urlscan.io logo urlscan.io
SecurityTrails logo

www.gormans.com Open in urlscan Pro
2606:4700::6811:c619  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.michigansbestleather.com/
Effective URL: https://www.gormans.com/leather/
Submission: On October 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 2 countries across 44 domains to perform 116 HTTP transactions. The main IP is 2606:4700::6811:c619, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gormans.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2024. Valid for: 10 months.
This is the only time www.gormans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
18 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:230... 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
7 2600:9000:251... 16509 (AMAZON-02)
1 216.200.232.249 30419 (PAEDAE-INC)
1 20.116.34.211 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 52.40.189.23 16509 (AMAZON-02)
2 44.236.18.206 16509 (AMAZON-02)
1 1 216.239.36.21 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
7 34.138.31.113 396982 (GOOGLE-CL...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 3.162.125.100 16509 (AMAZON-02)
1 5 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:33:1... 8075 (MICROSOFT...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2 142.250.31.156 15169 (GOOGLE)
2 34.86.110.8 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 34.215.63.43 16509 (AMAZON-02)
1 173.194.204.156 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
21 24 34.150.170.96 396982 (GOOGLE-CL...)
1 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 108.138.128.44 16509 (AMAZON-02)
1 1 2600:9000:27c... 16509 (AMAZON-02)
1 2 2600:9000:207... 16509 (AMAZON-02)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 63.251.28.210 26558 (FREEWHEEL)
2 3 2600:1901:0:8... 396982 (GOOGLE-CL...)
3 4 2001:4998:14:... 14777 (YAHOO)
1 2 34.229.3.43 14618 (AMAZON-AES)
1 34.202.180.87 14618 (AMAZON-AES)
1 23.220.132.230 16625 (AKAMAI-AS)
1 2 34.194.13.62 14618 (AMAZON-AES)
1 2 3.211.132.90 14618 (AMAZON-AES)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 68.67.179.155 29990 (ASN-APPNEX)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
2 2 209.85.144.155 15169 (GOOGLE)
1 2600:9000:251... 16509 (AMAZON-02)
116 48
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.michigansbestleather.com
18    2606:4700::6811:c619 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gormans.com
premium-secure.microdinc.com
5    2606:4700::6811:c519 (United States)

ASN13335 (CLOUDFLARENET, US)
retailer-secure.microdinc.com
1    2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:2305:9400:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
7    2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2600:9000:2512:d400:1a:3af:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
connect.podium.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (PAEDAE-INC, US)
pixel.mathtag.com
1    20.116.34.211 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
udesign.canadel.com
3    2607:f8b0:4004:c19::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.40.189.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-189-23.us-west-2.compute.amazonaws.com
capturelogger-prod-usa.localiq.com
2    44.236.18.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-18-206.us-west-2.compute.amazonaws.com
lab.analyticspodium.com
1    216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net
jelly.mdhv.io
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
jelly-v6.mdhv.io
7    34.138.31.113 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.31.138.34.bc.googleusercontent.com
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com
fault.rlets.com
5    2606:4700::6812:12a1 (United States)

ASN13335 (CLOUDFLARENET, US)
mind-flayer.podium.com
5    2607:f8b0:400d:c09::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:400d:c02::9b (Morganton, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    3.162.125.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-100.iad61.r.cloudfront.net
capture-api.reachlocalservices.com
5    2607:f8b0:400d:c02::69 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
www.googleadservices.com
2    34.86.110.8 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.86.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    34.215.63.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-63-43.us-west-2.compute.amazonaws.com
api2.analyticspodium.com
1    173.194.204.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f156.1e100.net
bid.g.doubleclick.net
2    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
24    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4232:9e2f:bf0c:201b:364e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    108.138.128.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-44.jfk50.r.cloudfront.net
aa.agkn.com
1    2600:9000:27c5:2800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    2600:9000:2073:2000:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    63.251.28.210 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
pbid.pro-market.net
4    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
1    34.202.180.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-180-87.compute-1.amazonaws.com
sync.bfmio.com
1    23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.194.13.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-13-62.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    3.211.132.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-132-90.compute-1.amazonaws.com
ce.lijit.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    209.85.144.155 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f155.1e100.net
cm.g.doubleclick.net
1    2600:9000:2512:4400:1f:7c97:a480:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.podium.com
Apex Domain
Subdomains		 Transfer
26 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4957
i.simpli.fi — Cisco Umbrella Rank: 4183
um.simpli.fi — Cisco Umbrella Rank: 913
15 KB
17 gormans.com
www.gormans.com
872 KB
13 podium.com
connect.podium.com — Cisco Umbrella Rank: 28965
mind-flayer.podium.com — Cisco Umbrella Rank: 29667
assets.podium.com — Cisco Umbrella Rank: 46723
308 KB
12 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 15600
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com
fault.rlets.com — Cisco Umbrella Rank: 255909
94 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
pubads.g.doubleclick.net — Cisco Umbrella Rank: 441
bid.g.doubleclick.net — Cisco Umbrella Rank: 1055
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
8 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
538 KB
6 microdinc.com
retailer-secure.microdinc.com — Cisco Umbrella Rank: 413730
premium-secure.microdinc.com — Cisco Umbrella Rank: 354118
298 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
280 B
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1830
ups.analytics.yahoo.com — Cisco Umbrella Rank: 495
1 KB
4 analyticspodium.com
lab.analyticspodium.com — Cisco Umbrella Rank: 28120
api2.analyticspodium.com — Cisco Umbrella Rank: 26486
11 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2566
pbid.pro-market.net — Cisco Umbrella Rank: 9935
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
3 localiq.com
capturelogger-prod-usa.localiq.com — Cisco Umbrella Rank: 23965
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 516
502 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
900 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
829 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 912
896 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 976
836 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1779
2 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 993
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 542
d.agkn.com — Cisco Umbrella Rank: 782
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 446
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 415
970 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 18386
588 B
2 mdhv.io
jelly.mdhv.io — Cisco Umbrella Rank: 6930
jelly-v6.mdhv.io — Cisco Umbrella Rank: 11889
643 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
1 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 751
632 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1137
27 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1507
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 576
653 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 867
553 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6710
175 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
99 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 canadel.com
udesign.canadel.com
5 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 3455
712 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 michigansbestleather.com
www.michigansbestleather.com
308 B
0 smaato.net Failed
s.ad.smaato.net Failed
116 44
Domain Requested by
24 um.simpli.fi 21 redirects
17 www.gormans.com www.gormans.com
7 connect.podium.com www.gormans.com
connect.podium.com
7 www.googletagmanager.com www.gormans.com
www.googletagmanager.com
cdn.rlets.com
6 1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com cdn.rlets.com
5 www.google.com 1 redirects www.gormans.com
5 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
5 mind-flayer.podium.com connect.podium.com
5 cdn.rlets.com www.gormans.com
cdn.rlets.com
5 retailer-secure.microdinc.com www.gormans.com
3 ups.analytics.yahoo.com 2 redirects
3 bat.bing.com www.gormans.com
bat.bing.com
3 capturelogger-prod-usa.localiq.com cdn.rlets.com
3 www.google-analytics.com www.gormans.com
www.google-analytics.com
www.googletagmanager.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com 1 redirects
2 pixel.tapad.com 1 redirects
2 eb2.3lift.com 1 redirects
2 www.facebook.com
2 api2.analyticspodium.com connect.podium.com
2 www.googleadservices.com 1 redirects cdn.rlets.com
2 connect.facebook.net cdn.rlets.com
connect.facebook.net
2 capture-api.reachlocalservices.com cdn.rlets.com
2 td.doubleclick.net www.googletagmanager.com
2 lab.analyticspodium.com connect.podium.com
1 assets.podium.com
1 pixel.rubiconproject.com
1 pippio.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.1rx.io
1 bid.g.doubleclick.net www.googleadservices.com
1 i.simpli.fi tag.simpli.fi
1 pubads.g.doubleclick.net
1 tag.simpli.fi cdn.rlets.com
1 fault.rlets.com
1 jelly-v6.mdhv.io www.gormans.com
1 jelly.mdhv.io 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 udesign.canadel.com www.gormans.com
1 pixel.mathtag.com www.gormans.com
1 fonts.googleapis.com www.gormans.com
1 premium-secure.microdinc.com www.gormans.com
1 www.michigansbestleather.com 1 redirects
0 s.ad.smaato.net Failed
116 60
Subject Issuer Validity Valid
www.gormans.com
Cloudflare Inc ECC CA-3		 2024-03-10 -
2024-12-31		 10 months crt.sh
retailer-secure.microdinc.com
E5		 2024-08-27 -
2024-11-25		 3 months crt.sh
premium-secure.microdinc.com
E6		 2024-10-18 -
2025-01-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.rlets.com
Amazon RSA 2048 M02		 2024-09-29 -
2025-10-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.podium.com
Amazon RSA 2048 M02		 2024-04-23 -
2025-05-21		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-23 -
2025-04-30		 a year crt.sh
canadel.com
Go Daddy Secure Certificate Authority - G2		 2023-12-04 -
2024-12-30		 a year crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.localiq.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-23		 6 months crt.sh
*.analyticspodium.com
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
captureapi.localiq.com
R11		 2024-10-12 -
2025-01-10		 3 months crt.sh
podium.com
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.reachlocalservices.com
Amazon RSA 2048 M02		 2024-10-03 -
2025-11-01		 a year crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.googleadservices.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh

This page contains 12 frames:

Primary Page: https://www.gormans.com/leather/
Frame ID: D5281AD3CA85D85B19C36DBF6DBF57AD
Requests: 91 HTTP requests in this frame

Frame: https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Frame ID: 9B35861057CE8BDA7C1FDD185517BC3D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/724909536?random=1729603291644&cv=11&fst=1729603291644&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9180878297z8812726666za201zb812726666&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 51F7AB936ADBE34CA4CDAE8C0794132D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.gormans.com
Frame ID: 793FD87559D5EB3DF7A56D67A55BE58D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: C2F24EC76061BC62C5A9139BCD9A9D89
Requests: 1 HTTP requests in this frame

Frame: https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Frame ID: 3CAFBD5111EEB1AE05F4C96CC147A9FF
Requests: 1 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 3BE1F612F953CB60E5C6393C8259B0BB
Requests: 4 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/855619247?random=1729603292444&cv=11&fst=1729603292444&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&auid=166281323.1729603292&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 89C679A718D8819339AC18C59A72781E
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 980E5B3866191C55535D06B314DE5822
Requests: 1 HTTP requests in this frame

