Sat, 26 Oct 2024 03:02:54 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Mon, 21 Oct 2024 16:40:05 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
90 KB 99ms
40ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-724909536

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90d04670b8e6e29b4197b510f17bb7de3c245aef189122bab92425e92e0077c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 16:37:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91636
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 widget.js Show response
connect.podium.com/ 683 KB
192 KB 87ms
27ms Script
application/javascript 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/widget.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6362420002400c322fff2f1bf2c2535a4a187c4976541d5bb6bcc3ad9c566938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: max-age=3600
content-encoding: gzip
etag: "130a744fe6b81c7b291c16ead675ff54"
age: 3581
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 196303
x-amz-cf-id: Y5_r9Ppze5i9RlVmwuVkkPlZ9odsK4Jgih4WzSjQIM7L3sy6wtWBbg==
date: Sat, 26 Oct 2024 15:38:04 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 161 B
711 B 360ms
108ms Script
text/javascript 216.200.232.249
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.mathtag.com/event/js?mt_id=1366106&mt_adid=206566&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.200.232.249 Frederick, United States, ASN6461 (ZAYO-6461, US),

Reverse DNS

Software

MT3 1668 f41eadd master ord ord-pixel-x55 config_version:"819" /

Resource Hash

98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457

Security Headers

Name	Value
Strict-Transport-Security	31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

Strict-Transport-Security: 31536000
Cache-Control: no-cache
Content-Encoding: gzip
Connection: close
Cross-Origin-Resource-Policy: cross-origin
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Sat, 26 Oct 2024 16:37:45 GMT
X-XSS-Protection: 0
Content-Type: text/javascript
Server: MT3 1668 f41eadd master ord ord-pixel-x55 config_version:"819"

GET
H3 200 jquery.hoverintent.minified.js Show response
www.gormans.com/cid1108/css/20034/scripts/ 1 KB
697 B 44ms
43ms Script
application/javascript 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/scripts/jquery.hoverintent.minified.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ab082dce30b4ed9b93263882e1432b9ffc1d7ae6c502cff63d267ebfef3cfad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"f3d9b6641f8fd11:0"
age: 117878
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origSize=1464
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2016 09:41:56 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c88d8f35-FRA
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 logo.png
www.gormans.com/cid1108/css/20034/ 11 KB
11 KB 49ms
48ms Image
image/webp 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/logo.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 42a643d05e1343f666aa63e10f3bb8ae017c79c9743416d8f6fb7b0ae7aa3655

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "d2169c2623e4d11:0"
age: 771216
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origFmt=png, origSize=17147
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/webp
content-disposition: inline; filename="logo.webp"
vary: Accept
last-modified: Fri, 22 Jul 2016 14:12:59 GMT
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c88e8f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10800
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 menu-370x370_outdoor1.png
www.gormans.com/cid1108/css/20034/images/ 197 KB
197 KB 31ms
31ms Image
image/webp 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/images/menu-370x370_outdoor1.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 70f9b395cc3a7874d77e554d3ddef0a665225a58df153f556942af7181fe2162

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "b6b8b6e32b7d11:0"
age: 145331
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origFmt=png, origSize=306998
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/webp
content-disposition: inline; filename="menu-370x370_outdoor1.webp"
vary: Accept
last-modified: Thu, 26 May 2016 09:36:19 GMT
cache-control: public, max-age=31536000
cf-ray: 8d8bdf69c88f8f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 201842
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 home-office_menu.png
www.gormans.com/cid1108/css/20034/images/ 158 KB
158 KB 30ms
29ms Image
image/webp 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/images/home-office_menu.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea8719e60835e698f7aa231e33f70d84810994177e5e526e1a33c9709fdd93f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "7078c5bdda9d11:0"
age: 106036
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origFmt=png, origSize=247692
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/webp
content-disposition: inline; filename="home-office_menu.webp"
vary: Accept
last-modified: Mon, 09 May 2016 10:27:15 GMT
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6ad9a38f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 161910
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 sublinkscontentpic.jpg
www.gormans.com/cid1108/css/20034/images/ 10 KB
10 KB 38ms
38ms Image
image/jpeg 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/images/sublinkscontentpic.jpg
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 98292d2df8242a9d9a592d63e76fe68689da3812b537de54671162518d5f4cca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "6ce9f97062c4d11:0"
age: 145331
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: degrade=85, origSize=15810, status=webp_bigger
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/jpeg
last-modified: Sun, 12 Jun 2016 04:25:25 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6ad9a68f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9731
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 bedroom_menu.png
www.gormans.com/cid1108/css/20034/images/ 148 KB
148 KB 45ms
44ms Image
image/webp 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/images/bedroom_menu.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e4f4cfe31bc1e9e6ac5cd9581e3718bdb4cfe201a5fd48bd0573c976db588bc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "6ad2aedad8a9d11:0"
age: 771216
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origFmt=png, origSize=245801
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/webp
content-disposition: inline; filename="bedroom_menu.webp"
vary: Accept
last-modified: Mon, 09 May 2016 09:55:01 GMT
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6b49fe8f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 151272
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 dining_menu.png
www.gormans.com/cid1108/css/20034/images/ 160 KB
160 KB 45ms
39ms Image
image/webp 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/images/dining_menu.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 181a0ec1a9661bff3df55e308445ac3c8660620a85d09126ccb8f90a1cfbe9cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "17401785daa9d11:0"
age: 771216
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origFmt=png, origSize=256363
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/webp
content-disposition: inline; filename="dining_menu.webp"
vary: Accept
last-modified: Mon, 09 May 2016 10:06:57 GMT
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6baa6c8f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 163986
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 logo-black-large.png
udesign.canadel.com/Content/images/udesign-button/ 4 KB
5 KB 466ms
125ms Image
image/png 20.116.34.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udesign.canadel.com/Content/images/udesign-button/logo-black-large.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.116.34.211 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / localhost
Resource Hash: e69b8ed4e4edd747ca15e9948ccfb01f8e58b62d0320ea969911c025c99512b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

access-control-allow-headers: authorization,Content-Type
cache-control: max-age=604800
access-control-expose-headers: X-total-count
etag: "0f16dda7c26db1:0"
access-control-allow-methods: POST,GET,PUT,DELETE,OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4470
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 01:26:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: localhost

GET
H3 200 livingroommenu.png
www.gormans.com/cid1108/css/20034/images/ 159 KB
159 KB 206ms
200ms Image
image/webp 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gormans.com/cid1108/css/20034/images/livingroommenu.png
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4c98d0fe62a2017dba61f0f1ef3d27e013261bfe46794d2e28ca57f77830bcbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cf-bgj: imgq:85,h2pri
etag: "d84aabc5d2a9d11:0"
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:45 GMT
cf-polished: origFmt=png, origSize=242633
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: image/webp
content-disposition: inline; filename="livingroommenu.webp"
vary: Accept
last-modified: Mon, 09 May 2016 09:11:29 GMT
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6baa6d8f35-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162800
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 email-decode.min.js Show response
www.gormans.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 28ms
28ms Script
application/javascript 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gormans.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67180f7e-4d7"
x-content-type-options: nosniff
cf-ray: 8d8bdf6b4a038f35-FRA
expires: Mon, 28 Oct 2024 16:37:44 GMT
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 20:47:58 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 browser.min.js Show response
retailer-secure.microdinc.com/vid18878-2339/css/js/epiphany3/ 328 KB
111 KB 47ms
41ms Script
application/javascript 104.17.197.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://retailer-secure.microdinc.com/vid18878-2339/css/js/epiphany3/browser.min.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.197.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 783f8d239a494e05ff908247a200bc15a19ff20f34fefc024d84a6d3352a2e80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"010ac40fd19db1:0"
age: 71791
cf-ray: 8d8bdf6bac04d3a9-FRA
expires: Sun, 26 Oct 2025 16:37:44 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 03:42:24 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 theme.min.js Show response
retailer-secure.microdinc.com/vid18878-2339/css/epiphany3/bravo/scripts/ 12 KB
3 KB 52ms
39ms Script
application/javascript 104.17.197.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://retailer-secure.microdinc.com/vid18878-2339/css/epiphany3/bravo/scripts/theme.min.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.197.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8b0fcd5865069f7fe250815d66efe691c2b08eb4098bf311429054e02a11a4e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"0a2aa5ffd19db1:0"
age: 71791
cf-ray: 8d8bdf6bac00d3a9-FRA
expires: Sun, 26 Oct 2025 16:37:44 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 03:43:16 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 layout.js Show response
www.gormans.com/cid1108/css/20034/scripts/ 3 KB
1011 B 55ms
49ms Script
application/javascript 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/scripts/layout.js
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5bcfacf47326af380a874fd10251517ed00062a736bc9546a41c8fac73d8fc51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"7e496d98548ad81:0"
age: 1374753
cf-cache-status: HIT
expires: Sun, 26 Oct 2025 16:37:44 GMT
cf-polished: origSize=3381
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript
last-modified: Mon, 27 Jun 2022 18:34:54 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 8d8bdf6baa6e8f35-FRA
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 86ms
29ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: gzip
age: 1325
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 18:15:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:15:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 289 KB
102 KB 133ms
77ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXZSDJH

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90c4836c40858fd6051920ec6690f806a1fd5cb910dbd9565ced4841dc7e46d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 16:37:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104196
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
70 KB 105ms
49ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCXXCKWF

Requested by

Host: www.gormans.com
URL: https://www.gormans.com/leather/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67508f995b958a65fc2ecb7ca14ced467adf53c9d423fe552052e55965167041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 16:37:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 71473
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 69ms
24ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,600,700,800,900,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gormans.com
Referer: https://fonts.googleapis.com/

Response headers

age: 346474
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:23:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:23:11 GMT
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48336
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ Frame 0
0 590ms
191ms Preflight 34.208.170.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.170.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-170-37.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gormans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 26 Oct 2024 16:37:45 GMT
via: 1.1 google

POST
H2 200 insights Show response
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ 16 B
579 B 201ms
193ms XHR
application/json 34.208.170.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.170.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-170-37.us-west-2.compute.amazonaws.com

Software

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.gormans.com/

Response headers

access-control-max-age: 7200
x-request-id: 865551da-109f-4dc6-9d51-20eed0af9191
access-control-expose-headers
etag: W/"c955e57777ec0d73639dca6748560d00"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-runtime: 0.002439
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 4ec497da481eef8d0cf2a81.js Show response
cdn.rlets.com/capture_configs/1e3/a7b/4ee/ 212 KB
46 KB 722ms
717ms Script
text/javascript 2600:9000:2724:ba00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:ba00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5c13c03d0b369979888acf946f62522a3cb8f2a659d76a0647633cf9dd3d0c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

x-request-id: 0afbb38e0c6a9bacc3ff4ddefcf89010
content-encoding: br
etag: W/"5c13c03d0b369979888acf946f62522a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: tyU6LyTlVfBYabH2TIjPFGsoJwOeSuN9u__ixvxOc1fMLxvhAZqIeA==
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.102209
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 ea7cd71b17e29a29176686830f1a76c4.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
421 B 21ms
19ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=387798760&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&ul=de-de&de=UTF-8&dt=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1166123255&gjid=1322873144&cid=1141848364.1729960665&tid=UA-5494047-1&_gid=658358508.1729960665&_r=1&_slc=1&z=300778937

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.gormans.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:45 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.gormans.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

OPTIONS
H2 200 vardata
lab.analyticspodium.com/sdk/ Frame 0
0 557ms
183ms Preflight 35.162.185.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.analyticspodium.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.162.185.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-185-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.gormans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.gormans.com
access-control-max-age: 1800
age: 988
apigw-requestid: AREiHjHmPHcEMaQ=
cache-control: no-store
content-length: 0
date: Sat, 26 Oct 2024 16:37:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Self=1-671d16fd-6b2b046a1e13c8a538222f2d;Root=1-671d16fd-28d40a4c212d898641087421
x-cache: HIT
x-cache-hits: 688
x-content-type-options: nosniff
x-served-by: cache-bfi-krnt7300035-BFI
x-timer: S1729960666.967133,VS0,VE0