Frame: https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Frame ID: 1012066456957DC0FCB743D9CDDB490D
Requests: 1 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: C842F83C6BB14FC28F45F00AAB5BF9AF
Requests: 6 HTTP requests in this frame

Frame: https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Frame ID: 2AA7404DDDB397A0A7D30120FB7C1249
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gorman's Home Furnishings & Interior Design - Furniture Store Serving The Metro Detroit Area

Page URL History Show full URLs

  1. https://www.michigansbestleather.com/ HTTP 301
    http://www.gormans.com/leather/ HTTP 307
    https://www.gormans.com/leather/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

79 %
HTTPS

44 %
IPv6

44
Domains

60
Subdomains

48
IPs

2
Countries

2328 kB
Transfer

5598 kB
Size

76
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.michigansbestleather.com/ HTTP 301
    http://www.gormans.com/leather/ HTTP 307
    https://www.gormans.com/leather/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://jelly.mdhv.io/v1/star.gif?pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&evt=hi HTTP 307
  • https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=fa36fecc-f018-4305-bc2d-475fbf488c30
Request Chain 70
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101686685~101823848~101836706&rnd=499767432.1729603292&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dma=0&npa=0&gtm=45be4ah0za200&auid=166281323.1729603292&frm=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101686685~101823848~101836706&rnd=499767432.1729603292&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dma=0&npa=0&gtm=45be4ah0za200&auid=166281323.1729603292&frm=0
Request Chain 80
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 81
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/F1419EABB6D740FA96553DAF15FE66E4
Request Chain 82
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=F1419EABB6D740FA96553DAF15FE66E4&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=F1419EABB6D740FA96553DAF15FE66E4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 83
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 84
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 85
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1729603292826&ip=208.252.80.112&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D215010605043012106634 HTTP 302
  • https://um.simpli.fi/aa_px?sk=215010605043012106634 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 86
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1419EABB6D740FA96553DAF15FE66E4&ckls=true&ci=8ZT4VXIDkD&nc=false&trid=-35726703
Request Chain 87
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1419EABB6D740FA96553DAF15FE66E4
Request Chain 88
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 89
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=F1419EABB6D740FA96553DAF15FE66E4;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=F1419EABB6D740FA96553DAF15FE66E4;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-H6_GsutE2pTZP4JedOsa6OV_x.dhUY8dNK8-~A
Request Chain 90
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1419EABB6D740FA96553DAF15FE66E4&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1419EABB6D740FA96553DAF15FE66E4&j=0&xl8blockcheck=1
Request Chain 91
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1419EABB6D740FA96553DAF15FE66E4&verify=true
Request Chain 92
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 93
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 94
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 95
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=F1419EABB6D740FA96553DAF15FE66E4&dnr=1
Request Chain 96
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=F1419EABB6D740FA96553DAF15FE66E4 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRjE0MTlFQUJCNkQ3NDBGQTk2NTUzREFGMTVGRTY2RTQQABoNCNzN3rgGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&rand=04848323 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&rand=04848323&expected_cookie=36d7cb7e-d806-4e8d-b3cb-56d9a10cae60
Request Chain 97
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1729603292499&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1022833815&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIrNXrroqiiQMV7E9HAR1SRgThMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5nb3JtYW5zLmNvbS8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1022833815&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIrNXrroqiiQMV7E9HAR1SRgThMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5nb3JtYW5zLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfeE3aCRVyNG9EcZJvKrjTu_fys726Kpsjs601Ilr0cNqXHpow&random=3779308371
Request Chain 99
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=F1419EABB6D740FA96553DAF15FE66E4 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1419EABB6D740FA96553DAF15FE66E4
Request Chain 100
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1419EABB6D740FA96553DAF15FE66E4&expires=365
Request Chain 101
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1419EABB6D740FA96553DAF15FE66E4
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEEPJw4PzO3maB3oNpLNEHGE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1419EABB6D740FA96553DAF15FE66E4 HTTP 302
  • https://um.simpli.fi/g_match?id=

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gormans.com/leather/
Redirect Chain
  • https://www.michigansbestleather.com/
  • http://www.gormans.com/leather/
  • https://www.gormans.com/leather/
45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1ca2610cf967ea52275215dc40bf9be1186245eb0b033e2e735e8c0eeb1b93e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000, max-age=31536000, max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-apo-via
origin,host
cf-cache-status
EXPIRED
cf-ray
8d69ca7018a04340-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 13:21:29 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=31536000, max-age=31536000, max-age=31536000, max-age=31536000
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-client-image-vid
53
x-client-vid
1108
x-epiphany-vid
18796-2339
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

Location
https://www.gormans.com/leather/
Non-Authoritative-Reason
HttpsUpgrades
omnivue.min.css
retailer-secure.microdinc.com/vid18796-2339/css/epiphany3/css/ 		274 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer-secure.microdinc.com/vid18796-2339/css/epiphany3/css/omnivue.min.css
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6ccc2a862b00ac83e4821a6d67acb0bef25bb11cdbaa6c57369fb42f42060ed0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"80193966fd19db1:0"
age
4389
cf-ray
8d69ca765c8319aa-EWR
expires
Wed, 22 Oct 2025 13:21:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
text/css
last-modified
Wed, 09 Oct 2024 03:43:27 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
omnivue.min.js
retailer-secure.microdinc.com/vid18796-2339/css/js/epiphany3/ 		115 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer-secure.microdinc.com/vid18796-2339/css/js/epiphany3/omnivue.min.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5ae4bb3cd5f8187e4b83968afea7a5ba6c12c421e571736aac29ff4b4dc00fbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"80d37542fd19db1:0"
age
4389
cf-ray
8d69ca766c8e19aa-EWR
expires
Wed, 22 Oct 2025 13:21:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 03:42:27 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
style.min.css
retailer-secure.microdinc.com/vid18796-2339/css/epiphany3/bravo/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailer-secure.microdinc.com/vid18796-2339/css/epiphany3/bravo/style.min.css
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc3d9684171a2c695425379f6988415653550c5008c904a432f407ec9068518c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"80ec765fd19db1:0"
age
4389
cf-ray
8d69ca766c8c19aa-EWR
expires
Wed, 22 Oct 2025 13:21:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
text/css
last-modified
Wed, 09 Oct 2024 03:43:25 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
customized.css
www.gormans.com/cid1108/css/20034/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/customized.css
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86374ecb912dd68f6ec86a065233edf0c9166a977ab6314296c96955777375ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"e193ff8713d81:0"
age
38376
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origSize=72357
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
text/css
last-modified
Thu, 27 Jan 2022 14:13:02 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca7528184340-EWR
access-control-allow-origin
*
x-powered-by
ASP.NET
server
cloudflare
fontawesome-webfont.woff2
premium-secure.microdinc.com/css/epiphany3/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://premium-secure.microdinc.com/css/epiphany3/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.gormans.com
Referer
https://www.gormans.com/

Response headers

cf-cache-status
HIT
etag
"0dbb47dc12ed81:0"
age
431318
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 13:21:30 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/font-woff2
last-modified
Thu, 03 Mar 2022 05:42:38 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca761ec16a4e-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
x-powered-by
ASP.NET
server
cloudflare
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:500,600,700,800,900,400,300
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
81d2121635db8ac4faad8fdeebcc22e5b9655e3412b8cc01bb4c44419c841800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:21:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:21:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
slick.css
www.gormans.com/cid1108/css/20034/slick/ 		1 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/slick/slick.css
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"b62f5b5326e1d11:0"
age
1034287
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origSize=1729
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
text/css
last-modified
Mon, 18 Jul 2016 18:58:09 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca75281a4340-EWR
access-control-allow-origin
*
x-powered-by
ASP.NET
server
cloudflare
slick-theme.css
www.gormans.com/cid1108/css/20034/slick/ 		2 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/slick/slick-theme.css
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"8245305326e1d11:0"
age
1034287
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origSize=3145
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
text/css
last-modified
Mon, 18 Jul 2016 18:58:09 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca75281e4340-EWR
access-control-allow-origin
*
x-powered-by
ASP.NET
server
cloudflare
jquery.cookie.js
www.gormans.com/cid1108/css/20034/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/scripts/jquery.cookie.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"8ce17d445810d21:0"
age
1034287
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origSize=3121
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Fri, 16 Sep 2016 20:24:03 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca7528214340-EWR
access-control-allow-origin
*
x-powered-by
ASP.NET
server
cloudflare
mms.js
cdn.rlets.com/capture_static/mms/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_static/mms/mms.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2305:9400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be21727dc36aa9c43e3cd14f636395c34c582e6b6f16e42d094d9aa47a66b8e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

x-amz-cf-pop
IAD89-P2
content-encoding
gzip
etag
W/"a46d4f410fa58956733bebecc815d4f9"
age
66461
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
AJv6EPfSjrkOYdtzqNzFc1ZRSj31kVyh2X386VMtEOsJB8HSwVZXqQ==
date
Mon, 21 Oct 2024 18:53:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 21 Oct 2024 16:40:05 GMT
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-724909536
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eeb14304df80162a407a20bf901d4c5035b150d408a49aa9da4925e7b163dd3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 13:21:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89784
x-xss-protection
0
server
Google Tag Manager
widget.js
connect.podium.com/ 		682 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/widget.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
256f9f5c23dfbef60ffebf76280d731ce786ac173635cf07861c6216e2dc292a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
"7642a76267c9abebdbe47e56d65bde95"
age
1816
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
196192
x-amz-cf-id
1PjfOtQzzkDan2Rckpw9SdmTmqefWlYqySdOTB4PMFyWiLbHPt91RQ==
date
Tue, 22 Oct 2024 12:51:15 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
vary
Accept-Encoding
js
pixel.mathtag.com/event/ 		161 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1366106&mt_adid=206566&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.249 Frederick, United States, ASN30419 (PAEDAE-INC, US),
Reverse DNS
Software
MT3 1668 f41eadd master ord ord-pixel-x54 config_version:"1033" /
Resource Hash
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
Security Headers
Name Value
Strict-Transport-Security 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