GET
H2 200 vardata Show response
lab.analyticspodium.com/sdk/ 11 KB
11 KB 366ms
366ms Fetch
application/json 35.162.185.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.analyticspodium.com/sdk/vardata

Requested by

Host: connect.podium.com
URL: https://connect.podium.com/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.162.185.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-162-185-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

0816057aed3101a3f1b643723fd14d32a295588ae18c1cbd6306f81f887ae315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Authorization: Api-Key client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
Referer: https://www.gormans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjMiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMzAiLCJkZXZpY2VfbW9kZWwiOiJMaW51eCIsImRldmljZV9pZCI6IjBjODBkMTM3LTA2OWUtNGM5Ni05MWNmLTNlYzFjOWZkNjZiMyIsInVzZXJfcHJvcGVydGllcyI6e30sInVzZXJQcm9wZXJ0aWVzIjp7InNjcmlwdFRva2VuIjoiYzRmNTQ4ZDI2NTRjMWI2ZmMzNjQwZjRmNzYyYWE0NTMifX0

Response headers

age: 0
cache-tag: client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
x-content-type-options: nosniff
apigw-requestid: AREiJjSOvHcEMtA=
x-cache: MISS
date: Sat, 26 Oct 2024 16:37:46 GMT
content-type: application/json;charset=utf-8
x-served-by: cache-bfi-kbfi7400056-BFI
x-cache-hits: 0
vary: Origin, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store
x-timer: S1729960666.149857,VS0,VE181
x-amzn-trace-id: Self=1-671d1ada-31b2c113667ae9857aa95ae0;Root=1-671d1ada-4b7d73d11d9f7b924da92888
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://www.gormans.com
content-length: 10949

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 327 KB
108 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PKL9K57J0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZSDJH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f20d12d9dc6ccb4aaec3b4cd404b64b7828d8e74dc8d336adac986de8cf94938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 16:37:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110701
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 253 KB
90 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-724909536&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZSDJH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

476323bd05780696cf5a8a81bdb5b186962befed1e1f507f56e157cb6608724b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 16:37:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91729
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=30dd23b9-ca92-4a22-88b1-fade505135cd

43 B
235 B

176ms
127ms

Image
image/gif

2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=30dd23b9-ca92-4a22-88b1-fade505135cd
Requested by: Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol: H2
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
pragma: no-cache
expires: -1
content-length: 43
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: image/gif
x-cloud-trace-context: 33dd3adc861f6446c01523c4b07f7ab9
server: Google Frontend

Redirect headers

location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=30dd23b9-ca92-4a22-88b1-fade505135cd
content-length: 173
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: text/html; charset=utf-8
x-cloud-trace-context: 9c2d25c2a2d718658a107a9ebdf0298d
server: Google Frontend

OPTIONS
H2 200 graphql
mind-flayer.podium.com/ Frame 0
0 861ms
779ms Preflight 2606:4700::6812:13a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gormans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://www.gormans.com
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d8bdf709d7c35e1-FRA
content-length: 0
date: Sat, 26 Oct 2024 16:37:46 GMT
server: cloudflare
vary: origin
x-request-id: GAIOD3H_joYXlDI-F1Vh
x-robots-tag: noindex

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 134 B
187 B 230ms
230ms XHR
application/json 2606:4700::6812:13a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28905b52c1b3a93d5c4170b0b2cef9a7b91aa2cbc908193e0d31e7982f2f91b7

Request headers

Referer: https://www.gormans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-robots-tag: noindex
x-request-id: GAIOD38EqtNjcVIgVLwS
cache-control: max-age=0, private, must-revalidate
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d8bdf757a8435e1-FRA
access-control-allow-origin: https://www.gormans.com
date: Sat, 26 Oct 2024 16:37:46 GMT
content-type: application/json; charset=utf-8
vary: origin
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 60ms
18ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0PKL9K57J0&gtm=45je4ao0v893278934z8812726666za200zb812726666&_p=1729960664889&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101925628&cid=1141848364.1729960665&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729960665&sct=1&seg=0&dl=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dt=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&en=page_view&_fv=1&_ss=1&tfd=6466
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PKL9K57J0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.gormans.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 16:37:45 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 storage.html
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/ Frame 1A51 0
0 622ms
153ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gormans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Sat, 26 Oct 2024 16:37:47 GMT
last-modified: Thu, 17 Oct 2024 15:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 httpapi Show response
api2.analyticspodium.com/2/ 94 B
245 B 192ms
190ms Fetch
application/json 54.191.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.analyticspodium.com/2/httpapi