Strict-Transport-Security
31536000
Cache-Control
no-cache
Content-Encoding
gzip
Connection
close
Cross-Origin-Resource-Policy
cross-origin
Referrer-Policy
strict-origin
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Tue, 22 Oct 2024 13:21:30 GMT
X-XSS-Protection
0
Content-Type
text/javascript
Server
MT3 1668 f41eadd master ord ord-pixel-x54 config_version:"1033"
jquery.hoverintent.minified.js
www.gormans.com/cid1108/css/20034/scripts/ 		1 KB
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/scripts/jquery.hoverintent.minified.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9ab082dce30b4ed9b93263882e1432b9ffc1d7ae6c502cff63d267ebfef3cfad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"f3d9b6641f8fd11:0"
age
1034287
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origSize=1464
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Tue, 05 Apr 2016 09:41:56 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca7528234340-EWR
access-control-allow-origin
*
x-powered-by
ASP.NET
server
cloudflare
logo.png
www.gormans.com/cid1108/css/20034/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/logo.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
42a643d05e1343f666aa63e10f3bb8ae017c79c9743416d8f6fb7b0ae7aa3655

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"d2169c2623e4d11:0"
age
1034279
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origFmt=png, origSize=17147
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/webp
content-disposition
inline; filename="logo.webp"
vary
Accept
last-modified
Fri, 22 Jul 2016 14:12:59 GMT
cache-control
public, max-age=31536000
cf-ray
8d69ca7528264340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10800
x-powered-by
ASP.NET
server
cloudflare
menu-370x370_outdoor1.png
www.gormans.com/cid1108/css/20034/images/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/images/menu-370x370_outdoor1.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
70f9b395cc3a7874d77e554d3ddef0a665225a58df153f556942af7181fe2162

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"b6b8b6e32b7d11:0"
age
1034274
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origFmt=png, origSize=306998
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/webp
content-disposition
inline; filename="menu-370x370_outdoor1.webp"
vary
Accept
last-modified
Thu, 26 May 2016 09:36:19 GMT
cache-control
public, max-age=31536000
cf-ray
8d69ca7528284340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
201842
x-powered-by
ASP.NET
server
cloudflare
home-office_menu.png
www.gormans.com/cid1108/css/20034/images/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/images/home-office_menu.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ea8719e60835e698f7aa231e33f70d84810994177e5e526e1a33c9709fdd93f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"7078c5bdda9d11:0"
age
1034273
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origFmt=png, origSize=247692
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/webp
content-disposition
inline; filename="home-office_menu.webp"
vary
Accept
last-modified
Mon, 09 May 2016 10:27:15 GMT
cache-control
public, max-age=31536000
cf-ray
8d69ca7609404340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
161910
x-powered-by
ASP.NET
server
cloudflare
sublinkscontentpic.jpg
www.gormans.com/cid1108/css/20034/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/images/sublinkscontentpic.jpg
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
98292d2df8242a9d9a592d63e76fe68689da3812b537de54671162518d5f4cca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6ce9f97062c4d11:0"
age
1034273
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
degrade=85, origSize=15810, status=webp_bigger
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/jpeg
last-modified
Sun, 12 Jun 2016 04:25:25 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca7689ff4340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
9731
x-powered-by
ASP.NET
server
cloudflare
bedroom_menu.png
www.gormans.com/cid1108/css/20034/images/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/images/bedroom_menu.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e4f4cfe31bc1e9e6ac5cd9581e3718bdb4cfe201a5fd48bd0573c976db588bc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6ad2aedad8a9d11:0"
age
1034273
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origFmt=png, origSize=245801
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/webp
content-disposition
inline; filename="bedroom_menu.webp"
vary
Accept
last-modified
Mon, 09 May 2016 09:55:01 GMT
cache-control
public, max-age=31536000
cf-ray
8d69ca76aa1f4340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
151272
x-powered-by
ASP.NET
server
cloudflare
dining_menu.png
www.gormans.com/cid1108/css/20034/images/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/images/dining_menu.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
181a0ec1a9661bff3df55e308445ac3c8660620a85d09126ccb8f90a1cfbe9cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"17401785daa9d11:0"
age
1034270
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origFmt=png, origSize=256363
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/webp
content-disposition
inline; filename="dining_menu.webp"
vary
Accept
last-modified
Mon, 09 May 2016 10:06:57 GMT
cache-control
public, max-age=31536000
cf-ray
8d69ca771acb4340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
163986
x-powered-by
ASP.NET
server
cloudflare
logo-black-large.png
udesign.canadel.com/Content/images/udesign-button/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udesign.canadel.com/Content/images/udesign-button/logo-black-large.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.116.34.211 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / localhost
Resource Hash
e69b8ed4e4edd747ca15e9948ccfb01f8e58b62d0320ea969911c025c99512b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

access-control-allow-headers
authorization,Content-Type
cache-control
max-age=604800
access-control-expose-headers
X-total-count
etag
"0d083d43024db1:0"
access-control-allow-methods
POST,GET,PUT,DELETE,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
4470
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 03:16:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
localhost
livingroommenu.png
www.gormans.com/cid1108/css/20034/images/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gormans.com/cid1108/css/20034/images/livingroommenu.png
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4c98d0fe62a2017dba61f0f1ef3d27e013261bfe46794d2e28ca57f77830bcbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cf-bgj
imgq:85,h2pri
etag
"d84aabc5d2a9d11:0"
age
1034270
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origFmt=png, origSize=242633
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
image/webp
content-disposition
inline; filename="livingroommenu.webp"
vary
Accept
last-modified
Mon, 09 May 2016 09:11:29 GMT
cache-control
public, max-age=31536000
cf-ray
8d69ca771ad04340-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
162800
x-powered-by
ASP.NET
server
cloudflare
email-decode.min.js
www.gormans.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"670fb497-4d7"
x-content-type-options
nosniff
cf-ray
8d69ca76ea7e4340-EWR
expires
Thu, 24 Oct 2024 13:21:30 GMT
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 12:41:59 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
browser.min.js
retailer-secure.microdinc.com/vid18796-2339/css/js/epiphany3/ 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer-secure.microdinc.com/vid18796-2339/css/js/epiphany3/browser.min.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
783f8d239a494e05ff908247a200bc15a19ff20f34fefc024d84a6d3352a2e80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"010ac40fd19db1:0"
age
4389
cf-ray
8d69ca772d4b19aa-EWR
expires
Wed, 22 Oct 2025 13:21:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 03:42:24 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
theme.min.js
retailer-secure.microdinc.com/vid18796-2339/css/epiphany3/bravo/scripts/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailer-secure.microdinc.com/vid18796-2339/css/epiphany3/bravo/scripts/theme.min.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c519 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8b0fcd5865069f7fe250815d66efe691c2b08eb4098bf311429054e02a11a4e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"0a2aa5ffd19db1:0"
age
4389
cf-ray
8d69ca771d4319aa-EWR
expires
Wed, 22 Oct 2025 13:21:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 03:43:16 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
layout.js
www.gormans.com/cid1108/css/20034/scripts/ 		3 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/scripts/layout.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5bcfacf47326af380a874fd10251517ed00062a736bc9546a41c8fac73d8fc51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"7e496d98548ad81:0"
age
1034284
cf-cache-status
HIT
expires
Wed, 22 Oct 2025 13:21:30 GMT
cf-polished
origSize=3381
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript
last-modified
Mon, 27 Jun 2022 18:34:54 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d69ca772ad84340-EWR
access-control-allow-origin
*
x-powered-by
ASP.NET
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
gzip
age
2794
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 14:34:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 12:34:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
gtm.js
www.googletagmanager.com/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXZSDJH
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79cf91fddd45226d60df529a3b1d15889c8883dc90bac94422584495e06a5b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 22 Oct 2024 13:21:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102073
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		194 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TCXXCKWF
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f74444652fb6d53547f6dbf2aa1a6b6fbac3405606370aa972c8dbb10e9d2a96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 22 Oct 2024 13:21:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71154
x-xss-protection
0
server
Google Tag Manager
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,600,700,800,900,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.gormans.com
Referer
https://fonts.googleapis.com/

Response headers

age
19283
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 08:00:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 08:00:07 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe
insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.189.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-189-23.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gormans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 22 Oct 2024 13:21:31 GMT
via
1.1 google
insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ 		16 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.189.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-189-23.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.gormans.com/

Response headers

access-control-max-age
7200
x-request-id
1ede109f-b2ea-45b4-87a2-d09ff4d9351b
access-control-expose-headers
etag
W/"c955e57777ec0d73639dca6748560d00"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.002441
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
4ec497da481eef8d0cf2a81.js
cdn.rlets.com/capture_configs/1e3/a7b/4ee/ 		212 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/mms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2305:9400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c13c03d0b369979888acf946f62522a3cb8f2a659d76a0647633cf9dd3d0c84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

x-request-id
3779fc3b342debc435adc47f8737e8cc
content-encoding
br
etag
W/"5c13c03d0b369979888acf946f62522a"
age
66376
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
x_ZsLnLtnsAawtTv3jbHHDr033TvrlAUXdUKXOwHdxRXezJ9LKhwDA==
date
Mon, 21 Oct 2024 18:55:15 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-runtime
0.218978
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD89-P2
collect
www.google-analytics.com/j/ 		3 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1611208296&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&ul=en-us&de=UTF-8&dt=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=450698712&gjid=877285277&cid=1221459171.1729603291&tid=UA-5494047-1&_gid=479836072.1729603291&_r=1&_slc=1&z=1369322905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.gormans.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.gormans.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
vardata
lab.analyticspodium.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lab.analyticspodium.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.236.18.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-18-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://www.gormans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://www.gormans.com
access-control-max-age
1800
age
729
apigw-requestid
ADcCajfGvHcEJQg=
cache-control
no-store
content-length
0
date
Tue, 22 Oct 2024 13:21:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Self=1-6717a402-2fc2e656292844606851fa73;Root=1-6717a402-6fe7634a6bcdaaf156def9e5
x-cache
HIT
x-cache-hits
352
x-content-type-options
nosniff
x-served-by
cache-bfi-krnt7300021-BFI
x-timer
S1729603292.868292,VS0,VE0
vardata
lab.analyticspodium.com/sdk/ 		11 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lab.analyticspodium.com/sdk/vardata
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.236.18.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-18-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c34e65c51641c8ee722b779f1f7c139378ea65a97c04a77b65835413b9ccff4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Authorization
Api-Key client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjMiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMjkiLCJkZXZpY2VfbW9kZWwiOiJMaW51eCIsImRldmljZV9pZCI6IjE5YWY3Y2NhLWM0NDEtNDg3MS04YTgxLWEwZjJlMGMyN2E2MCIsInVzZXJfcHJvcGVydGllcyI6e30sInVzZXJQcm9wZXJ0aWVzIjp7InNjcmlwdFRva2VuIjoiYzRmNTQ4ZDI2NTRjMWI2ZmMzNjQwZjRmNzYyYWE0NTMifX0

Response headers

age
0
cache-tag
client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
x-content-type-options
nosniff
apigw-requestid
ADcCcgQUvHcEJWw=
x-cache
MISS
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-bfi-kbfi7400116-BFI
x-cache-hits
0
vary
Origin, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store
x-timer
S1729603292.046654,VS0,VE45
x-amzn-trace-id
Self=1-6717a6dc-6f969d8d1d9e23ef1c3f0468;Root=1-6717a6dc-225a4b0e48f0a1030d8def00
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
https://www.gormans.com
content-length
10987
starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain
  • https://jelly.mdhv.io/v1/star.gif?pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&evt=hi
  • https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=fa36fecc-f018-4305-bc2d-475fbf488c30
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=fa36fecc-f018-4305-bc2d-475fbf488c30
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
pragma
no-cache
expires
-1
content-length
43
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
image/gif
x-cloud-trace-context
f4dac7dd06dba48652c66cbd8df7ea59
server
Google Frontend

Redirect headers

location
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=XmdNts1ME6rqx67tCd5tRDpU1YXh&src=mh&tx=fa36fecc-f018-4305-bc2d-475fbf488c30
content-length
173
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
74f7d91cba498a0d53b3cc5062f471a3
server
Google Frontend
storage.html
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/ Frame 9B35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gormans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Tue, 22 Oct 2024 13:21:31 GMT
last-modified
Thu, 17 Oct 2024 15:04:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0PKL9K57J0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZSDJH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
829d0faf9332fbfa1ef39823cbd08e67ad49c6d1a6f963d4c4d062d72faa5405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 13:21:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109052
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-724909536&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZSDJH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c721779892435dadf16c88d118bbddaccf915824610cdc4d26649fefb97cf57f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 22 Oct 2024 13:21:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89694
x-xss-protection
0
server
Google Tag Manager
graphql
mind-flayer.podium.com/ 		134 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28905b52c1b3a93d5c4170b0b2cef9a7b91aa2cbc908193e0d31e7982f2f91b7

Request headers

Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-robots-tag
noindex
x-request-id
GADJB7tspff1c89LjuOy
cache-control
max-age=0, private, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d69ca7e590e0caa-EWR
access-control-allow-origin
https://www.gormans.com
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/json; charset=utf-8
vary
origin
server
cloudflare
graphql
mind-flayer.podium.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gormans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://www.gormans.com
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d69ca7d6fdb0caa-EWR
content-length
0
date
Tue, 22 Oct 2024 13:21:31 GMT
server
cloudflare
vary
origin
x-request-id
GADJB7HF8rczOuYgsliS
x-robots-tag
noindex
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0PKL9K57J0&gtm=45je4ah0v893278934z8812726666za200zb812726666&_p=1729603290716&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823848~101836706&cid=1221459171.1729603291&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729603291&sct=1&seg=0&dl=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dt=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&en=page_view&_fv=1&_ss=1&tfd=2901
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PKL9K57J0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gormans.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
text/plain
server
Golfe2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/724909536/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/724909536/?random=1729603291644&cv=11&fst=1729603291644&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9180878297z8812726666za201zb812726666&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-724909536&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60c0c87be1358f7d7177e46169bf2b26770e929537e93b24ce9059647bb474e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2361
date
Tue, 22 Oct 2024 13:21:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
724909536
td.doubleclick.net/td/rul/ Frame 51F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/724909536?random=1729603291644&cv=11&fst=1729603291644&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9180878297z8812726666za201zb812726666&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-724909536&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gormans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 13:21:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 793F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.gormans.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-724909536&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 13:21:31 GMT
expires
Wed, 22 Oct 2025 13:21:31 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
originCountry
capture-api.reachlocalservices.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-100.iad61.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.gormans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 22 Oct 2024 13:21:32 GMT
via
1.1 e694c28f3f4b3c78628be967383db56e.cloudfront.net (CloudFront)
x-amz-apigw-id
ADcCcEVcPHcEs-g=
x-amz-cf-id
a4kMP3XxtIxg4LcP1tjvS_vEA5_sN87TRhIXZeTWS07GtxZuMcmfmg==
x-amz-cf-pop
IAD61-P3
x-amzn-requestid
72743f24-398b-4a6f-b648-fa80132d9aa6
x-cache
Miss from cloudfront
originCountry
capture-api.reachlocalservices.com/ 		36 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-100.iad61.r.cloudfront.net
Software
/
Resource Hash
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.gormans.com/

Response headers

x-amz-apigw-id
ADcCdHOdPHcEFUQ=
x-amzn-trace-id
Root=1-6717a6dc-51d0eac22017e82a5c8cb83b;Parent=28cdc000983c92da;Sampled=0;Lineage=1:a245b58f:0
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-amzn-requestid
de905faf-62e1-4548-82e2-1be85298e3c6
via
1.1 e694c28f3f4b3c78628be967383db56e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
36
x-amz-cf-id
x6OiKVCAGxL9D-MxfLB2FVgxlFtdjfMHiddKFVXbhudorMQTFK_oug==
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/json
x-amz-cf-pop
IAD61-P3
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
/
www.google.com/pagead/1p-user-list/724909536/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/724909536/?random=1729603291644&cv=11&fst=1729602000000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9180878297z8812726666za201zb812726666&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfO8Gqj-Ex_Krw3A4lXtQHSwdmSq95oA&random=3116627382&rmt_tld=0&ipr=y
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
www.gormans.com/cid1108/css/20034/images/ 		4 KB
932 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/cid1108/css/20034/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
39646b280991b47a21989359eea5ccead71eb0ca51ab27ef2eb0f2d5889d8efa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cache-control
max-age=2419200
content-encoding
br
cf-cache-status
HIT
etag
W/"d9cfd4a6dea9d11:0"
age
1033166
cf-ray
8d69ca7f68034340-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/x-icon
last-modified
Mon, 09 May 2016 10:36:31 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
graphql
mind-flayer.podium.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f63b4deb0e37df62b5272cfe74b2385e6ab62e0113c1256f27c30b45a6a275

Request headers

Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-robots-tag
noindex
x-request-id
GADJB8mpBiqA-N54IY0h
cache-control
max-age=0, private, must-revalidate
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d69ca7fcab20caa-EWR
access-control-allow-origin
https://www.gormans.com
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/json; charset=utf-8
vary
origin
server
cloudflare
favicon.ico
www.gormans.com/images/ 		1 KB
956 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gormans.com/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c619 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8c8fc7dd75965154927dfba081414584f5b03b72b12cc35454ade8d1e5ed70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

cache-control
max-age=604800
content-encoding
br
cf-cache-status
HIT
etag
W/"9ccda97ec12ed81:0"
age
425345
cf-ray
8d69ca7ff8834340-EWR
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/x-icon
last-modified
Thu, 03 Mar 2022 05:42:39 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
_.gif
fault.rlets.com/static/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fault.rlets.com/static/_.gif?s=1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81&m=Unknown%20OS%20or%20OS%20Version&f=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

x-frame-options
ALLOWALL
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
ba13d4449dc6e4b31758435f189c6f5f
cache-control
max-age=0, private, must-revalidate
etag
W/"42b976597a2d977d0e300f6d06bc903d"
content-transfer-encoding
binary
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
content-disposition
inline
x-runtime
0.002866
access-control-allow-headers
Content-Type
capture.js
cdn.rlets.com/capture_static/mms/ Frame C2F2 		177 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_static/mms/capture.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2305:9400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e20d51c211c166de1334abf0d6ba78efea1005b70fd7e25d31c1e0443573665d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"216355eb9c25a9b6889457381279f5c0"
age
66470
via
1.1 2c0478fce3b7f4f5348678901d1bf60a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
91zFpGWloKg6K1KKncC-0qbV4AVMyA79cKScSHS8vp7YvA49EZqDNg==
date
Mon, 21 Oct 2024 18:53:43 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2024 16:40:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.gormans.com
URL: https://www.gormans.com/leather/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 49F40028D2C8465EBD50CEB368540929 Ref B: PHL30EDGE0106 Ref C: 2024-10-22T13:21:32Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		227 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=5697, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
SYYN3XeNgRoBaKwErrKibx9zGksR463qgbvizhgrhEXnxgKl2oESEyB6Bk3FiYIZ6/rTXREIykd7W2xkECqOfA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59352
x-xss-protection
0
origin-agent-cluster
?1
conversion_async.js
www.googleadservices.com/pagead/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
9cb4f3096e13f8d0aa304fd76fb05e3d2af580097bf9c87da50a83faf26cda1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
etag
16195217836090657790
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
20717
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		238 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-855619247
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99d618a0be45c7530006cca0f890851f6f448d9406e58b91ed47828c141d2fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 13:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
87378
x-xss-protection
0
server
Google Tag Manager
d9a5dd70-50f0-0134-a365-0cc47abc2b4e
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/leather/

Response headers

x-request-id
GADJB9aW6uKEJCZhVfZE
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
activity;xsp=4887360
pubads.g.doubleclick.net/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;xsp=4887360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
visits
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/api/v1/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/api/v1/visits
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.gormans.com/