Requested by

Host: connect.podium.com
URL: https://connect.podium.com/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.191.200.205 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-200-205.us-west-2.compute.amazonaws.com

Software

Resource Hash

3e75083307e79f79224fdaf58eca85ccbe33cb9d7219cab7034c71bf3b320ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.gormans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000
apigw-requestid: AREiVjVrPHcEP8A=
access-control-allow-origin: *
content-length: 94
date: Sat, 26 Oct 2024 16:37:47 GMT
content-type: application/json

OPTIONS
H2 200 httpapi
api2.analyticspodium.com/2/ Frame 0
0 710ms
184ms Preflight 54.191.200.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.analyticspodium.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.191.200.205 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-200-205.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gormans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
apigw-requestid: AREiThMqvHcEPCw=
content-length: 0
date: Sat, 26 Oct 2024 16:37:47 GMT
strict-transport-security: max-age=15768000

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 3 KB
1 KB 258ms
257ms XHR
application/json 2606:4700::6812:13a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f63b4deb0e37df62b5272cfe74b2385e6ab62e0113c1256f27c30b45a6a275

Request headers

Referer: https://www.gormans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-robots-tag: noindex
x-request-id: GAIOD45VsEMdJyU-F6ax
cache-control: max-age=0, private, must-revalidate
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d8bdf76fbf835e1-FRA
access-control-allow-origin: https://www.gormans.com
date: Sat, 26 Oct 2024 16:37:46 GMT
content-type: application/json; charset=utf-8
vary: origin
server: cloudflare

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 38 B
139 B 244ms
242ms XHR
application/json 2606:4700::6812:13a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Referer: https://www.gormans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-robots-tag: noindex
x-request-id: GAIOD6AaCo8PSaU-F8Ah
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d8bdf78dd9035e1-FRA
access-control-allow-origin: https://www.gormans.com
content-length: 38
date: Sat, 26 Oct 2024 16:37:47 GMT
content-type: application/json; charset=utf-8
vary: origin
server: cloudflare

GET
H2 200 styles.css
connect.podium.com/ Frame 43AD 64 KB
10 KB 23ms
23ms Stylesheet
text/css 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: max-age=3600
content-encoding: gzip
etag: "c1fa1977d66b8bebcb22901457400a35"
age: 2968
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 10003
x-amz-cf-id: r-9jtEFAVCC-K3e7dL2RGOCFgpiCW0yDX4ZwWvHJPfvvwX8U4q7WSg==
date: Sat, 26 Oct 2024 15:48:19 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 43AD 34 KB
34 KB 35ms
17ms Font
binary/octet-stream 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gormans.com
Referer: https://connect.podium.com/styles.css

Response headers

access-control-max-age: 3000
etag: "1d077eb2f892e7f968f043b40b6ae557"
age: 159840
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: UqtR3BrP9u0feHPpVk9GACYB-lCj3UaiE2dtUnAYn6FwHTiXqqRCRA==
date: Thu, 24 Oct 2024 20:13:48 GMT
content-type: binary/octet-stream
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
vary: Origin,Access-Control-Request-Headers
cache-control: max-age=31536000
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 34640
x-amz-cf-pop: FRA2-C2
server: AmazonS3

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 43AD 30 KB
30 KB 33ms
16ms Font
binary/octet-stream 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.gormans.com
Referer: https://connect.podium.com/styles.css

Response headers

access-control-max-age: 3000
etag: "c28f8beb02447597a13d138680f42e65"
age: 159840
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: dL4dP5qp10ahS4Ur7LuCDM5zBriqjTsi3U_yFC0g3q9D5TFbntkRoA==
date: Thu, 24 Oct 2024 20:13:48 GMT
content-type: binary/octet-stream
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
vary: Origin,Access-Control-Request-Headers
cache-control: max-age=31536000
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 30548
x-amz-cf-pop: FRA2-C2
server: AmazonS3