Response headers

x-frame-options
ALLOWALL
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
6d692c01dd2d9225bdb2fabcb4423317
cache-control
no-cache
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
x-runtime
0.009565
access-control-allow-headers
Content-Type
visits
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/api/v1/visits
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gormans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html
date
Tue, 22 Oct 2024 13:21:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
ALLOWALL
x-request-id
cd72ef73b0567c0161a4be9ca2ebc4e5
x-runtime
0.001825
storage.html
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/ Frame 3CAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Tue, 22 Oct 2024 13:21:31 GMT
last-modified
Thu, 17 Oct 2024 15:04:05 GMT
graphql
mind-flayer.podium.com/ 		38 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-robots-tag
noindex
x-request-id
GADJB9e2ejTpCvR4IZph
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d69ca814c750caa-EWR
access-control-allow-origin
https://www.gormans.com
content-length
38
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/json; charset=utf-8
vary
origin
server
cloudflare
httpapi
api2.analyticspodium.com/2/ 		94 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.analyticspodium.com/2/httpapi
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.215.63.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-63-43.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1c276c037d48286cb6ca229adec816c69950c62514ae234f2466eb3d46847444
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
apigw-requestid
ADcCki5FvHcEPTg=
access-control-allow-origin
*
content-length
94
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/json
httpapi
api2.analyticspodium.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.analyticspodium.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.215.63.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-63-43.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gormans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
apigw-requestid
ADcCjiiuPHcEPLQ=
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
strict-transport-security
max-age=15768000
styles.css
connect.podium.com/ Frame 3BE1 		64 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/styles.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
"c1fa1977d66b8bebcb22901457400a35"
age
2801
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
10003
x-amz-cf-id
w2n3N7IdduJ2xUO7X6oxjlaGcopl0KNw1kvcPNykx8Z6KbCc8BhnWQ==
date
Tue, 22 Oct 2024 12:34:51 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
vary
Accept-Encoding
618611345267005
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/618611345267005?v=2.9.172&r=stable&domain=www.gormans.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7830845e4d084045e2e1b69f4f2e7d33e235e50cad26a83187a165b8ff89fcd4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=74, mss=1232, tbw=68769, tp=64, tpl=0, uplat=42, ullat=0
pragma
public
x-fb-debug
kG7fooBg7HHQb9KJsz+QkthpMw027Rg/IcWc1zdIhDfjRwlvUdfY4lCNRj7/LKQcBEFxkw3krBlJL03K0NXDkw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 3BE1 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.gormans.com
Referer
https://connect.podium.com/styles.css

Response headers

access-control-max-age
3000
etag
"1d077eb2f892e7f968f043b40b6ae557"
age
665679
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
FMyg-1GYj2yT-z51SDVeROXUJqOFIcOBvCDmqeFS_rjzQ5fo0_M5xw==
date
Mon, 14 Oct 2024 20:26:54 GMT
content-type
binary/octet-stream
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
vary
Origin,Access-Control-Request-Headers
cache-control
max-age=31536000
via
1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
34640
x-amz-cf-pop
JFK50-P7
server
AmazonS3
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 3BE1 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.gormans.com
Referer
https://connect.podium.com/styles.css

Response headers

access-control-max-age
3000
etag
"c28f8beb02447597a13d138680f42e65"
age
665679
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
n6kK_nSukFrbLXfPKqHFixETgFPlIGafIs0NX6ABOwQ2O9saZCapuQ==
date
Mon, 14 Oct 2024 20:26:54 GMT
content-type
binary/octet-stream
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
vary
Origin,Access-Control-Request-Headers
cache-control
max-age=31536000
via
1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
30548
x-amz-cf-pop
JFK50-P7
server
AmazonS3
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101686685~101823848~101836706&rnd=499767432.1729603292&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dma=0&npa=0&gtm=45be4ah...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101686685~101823848~101836706&rnd=499767432.1729603292&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dma=0&npa=...
42 B
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101686685~101823848~101836706&rnd=499767432.1729603292&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dma=0&npa=0&gtm=45be4ah0za200&auid=166281323.1729603292&frm=0
Protocol
H3
Server
2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101686685~101823848~101836706&rnd=499767432.1729603292&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&dma=0&npa=0&gtm=45be4ah0za200&auid=166281323.1729603292&frm=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/855619247/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855619247/?random=1729603292444&cv=11&fst=1729603292444&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&auid=166281323.1729603292&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-855619247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
444afe81729554781d67c8c1e29f70258c51cb02cfa73b8cf3d3e8964c3bb8a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2383
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
855619247
td.doubleclick.net/td/rul/ Frame 89C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/855619247?random=1729603292444&cv=11&fst=1729603292444&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&auid=166281323.1729603292&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-855619247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gormans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 13:21:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
15001664.js
bat.bing.com/p/action/ 		371 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/15001664.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A468FE2ADF2E418185F0C0200AF6ABBE Ref B: PHL30EDGE0106 Ref C: 2024-10-22T13:21:32Z
x-cache
CONFIG_NOCACHE
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
p
i.simpli.fi/ 		798 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=22180&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/d9a5dd70-50f0-0134-a365-0cc47abc2b4e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ca8b24e591972c5a85fdd7f7d94d0c43cc1d5ea9b839ebcb0941c221739e20b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/854030941/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854030941/?random=1729603292479&cv=9&fst=1729603292479&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
693fd684880316b4310ae57243c4345c00f9fe5ea0506f3126952cde43a76eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2357
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
pixel
bid.g.doubleclick.net/xbbe/ Frame 980E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gormans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 13:21:32 GMT
expires
Tue, 22 Oct 2024 13:21:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=618611345267005&ev=PageView&dl=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&rl=&if=false&ts=1729603292516&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=4126&fbp=fb.1.1729603292514.429388639168065923&ler=empty&cdl=API_unavailable&it=1729603292416&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2922, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=618611345267005&ev=PageView&dl=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&rl=&if=false&ts=1729603292516&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=4126&fbp=fb.1.1729603292514.429388639168065923&ler=empty&cdl=API_unavailable&it=1729603292416&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428589579758598651"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:21:34 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
JrH4izq1eUZcxMOh8YzXvMULWASP2wvlHdJeDotqeEm4/1IdQdAycc8gl0ENwr0CsBr/sIEVBdAYvbLWYXJ0QQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428589579758598651", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1392, tbw=3239, tp=-1, tpl=-1, uplat=1863, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
/
www.google.com/pagead/1p-user-list/855619247/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/855619247/?random=1729603292444&cv=11&fst=1729602000000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&hn=www.googleadservices.com&frm=0&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&npa=0&pscdl=noapi&auid=166281323.1729603292&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfdN6ArPx6okuRXthO6s3dKxY4j7m2LA0jj8jEqJ4zg575PE7i&random=1100559115&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1419EABB6D740FA96553DAF15FE66E4
0
0
F1419EABB6D740FA96553DAF15FE66E4
sync.1rx.io/usersync/simplifi/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/F1419EABB6D740FA96553DAF15FE66E4
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/simplifi/F1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Tue, 22 Oct 2024 13:21:36 GMT
pragma
no-cache

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.1rx.io/usersync/simplifi/F1419EABB6D740FA96553DAF15FE66E4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=F1419EABB6D740FA96553DAF15FE66E4&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=F1419EABB6D740FA96553DAF15FE66E4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=F1419EABB6D740FA96553DAF15FE66E4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=7969&xuid=F1419EABB6D740FA96553DAF15FE66E4&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 22 Oct 2024 13:21:32 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=F1419EABB6D740FA96553DAF15FE66E4
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=F1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
2600:1f18:612b:4232:9e2f:bf0c:201b:364e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=F1419EABB6D740FA96553DAF15FE66E4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F1419EABB6D740FA96553DAF15FE66E4
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1419EABB6D740FA96553DAF15FE66E4
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F1419EABB6D740FA96553DAF15FE66E4
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
server
Jetty(11.0.13)
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F1419EABB6D740FA96553DAF15FE66E4
  • https://d.agkn.com/pixel/10751/?che=1729603292826&ip=208.252.80.112&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D215010605043012106634
  • https://um.simpli.fi/aa_px?sk=215010605043012106634
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Tue, 22 Oct 2024 13:21:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:33 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1419EABB6D740FA96553DAF15FE66E4
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1419EABB6D740FA96553DAF15FE66E4&ckls=true&ci=8ZT4VXIDkD&nc=false&trid=-35726703
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1419EABB6D740FA96553DAF15FE66E4&ckls=true&ci=8ZT4VXIDkD&nc=false&trid=-35726703
Protocol
H2
Server
2600:9000:2073:2000:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 65515d7b1028cd133489fb761d35fa06.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
p15eLJvg-qhEtWXpr5U3CIQAJdL83DNdT8T04thiW90w9lkSUyEvxQ==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F1419EABB6D740FA96553DAF15FE66E4&ckls=true&ci=8ZT4VXIDkD&nc=false&trid=-35726703
pragma
no-cache
via
1.1 65515d7b1028cd133489fb761d35fa06.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
x-amz-cf-pop
IAD50-C2
x-amz-cf-id
m8mwh7_MKkgj3gwHTibe73Rgf-3ZWl8qrHn_y_h-zY2n4QOpI3Pm2w==
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1419EABB6D740FA96553DAF15FE66E4
42 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 22 Oct 2024 13:21:31 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:F1419EABB6D740FA96553DAF15FE66E4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1419EABB6D740FA96553DAF15FE66E4
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1419EABB6D740FA96553DAF15FE66E4
Protocol
HTTP/1.1
Server
63.251.28.210 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Pragma
no-cache
x-sticky-vk
1729603292835095-267
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Tue, 22 Oct 2024 13:21:32 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=F1419EABB6D740FA96553DAF15FE66E4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=F1419EABB6D740FA96553DAF15FE66E4;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=F1419EABB6D740FA96553DAF15FE66E4;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-H6_GsutE2pTZP4JedOsa6OV_x.dhUY8dNK8-~A
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-H6_GsutE2pTZP4JedOsa6OV_x.dhUY8dNK8-~A
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
anserver
gapp2
expires
Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin
*
alt-svc
clear
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
server
Apache-Coyote/1.1

Redirect headers

strict-transport-security
max-age=31536000
location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-H6_GsutE2pTZP4JedOsa6OV_x.dhUY8dNK8-~A
age
0
referrer-policy
no-referrer-when-downgrade
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
content-length
0
date
Tue, 22 Oct 2024 13:21:33 GMT
server
ATS
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1419EABB6D740FA96553DAF15FE66E4&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=F1419EABB6D740FA96553DAF15FE66E4&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=F1419EABB6D740FA96553DAF15FE66E4&j=0&xl8blockcheck=1
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Tue, 22 Oct 2024 13:21:33 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=F1419EABB6D740FA96553DAF15FE66E4&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1419EABB6D740FA96553DAF15FE66E4
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1419EABB6D740FA96553DAF15FE66E4&verify=true
0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1419EABB6D740FA96553DAF15FE66E4&verify=true
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 22 Oct 2024 13:21:32 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=F1419EABB6D740FA96553DAF15FE66E4&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
server
ATS
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=F1419EABB6D740FA96553DAF15FE66E4
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=F1419EABB6D740FA96553DAF15FE66E4
Protocol
HTTP/1.1
Server
34.202.180.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-180-87.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

Date
Tue, 22 Oct 2024 13:21:32 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=F1419EABB6D740FA96553DAF15FE66E4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=F1419EABB6D740FA96553DAF15FE66E4
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=F1419EABB6D740FA96553DAF15FE66E4
Protocol
HTTP/1.1
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Tue, 22 Oct 2024 13:21:32 GMT
Content-Length
27
Date
Tue, 22 Oct 2024 13:21:32 GMT
AK-GRN
0.9768dc17.1729603292.c98d1f
Content-Type
text/html

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://stags.bluekai.com/site/29931?id=F1419EABB6D740FA96553DAF15FE66E4
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tpid=F1419EABB6D740FA96553DAF15FE66E4
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F1419EABB6D740FA96553DAF15FE66E4
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1419EABB6D740FA96553DAF15FE66E4
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
34.194.13.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-13-62.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
x-server
10.40.15.230
server
Jetty(9.4.38.v20210224)

Redirect headers

cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=F1419EABB6D740FA96553DAF15FE66E4
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
x-server
10.40.55.202
server
Jetty(9.4.38.v20210224)
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=F1419EABB6D740FA96553DAF15FE66E4
  • https://ce.lijit.com/merge?pid=2&3pid=F1419EABB6D740FA96553DAF15FE66E4&dnr=1
43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=F1419EABB6D740FA96553DAF15FE66E4&dnr=1
Protocol
H2
Server
3.211.132.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-132-90.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location
https://ce.lijit.com/merge?pid=2&3pid=F1419EABB6D740FA96553DAF15FE66E4&dnr=1
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 22 Oct 2024 13:21:32 GMT
vary
Accept-Encoding
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=F1419EABB6D740FA96553DAF15FE66E4
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRjE0MTlFQUJCNkQ3NDBGQTk2NTUzREFGMTVGRTY2RTQQABoNCNzN3rgGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&rand=04848323
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&rand=04848323&expected_cookie=36d7cb7e-d806-4e8d-b3cb-56d9a10cae60
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&rand=04848323&expected_cookie=36d7cb7e-d806-4e8d-b3cb-56d9a10cae60
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E6E73E41572648B099D3CA31A2F02B31 Ref B: PHL30EDGE0414 Ref C: 2024-10-22T13:21:33Z
x-li-fabric
prod-lva1
x-li-uuid
AAYlEKXnsDFAwFZWKUHN2g==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
location
/db_sync?pid=10339&puuid=db2f8453a4fa315f785a05c35f59bf7449ce00a1111c9c280119ebaa41e607ed791426b5417dce21&rand=04848323&expected_cookie=36d7cb7e-d806-4e8d-b3cb-56d9a10cae60
x-msedge-ref
Ref A: EE8CD663845E452C9C55B7DD73433F3B Ref B: PHL30EDGE0414 Ref C: 2024-10-22T13:21:33Z
x-li-fabric
prod-lva1
x-li-uuid
AAYlEKXmYpEmPdRo72cwzA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1729603292499&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1022833815&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1022833815&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=1022833815&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIrNXrroqiiQMV7E9HAR1SRgThMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5nb3JtYW5zLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfeE3aCRVyNG9EcZJvKrjTu_fys726Kpsjs601Ilr0cNqXHpow&random=3779308371
Protocol
H3
Server
2607:f8b0:400d:c02::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=1022833815&cv=7&fst=1729603292499&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIrNXrroqiiQMV7E9HAR1SRgThMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhhodHRwczovL3d3dy5nb3JtYW5zLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfeE3aCRVyNG9EcZJvKrjTu_fys726Kpsjs601Ilr0cNqXHpow&random=3779308371
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:21:32 GMT
x-content-type-options
nosniff
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=F1419EABB6D740FA96553DAF15FE66E4
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1419EABB6D740FA96553DAF15FE66E4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
208.252.80.112; 208.252.80.112; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
37b8017e-e5f8-488e-a1da-f0f4062c3864
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF1419EABB6D740FA96553DAF15FE66E4
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
208.252.80.112; 208.252.80.112; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
f368726b-0fed-43fc-b04a-15d5d3a44eec
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1419EABB6D740FA96553DAF15FE66E4&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1419EABB6D740FA96553DAF15FE66E4&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f69a50991384d09413b97a37bb74928b
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F1419EABB6D740FA96553DAF15FE66E4&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
content-length
142
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=F1419EABB6D740FA96553DAF15FE66E4
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1419EABB6D740FA96553DAF15FE66E4
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1419EABB6D740FA96553DAF15FE66E4
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 22 Oct 2024 13:21:32 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=F1419EABB6D740FA96553DAF15FE66E4
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
0
date
Tue, 22 Oct 2024 13:21:32 GMT
server
OXGW/0.0.0
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEEPJw4PzO3maB3oNpLNEHGE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1419EABB6D740FA96553DAF15FE66E4
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 13:21:32 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:21:32 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control
no-cache, must-revalidate
location
https://um.simpli.fi/g_match?id=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
229
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
/
www.google.com/pagead/1p-user-list/854030941/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/854030941/?random=1729603292479&cv=9&fst=1729602000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=1&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&tiba=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfj_4eWyaw7WmNQOhkXSESLdWSs-0CIVbl-823WNP3M3wHfI7I&random=2472537383&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 13:21:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15001664&Ver=2&mid=4adc60a2-6642-4948-bbc0-3f5aff92afc5&bo=1&sid=8e0d31e0907811efbd0049f91f5b686a&vid=8e0d5640907811efab30b97857fc5083&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Gorman%27s%20Home%20Furnishings%20%26%20Interior%20Design%20-%20Furniture%20Store%20Serving%20The%20Metro%20Detroit%20Area&kw=Gorman%27s,%20Gorman%27s%20Furniture%20Store,%20Gorman%27s%20Store,%20Gorman%27s%20Home%20Furnishings,%20Furniture%20Store,%20Home%20Furnishings,%20Farmington,%20MI,%2048335&p=https%3A%2F%2Fwww.gormans.com%2Fleather%2F&r=&lt=3334&evt=pageLoad&sv=1&cdb=AQAQ&rn=227590
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2CFD2ED466B24B1294BC34D269D0F107 Ref B: PHL30EDGE0106 Ref C: 2024-10-22T13:21:32Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 22 Oct 2024 13:21:31 GMT
capture.js
cdn.rlets.com/capture_static/mms/ Frame 3BE1 		177 KB
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_static/mms/capture.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2305:9400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e20d51c211c166de1334abf0d6ba78efea1005b70fd7e25d31c1e0443573665d

Request headers

If-None-Match
W/"216355eb9c25a9b6889457381279f5c0"
Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
If-Modified-Since
Mon, 21 Oct 2024 16:40:05 GMT

Response headers

etag
W/"216355eb9c25a9b6889457381279f5c0"
age
66470
via
1.1 2c0478fce3b7f4f5348678901d1bf60a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
G5CivBC5Uyg9VHRBrrWTkXiwPkUbqrwVR4Er0MpPzG_BzIdaCx6xQw==
date
Mon, 21 Oct 2024 18:53:43 GMT
last-modified
Mon, 21 Oct 2024 16:40:05 GMT
vary
Accept-Encoding
server
AmazonS3
x-amz-cf-pop
IAD89-P2
x-amz-server-side-encryption
AES256
storage.html
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/ Frame 1012 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.gormans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Tue, 22 Oct 2024 13:21:31 GMT
last-modified
Thu, 17 Oct 2024 15:04:05 GMT
graphql
mind-flayer.podium.com/ 		38 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com/graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

Referer
https://www.gormans.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-robots-tag
noindex
x-request-id
GADJCE9JqpBda3t2sFbS
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d69ca8dcadf0caa-EWR
access-control-allow-origin
https://www.gormans.com
content-length
38
date
Tue, 22 Oct 2024 13:21:34 GMT
content-type
application/json; charset=utf-8
vary
origin
server
cloudflare
styles.css
connect.podium.com/ Frame C842 		64 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/styles.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
"c1fa1977d66b8bebcb22901457400a35"
age
2801
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
10003
x-amz-cf-id
w2n3N7IdduJ2xUO7X6oxjlaGcopl0KNw1kvcPNykx8Z6KbCc8BhnWQ==
date
Tue, 22 Oct 2024 12:34:51 GMT
content-type
text/css
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
vary
Accept-Encoding
defaultWebchatPinkAvatar.png
assets.podium.com/images/ Frame C842 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.podium.com/images/defaultWebchatPinkAvatar.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:4400:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

x-amz-cf-pop
JFK50-P7
x-amz-version-id
EpIAa.1FDiRxQF3e9Rp.lY7y4w3FHVlc
etag
"a7044c5ad0c2d26c58a0b68b3b4baa21"
age
3475
via
1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
39499
x-amz-cf-id
NoCLVlflsNoszH2ZdoCwL4qnZapH4UlOJJcxAlWG7D43oe_veysdjA==
date
Tue, 22 Oct 2024 12:23:40 GMT
content-type
image/png
vary
Accept-Encoding
server
AmazonS3
last-modified
Tue, 30 May 2023 15:06:22 GMT
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame C842 		34 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.gormans.com
Referer
https://connect.podium.com/styles.css

Response headers

access-control-max-age
3000
etag
"1d077eb2f892e7f968f043b40b6ae557"
age
665679
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
FMyg-1GYj2yT-z51SDVeROXUJqOFIcOBvCDmqeFS_rjzQ5fo0_M5xw==
date
Mon, 14 Oct 2024 20:26:54 GMT
content-type
binary/octet-stream
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
vary
Origin,Access-Control-Request-Headers
cache-control
max-age=31536000
via
1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
34640
x-amz-cf-pop
JFK50-P7
server
AmazonS3
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame C842 		30 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:d400:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.gormans.com
Referer
https://connect.podium.com/styles.css