GET
H3 200 favicon.ico
www.gormans.com/cid1108/css/20034/images/ 4 KB
932 B 51ms
51ms Other
image/x-icon 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/cid1108/css/20034/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 39646b280991b47a21989359eea5ccead71eb0ca51ab27ef2eb0f2d5889d8efa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cache-control: max-age=2419200
content-encoding: br
cf-cache-status: HIT
etag: W/"d9cfd4a6dea9d11:0"
age: 145332
cf-ray: 8d8bdf7ad94c8f35-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:47 GMT
content-type: image/x-icon
last-modified: Mon, 09 May 2016 10:36:31 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 35 B
587 B 479ms
470ms XHR
application/json 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: /
Resource Hash: 2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.gormans.com/

Response headers

x-amz-apigw-id: AREieGCwPHcEXVA=
x-amzn-trace-id: Root=1-671d1adc-41068c532834185f40444e41;Parent=2f93c156a2022f08;Sampled=0;Lineage=1:a245b58f:0
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-amzn-requestid: f53ead4b-34bd-4def-8f76-11e9deca1f8b
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 35
x-amz-cf-id: _dxPd0BHf30v6t8Nk3rWUgIDx_sOIIKS_VSuGXvkmN6TVse8U6SbFQ==
date: Sat, 26 Oct 2024 16:37:48 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 509ms
464ms Preflight
application/json 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.gormans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 26 Oct 2024 16:37:47 GMT
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-apigw-id: AREiZGGBPHcEZHQ=
x-amz-cf-id: LXSEDKX6xFpZ3ZIZgIaFl-p7JpiXOPEfg8ZpOlWNSiHfYjbskGYiBw==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: f5a21d11-4e53-4b7a-b5cd-05d8aaa2fb10
x-cache: Miss from cloudfront

GET
H3 200 favicon.ico
www.gormans.com/images/ 1 KB
957 B 27ms
26ms Other
image/x-icon 104.17.198.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gormans.com/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.198.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8c8fc7dd75965154927dfba081414584f5b03b72b12cc35454ade8d1e5ed70a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/leather/

Response headers

cache-control: max-age=604800
content-encoding: br
cf-cache-status: HIT
etag: W/"9ccda97ec12ed81:0"
age: 536293
cf-ray: 8d8bdf7b39d98f35-FRA
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 16:37:47 GMT
content-type: image/x-icon
last-modified: Thu, 03 Mar 2022 05:42:39 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 38 B
136 B 247ms
244ms XHR
application/json 2606:4700::6812:13a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Referer: https://www.gormans.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-robots-tag: noindex
x-request-id: GAIOEBdtVieAsbwzSg6y
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d8bdf855a3c35e1-FRA
access-control-allow-origin: https://www.gormans.com
content-length: 38
date: Sat, 26 Oct 2024 16:37:49 GMT
content-type: application/json; charset=utf-8
vary: origin
server: cloudflare

GET
H2 200 styles.css
connect.podium.com/ Frame 84EF 64 KB
0 23ms
23ms Stylesheet
text/css 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

cache-control: max-age=3600
content-encoding: gzip
etag: "c1fa1977d66b8bebcb22901457400a35"
age: 2968
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 10003
x-amz-cf-id: r-9jtEFAVCC-K3e7dL2RGOCFgpiCW0yDX4ZwWvHJPfvvwX8U4q7WSg==
date: Sat, 26 Oct 2024 15:48:19 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 84EF 30 KB
0 33ms
16ms Font
binary/octet-stream 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer

Response headers

access-control-max-age: 3000
etag: "c28f8beb02447597a13d138680f42e65"
age: 159840
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: dL4dP5qp10ahS4Ur7LuCDM5zBriqjTsi3U_yFC0g3q9D5TFbntkRoA==
date: Thu, 24 Oct 2024 20:13:48 GMT
content-type: binary/octet-stream
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
vary: Origin,Access-Control-Request-Headers
cache-control: max-age=31536000
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 30548
x-amz-cf-pop: FRA2-C2
server: AmazonS3

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 84EF 34 KB
0 35ms
17ms Font
binary/octet-stream 2600:9000:21f3:3600:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer

Response headers

access-control-max-age: 3000
etag: "1d077eb2f892e7f968f043b40b6ae557"
age: 159840
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: UqtR3BrP9u0feHPpVk9GACYB-lCj3UaiE2dtUnAYn6FwHTiXqqRCRA==
date: Thu, 24 Oct 2024 20:13:48 GMT
content-type: binary/octet-stream
last-modified: Thu, 24 Oct 2024 15:25:59 GMT
vary: Origin,Access-Control-Request-Headers
cache-control: max-age=31536000
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 34640
x-amz-cf-pop: FRA2-C2
server: AmazonS3

GET
H2 200 defaultWebchatPinkAvatar.png
assets.podium.com/images/ Frame 84EF 39 KB
39 KB 69ms
10ms Image
image/png 2600:9000:2724:5000:1f:7c97:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.podium.com/images/defaultWebchatPinkAvatar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:5000:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gormans.com/

Response headers

x-amz-cf-pop: FRA56-P12
x-amz-version-id: EpIAa.1FDiRxQF3e9Rp.lY7y4w3FHVlc
etag: "a7044c5ad0c2d26c58a0b68b3b4baa21"
age: 1913
via: 1.1 ea7cd71b17e29a29176686830f1a76c4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 39499
x-amz-cf-id: _ewpqRdME4syEBjlOws2kWs4TQX_VdmaqjBG_2BnFwQU_xmF_dPeYg==
date: Sat, 26 Oct 2024 16:05:57 GMT
content-type: image/png
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 30 May 2023 15:06:22 GMT

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.gormans.com/	1969-12-31 23:59:59	Name: __cfruid Value: 2b75f34fb01bdd06b7df0a99cd7fabf7a933fde7-1729960664
.gormans.com/	1970-01-21 00:34:07	Name: _gid Value: GA1.2.658358508.1729960665
.gormans.com/	1970-01-21 00:32:40	Name: _gat Value: 1
.gormans.com/	1970-01-21 09:18:16	Name: AMP_MKTG_16a5c84b5b Value: JTdCJTdE
.gormans.com/	1970-01-21 09:18:16	Name: AMP_16a5c84b5b Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwYzgwZDEzNy0wNjllLTRjOTYtOTFjZi0zZWMxYzlmZDY2YjMlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI5OTYwNjY1NDg5JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyOTk2MDY2NTYxNiU3RA==
.gormans.com/	1970-01-21 10:08:40	Name: _ga_0PKL9K57J0 Value: GS1.1.1729960665.1.0.1729960665.0.0.0
.gormans.com/	1970-01-21 10:08:40	Name: _ga Value: GA1.1.1141848364.1729960665
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/	1970-01-21 00:34:07	Name: test Value: test