Response headers

access-control-max-age
3000
etag
"c28f8beb02447597a13d138680f42e65"
age
665679
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
n6kK_nSukFrbLXfPKqHFixETgFPlIGafIs0NX6ABOwQ2O9saZCapuQ==
date
Mon, 14 Oct 2024 20:26:54 GMT
content-type
binary/octet-stream
last-modified
Mon, 14 Oct 2024 20:24:57 GMT
vary
Origin,Access-Control-Request-Headers
cache-control
max-age=31536000
via
1.1 a1128ada13f2f3694bc79e73c9d5598e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
30548
x-amz-cf-pop
JFK50-P7
server
AmazonS3
capture.js
cdn.rlets.com/capture_static/mms/ Frame C842 		177 KB
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_static/mms/capture.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/1e3/a7b/4ee/4ec497da481eef8d0cf2a81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2305:9400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e20d51c211c166de1334abf0d6ba78efea1005b70fd7e25d31c1e0443573665d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.gormans.com/

Response headers

content-type
application/javascript
content-encoding
gzip
etag
W/"216355eb9c25a9b6889457381279f5c0"
age
66472
via
1.1 2c0478fce3b7f4f5348678901d1bf60a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ffCLTF8WigFyzf6IQDafgVYTQMuC3lASNIubg9aQeJmpxXnXtt-mXA==
date
Mon, 21 Oct 2024 18:53:43 GMT
last-modified
Mon, 21 Oct 2024 16:40:05 GMT
vary
Accept-Encoding
server
AmazonS3
x-amz-cf-pop
IAD89-P2
x-amz-server-side-encryption
AES256
storage.html
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/ Frame 2AA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.gormans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Tue, 22 Oct 2024 13:21:31 GMT
last-modified
Thu, 17 Oct 2024 15:04:05 GMT
insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ Frame C842 		16 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.189.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-189-23.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.gormans.com/

Response headers

access-control-max-age
7200
x-request-id
e49fc87b-fa8e-4056-9a68-205dedc04930
access-control-expose-headers
etag
W/"c955e57777ec0d73639dca6748560d00"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:21:35 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.007174
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F1419EABB6D740FA96553DAF15FE66E4

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| $ function| jQuery object| lazySizes string| rl_siteid string| GoogleAnalyticsObject function| ga object| dataLayer function| goSearch2 function| submitsearch2 function| customizeSelect function| adaDots object| webpackChunkdemogorgon object| env object| regeneratorRuntime boolean| podiumWebsiteWidgetLoaded function| iFrameMagnificPopup function| inlineMagnificPopup function| inlineMagnificAlert function| inlineMagnificConfirm function| inlineMagnificPrompt function| submitZip function| ImageMagnificPopup function| itemInformationRulerWindow function| inlineMagnificPopupCaller function| closeIFrame function| resizeIframe function| initPopUpFav function| encodeCallerURL function| ChooseFavoriteFolder function| submitForm function| gotoFunction function| changeOffset function| ResetOffset function| SetURLParameter function| SetORRemoveURLParameter function| ClearURLParameter function| toggleURLParameterValue function| RemoveURLParameter function| queryStringToArray function| UpdateDimensionSearch function| convertPriceValue function| arrayToQueryString function| TextToURLParam function| LocationChangePage function| compareCheckedItems function| getParameterValueFromURL function| getParameterValueListFromURL function| submitWithUrl function| submitWithSearchMode function| checkNoItems function| CheckNofSelectedAndSubmitWithUrl function| submitWithEvent function| addCheckedToFavorites function| removeCheckedFromFavorites function| addCheckedWithEvent function| addCheckedWithEventForItem function| removeCheckedItems function| displayElement function| displayItemInfo function| displayItemInfoForever function| isInternetExplorer function| getIEVersionNumber function| getWindowWidth function| getWindowHeight function| updateRowsCols function| CustomBrowserWindowSize function| OpenPage function| OpenImageWindow function| getSelectedItemsCount function| getSelectedItemIds function| invertSelection function| trim function| checkEnterKeyPress function| EvalLinkHrefByEnterKey function| checkKeyPress function| checkIfEmailIDIsAlreadyExists function| retrievePassword function| submitLoginForm function| submitRegisterForm function| submitLostPasswordForm function| onTimeoutFn function| validateEmailForm function| validateMailAddr function| validateZipOrPostal function| validateZipCodeOrPostalCode function| validateEmail function| throwErrorIfPOBoxExistsInAddress function| validateAddrForPOBox function| CheckRequiredField function| hasValidPhoneNumber function| validateLoginForm function| validateCreateAccountForm function| validateModifyAccountForm function| validateLostPasswordForm function| getAddrAndSendEmail function| sendEmail function| ResetForm function| imposeMaxLength function| readCookie function| writeCookie function| eraseCookie function| ajaxObject function| AddSample function| CheckZipAddSample function| AddItem function| AddItemWithoutRedirect function| AddItemFromCompactItemInfo function| AddItemToMyList function| ItemAlreadyAdded function| CheckZipAddItem function| CheckZipAddItemWithoutRedirect function| CheckZipAddItemFromCompactItemInfo function| CheckZipGetContractsAddItem function| addOrRemoveItemFromList function| toggleFilters function| toggleFiltersForSingleSelectAttribute function| toggleSelectedConvermaxColor function| toggleSelectedColor function| toggleSelectedCSSClassForColorSwatch function| stripPctValuesFromSelectedColors function| updateColorValueString function| prepareColorValueString function| parseColorValuesFromString function| prepareSliderValue function| parseSliderValue function| updateColorSlider function| updateSliderValues function| preparePriceFilterSliders function| onChangeEventForPriceInput function| parsePriceValuesFromPriceSlider function| attributeFunctions function| goSearch function| stopRKey function| submitsearch object| loginEle function| ShowMessageAndPostbackPB function| ShowAddingMessage function| showOrderingResultMessage function| CallCustomJavascript function| SlideImageIterator object| noUiSlider object| Magic360 object| magicJS function| $mjs string| $J_TYPE number| $J_UUID function| jGetSize function| jGetScroll function| jGetFullSize function| jFetch function| jStore function| jDel function| byClass function| byTag function| jAddEvent function| jRemoveEvent function| jCallEvent function| jRaiseEvent function| jClearEvents function| $J_EXT object| MagicZoomPlus object| MagicZoom number| customRoomplannerWidth object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| il object| analyticsConnectorInstances object| google_tag_manager object| PodiumWebChat object| rl_widget_cfg object| RLCAP object| captureStatus function| onYouTubeIframeAPIReady object| GooglebQhCsO object| uetq function| fbq function| _fbq number| google_conversion_id boolean| google_remarketing_only object| RL function| UET function| UET_init function| UET_push object| ueto_3d9e6ab77c object| sifi_att_42656 function| GooglemKTybQhCsO function| google_trackConversion