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gormans.com/leather/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000, max-age=31536000, max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com
api2.analyticspodium.com
assets.podium.com
capture-api.reachlocalservices.com
capturelogger-prod-usa.localiq.com
cdn.rlets.com
connect.podium.com
fonts.googleapis.com
fonts.gstatic.com
jelly-v6.mdhv.io
jelly.mdhv.io
lab.analyticspodium.com
mind-flayer.podium.com
pixel.mathtag.com
premium-secure.microdinc.com
region1.google-analytics.com
retailer-secure.microdinc.com
udesign.canadel.com
www.google-analytics.com
www.googletagmanager.com
www.gormans.com
www.michiganbestleather.com
104.17.197.25
104.17.198.25
142.250.185.195
18.66.147.58
20.116.34.211
2001:4860:4802:34::178
2001:4860:4802:34::36
2001:4860:4802:36::15
216.200.232.249
216.239.34.21
2600:9000:21f3:3600:1a:3af:f5c0:93a1
2600:9000:2724:5000:1f:7c97:a480:93a1
2600:9000:2724:ba00:6:9a19:88c0:93a1
2606:4700::6811:c619
2606:4700::6812:13a1
2a00:1450:4001:829::2008
2a00:1450:4001:830::200a
3.33.251.168
34.168.224.78
34.208.170.37
35.162.185.85
54.191.200.205
00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a
0816057aed3101a3f1b643723fd14d32a295588ae18c1cbd6306f81f887ae315
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
13f63b4deb0e37df62b5272cfe74b2385e6ab62e0113c1256f27c30b45a6a275
181a0ec1a9661bff3df55e308445ac3c8660620a85d09126ccb8f90a1cfbe9cd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28905b52c1b3a93d5c4170b0b2cef9a7b91aa2cbc908193e0d31e7982f2f91b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745
39646b280991b47a21989359eea5ccead71eb0ca51ab27ef2eb0f2d5889d8efa
3e75083307e79f79224fdaf58eca85ccbe33cb9d7219cab7034c71bf3b320ddd
42a643d05e1343f666aa63e10f3bb8ae017c79c9743416d8f6fb7b0ae7aa3655
476323bd05780696cf5a8a81bdb5b186962befed1e1f507f56e157cb6608724b
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4c98d0fe62a2017dba61f0f1ef3d27e013261bfe46794d2e28ca57f77830bcbf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5ae4bb3cd5f8187e4b83968afea7a5ba6c12c421e571736aac29ff4b4dc00fbe
5bcfacf47326af380a874fd10251517ed00062a736bc9546a41c8fac73d8fc51
5c13c03d0b369979888acf946f62522a3cb8f2a659d76a0647633cf9dd3d0c84
6362420002400c322fff2f1bf2c2535a4a187c4976541d5bb6bcc3ad9c566938
67508f995b958a65fc2ecb7ca14ced467adf53c9d423fe552052e55965167041
6ccc2a862b00ac83e4821a6d67acb0bef25bb11cdbaa6c57369fb42f42060ed0
70f9b395cc3a7874d77e554d3ddef0a665225a58df153f556942af7181fe2162
783f8d239a494e05ff908247a200bc15a19ff20f34fefc024d84a6d3352a2e80
81d2121635db8ac4faad8fdeebcc22e5b9655e3412b8cc01bb4c44419c841800
86374ecb912dd68f6ec86a065233edf0c9166a977ab6314296c96955777375ad
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
8ac5cda522d79863e9a4a9884f76a933b54b3a3a18af3ccf6e7535b9e3132ad0
8b0fcd5865069f7fe250815d66efe691c2b08eb4098bf311429054e02a11a4e9
90c4836c40858fd6051920ec6690f806a1fd5cb910dbd9565ced4841dc7e46d6
90d04670b8e6e29b4197b510f17bb7de3c245aef189122bab92425e92e0077c8
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
98292d2df8242a9d9a592d63e76fe68689da3812b537de54671162518d5f4cca
9ab082dce30b4ed9b93263882e1432b9ffc1d7ae6c502cff63d267ebfef3cfad
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0
bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37
bc3d9684171a2c695425379f6988415653550c5008c904a432f407ec9068518c
be21727dc36aa9c43e3cd14f636395c34c582e6b6f16e42d094d9aa47a66b8e5
c8c8fc7dd75965154927dfba081414584f5b03b72b12cc35454ade8d1e5ed70a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e4f4cfe31bc1e9e6ac5cd9581e3718bdb4cfe201a5fd48bd0573c976db588bc2
e69b8ed4e4edd747ca15e9948ccfb01f8e58b62d0320ea969911c025c99512b0
ea8719e60835e698f7aa231e33f70d84810994177e5e526e1a33c9709fdd93f0
f20d12d9dc6ccb4aaec3b4cd404b64b7828d8e74dc8d336adac986de8cf94938
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

www.gormans.com Open in urlscan Pro 104.17.198.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

45 %IPv6

15 Domains

22 Subdomains

20 IPs

4 Countries

2074 kBTransfer

4448 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gormans.com Open in urlscan Pro
104.17.198.25 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

45 %
IPv6

15
Domains

22
Subdomains

20
IPs

4
Countries

2074 kB
Transfer

4448 kB
Size

8
Cookies

60 HTTP transactions
0 data transactions