76 Cookies

Domain/Path Name / Value
.www.gormans.com/ Name: __cfruid
Value: 2e4f15f0e1eaea00d4202bc25fd952b08244bd9a-1729603289
.gormans.com/ Name: _gid
Value: GA1.2.479836072.1729603291
.gormans.com/ Name: _gat
Value: 1
.gormans.com/ Name: AMP_MKTG_16a5c84b5b
Value: JTdCJTdE
.gormans.com/ Name: AMP_16a5c84b5b
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIxOWFmN2NjYS1jNDQxLTQ4NzEtOGE4MS1hMGYyZTBjMjdhNjAlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI5NjAzMjkxMzE0JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyOTYwMzI5MTQ2OSU3RA==
.gormans.com/ Name: _ga_0PKL9K57J0
Value: GS1.1.1729603291.1.0.1729603291.0.0.0
.gormans.com/ Name: _ga
Value: GA1.1.1221459171.1729603291
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: test
Value: test
www.gormans.com/ Name: rl_visitor_history
Value: 71808c4c-9099-442a-ad33-218bfc188d94
www.gormans.com/ Name: sifi_user_id
Value: undefined
.gormans.com/ Name: capture_storage
Value: %7B%221e3a7b4e-e4ec-497d-a481-eef8d0cf2a81%22%3A%7B%22visitor_id%22%3A%2271808c4c-9099-442a-ad33-218bfc188d94%22%7D%7D
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: bot_type
Value:
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: history_campaign
Value:
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: history_referrer_type
Value: DIRECT
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: last_activity_at
Value: 1729603292275
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: visitor_id
Value: 71808c4c-9099-442a-ad33-218bfc188d94
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: sifi_user_id
Value:
1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com/ Name: visit_id
Value: d066e1fb-a0d7-4350-96a2-efec501451b4
.simpli.fi/ Name: suid
Value: F1419EABB6D740FA96553DAF15FE66E4
.gormans.com/ Name: _gcl_au
Value: 1.1.166281323.1729603292
.simpli.fi/ Name: uid_syncd_secure
Value: true
.gormans.com/ Name: _fbp
Value: fb.1.1729603292514.429388639168065923
.gormans.com/ Name: _uetsid
Value: 8e0d31e0907811efbd0049f91f5b686a
.gormans.com/ Name: _uetvid
Value: 8e0d5640907811efab30b97857fc5083
.bing.com/ Name: MUID
Value: 0981BA6BDC3D681F0D3AAF4BDDFF6918
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnC9FRDv5zUAbqtryac-zG8t0ZVuCpmyecR13PsYBPXTl3rMCZCtwry70tv
.3lift.com/ Name: tluidp
Value: 3915887329700706321871
.3lift.com/ Name: tluid
Value: 3915887329700706321871
.yahoo.com/ Name: A3
Value: d=AQABBNymF2cCEL2ve1mKetpmeEZQ4t-EX5cFEgEBAQH4GGchZ9xH0iMA_eMAAA&S=AQAAAsATQlLn_NH1X2mseL21b54
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:F1419EABB6D740FA96553DAF15FE66E4&KRTB&23486-uid:F1419EABB6D740FA96553DAF15FE66E4&KRTB&23489-uid:F1419EABB6D740FA96553DAF15FE66E4&KRTB&23539-uid:F1419EABB6D740FA96553DAF15FE66E4
.pubmatic.com/ Name: PugT
Value: 1729603291
.ads.stickyadstv.com/ Name: UID
Value: 6f9eed7321c6b4ae9b8f43079516af
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: F1419EABB6D740FA96553DAF15FE66E4
.rubiconproject.com/ Name: audit_p
Value: 1|dZJFpbi+nHkZVMDWcfoMd4t5CbnP87xUVWCKg06ksajCWWOn7PymViAIgEriEqRxLS6u0rMRIOWM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+UA9EhXrTajW6ZjuRYAV0yM1O+wEDdS6ldpu9ngv3CKJOY2GTp/oawSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: khaos
Value: M2KH560F-O-328J
.rubiconproject.com/ Name: khaos_p
Value: M2KH560F-O-328J
.rubiconproject.com/ Name: audit
Value: 1|dZJFpbi+nHkZVMDWcfoMd4t5CbnP87xUVWCKg06ksajCWWOn7PymViAIgEriEqRxLS6u0rMRIOWM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+UA9EhXrTajW6ZjuRYAV0yM1O+wEDdS6ldpu9ngv3CKJOY2GTp/oawSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1729603292816
.tapad.com/ Name: TapAd_DID
Value: 35737f71-e6b0-40d3-a090-7af753d45c80
.agkn.com/ Name: ab
Value: 0001%3AC6NalILtauLnzAgYHGN%2FHQnBFIx2asUN
.lijit.com/ Name: ljt_reader
Value: JighAQZH0fDzZxG6QEiYyLU0
.intentiq.com/ Name: intentIQ
Value: 8ZT4VXIDkD
.intentiq.com/ Name: IQver
Value: 1.9
.adnxs.com/ Name: XANDR_PANID
Value: qp-FZbqlvwyn_tW-waluct_h8ts1CbQvCYongRiUAr8XqqyU7a21Plv0dRfqDYhZNgccoCKZ4RNjuqdq3MQ7WNpCBzpVPp6yKRmCmRJdtuo.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5838190036993394716
.bfmio.com/ Name: __141_cid
Value: F1419EABB6D740FA96553DAF15FE66E4
.bfmio.com/ Name: __io_cid
Value: 73d0b60a72baa9acee7b0bae146c353f3f39c6bd
.openx.net/ Name: i
Value: e592c285-3246-465f-8115-23d366d07d04|1729603292
.intentiq.com/ Name: intentIQCDate
Value: 1729603292906
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZVUndGOVV4
.intentiq.com/ Name: IQPData
Value: 3506196592#1729603292905#0#1729603292905
.intentiq.com/ Name: IQMID
Value: 3506196592#1729603292907
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rlcdn.com/ Name: rlas3
Value: yqFKBAJlNQO1F8efduzP5tLO3dUjc48OVPoTxehCTK4=
.exelator.com/ Name: EE
Value: "aca8c32d4cccfd32261fbaed30d34d1a"
.pro-market.net/ Name: anHistory
Value: "8zxnuvf0blav+2+!#7')%@#YwV"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GTuuB4nr!]tbPl1N!7On*M$=BWr#e9hwdiI3QWeWEHMh0fyejG@0niIY'kh14'cjS<CDkrBl8/X%W#.wL4W1Qw1nHEAz1
.lijit.com/ Name: _ljtrtb_2
Value: F1419EABB6D740FA96553DAF15FE66E4
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: fb684fb5ac21599201e7c1ce5d3213ea
.rlcdn.com/ Name: pxrc
Value: CNzN3rgGEgUI6AcQABIFCOhHEAA=
.agkn.com/ Name: u
Value: C|0AAAAAAAALqpjXQAAAAAA
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSExOdEi2dgoxSQ5OTktxdjIyMwwLSkxNcXYIMXYJMUwcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6otDgxUUpaQyLSopPBZ%252BMMgIAAC0rEQ%253D%253D"
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~2led:19ba~2led"
.pippio.com/ Name: did
Value: ZeYQOgjalMcNo4iX
.pippio.com/ Name: didts
Value: 1729603293
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CN3N3rgGEgYIgr0rEAA=
.pro-market.net/ Name: anProfile
Value: "8zxnuvf0blav+1+1f=1+1g=1+1j=57:1+rs=s+rt=260008030A8831120000000000000112+s2=(slrefw)+vm=24-F1419EABB6D740FA96553DAF15FE66E4:81-y-H6_GsutE2pTZP4JedOsa6OV_x.dhUY8dNK8-%7EA"
.linkedin.com/ Name: li_sugr
Value: 36d7cb7e-d806-4e8d-b3cb-56d9a10cae60
.linkedin.com/ Name: bcookie
Value: "v=2&54f40828-4986-4d90-891f-9125c49a7562"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=3046:u=1:x=1:i=1729603293:t=1729689693:v=2:sig=AQGthts69D2ldXazMGVn54KdopXo1g5g"

2 Console Messages

Source Level URL
Text
network error URL: https://www.gormans.com/leather/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://stags.bluekai.com/site/29931?id=F1419EABB6D740FA96553DAF15FE66E4
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000, max-age=31536000, max-age=31536000, max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e3a7b4e-e4ec-497d-a481-eef8d0cf2a81.rlets.com
aa.agkn.com
ads.stickyadstv.com
api2.analyticspodium.com
assets.podium.com
bat.bing.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
capture-api.reachlocalservices.com
capturelogger-prod-usa.localiq.com
cdn.rlets.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
connect.podium.com
d.agkn.com
eb2.3lift.com
fault.rlets.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
jelly-v6.mdhv.io
jelly.mdhv.io
lab.analyticspodium.com
loadm.exelator.com
mind-flayer.podium.com
pbid.pro-market.net
pippio.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
premium-secure.microdinc.com
pubads.g.doubleclick.net
px.ads.linkedin.com
retailer-secure.microdinc.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
tag.simpli.fi
td.doubleclick.net
udesign.canadel.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gormans.com
www.michigansbestleather.com
s.ad.smaato.net
107.178.254.65
108.138.128.44
142.250.31.156
173.194.204.156
20.116.34.211
2001:4860:4802:38::15
2001:4998:14:800::1001
209.85.144.155
216.200.232.249
216.239.36.21
23.220.132.230
2600:1901:0:8eee::
2600:1f18:612b:4232:9e2f:bf0c:201b:364e
2600:9000:2073:2000:1b:6b7d:2300:93a1
2600:9000:2305:9400:6:9a19:88c0:93a1
2600:9000:2512:4400:1f:7c97:a480:93a1
2600:9000:2512:d400:1a:3af:f5c0:93a1
2600:9000:27c5:2800:19:fc2c:a140:93a1
2606:4700::6811:c519
2606:4700::6811:c619
2606:4700::6812:12a1
2607:f8b0:4004:c19::64
2607:f8b0:4004:c1b::9c
2607:f8b0:400d:c02::69
2607:f8b0:400d:c02::9b
2607:f8b0:400d:c09::9a
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0d::61
2620:1ec:21::14
2620:1ec:33:1::10
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.162.125.100
3.211.132.90
3.33.251.168
34.111.113.62
34.138.31.113
34.150.170.96
34.194.13.62
34.202.180.87
34.215.63.43
34.229.3.43
34.86.110.8
34.98.64.218
35.244.154.8
35.71.139.29
44.236.18.206
52.40.189.23
63.251.28.210
68.67.179.155
69.173.151.100
69.194.240.13
8.28.7.83
00a269606af95f52ce213e5096cc3a079d73522bc4e3c398789038666bb1454a
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
13f63b4deb0e37df62b5272cfe74b2385e6ab62e0113c1256f27c30b45a6a275
181a0ec1a9661bff3df55e308445ac3c8660620a85d09126ccb8f90a1cfbe9cd
1c276c037d48286cb6ca229adec816c69950c62514ae234f2466eb3d46847444
1ca2610cf967ea52275215dc40bf9be1186245eb0b033e2e735e8c0eeb1b93e3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
256f9f5c23dfbef60ffebf76280d731ce786ac173635cf07861c6216e2dc292a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28905b52c1b3a93d5c4170b0b2cef9a7b91aa2cbc908193e0d31e7982f2f91b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
39646b280991b47a21989359eea5ccead71eb0ca51ab27ef2eb0f2d5889d8efa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42a643d05e1343f666aa63e10f3bb8ae017c79c9743416d8f6fb7b0ae7aa3655
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
444afe81729554781d67c8c1e29f70258c51cb02cfa73b8cf3d3e8964c3bb8a7
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c98d0fe62a2017dba61f0f1ef3d27e013261bfe46794d2e28ca57f77830bcbf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5ae4bb3cd5f8187e4b83968afea7a5ba6c12c421e571736aac29ff4b4dc00fbe
5bcfacf47326af380a874fd10251517ed00062a736bc9546a41c8fac73d8fc51
5c13c03d0b369979888acf946f62522a3cb8f2a659d76a0647633cf9dd3d0c84
60c0c87be1358f7d7177e46169bf2b26770e929537e93b24ce9059647bb474e0
60f1b526f73cadfcecf31331815e8a748dac5fbf2d78fc9040404f38f374e6bf
693fd684880316b4310ae57243c4345c00f9fe5ea0506f3126952cde43a76eb9
6ccc2a862b00ac83e4821a6d67acb0bef25bb11cdbaa6c57369fb42f42060ed0
70f9b395cc3a7874d77e554d3ddef0a665225a58df153f556942af7181fe2162
7830845e4d084045e2e1b69f4f2e7d33e235e50cad26a83187a165b8ff89fcd4
783f8d239a494e05ff908247a200bc15a19ff20f34fefc024d84a6d3352a2e80
79cf91fddd45226d60df529a3b1d15889c8883dc90bac94422584495e06a5b82
81d2121635db8ac4faad8fdeebcc22e5b9655e3412b8cc01bb4c44419c841800
829d0faf9332fbfa1ef39823cbd08e67ad49c6d1a6f963d4c4d062d72faa5405
86374ecb912dd68f6ec86a065233edf0c9166a977ab6314296c96955777375ad
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
8b0fcd5865069f7fe250815d66efe691c2b08eb4098bf311429054e02a11a4e9
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
98292d2df8242a9d9a592d63e76fe68689da3812b537de54671162518d5f4cca
99d618a0be45c7530006cca0f890851f6f448d9406e58b91ed47828c141d2fa2
9ab082dce30b4ed9b93263882e1432b9ffc1d7ae6c502cff63d267ebfef3cfad
9cb4f3096e13f8d0aa304fd76fb05e3d2af580097bf9c87da50a83faf26cda1a
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb03359b5f8b6d2b2056dc684bbd8f664718c126abdbb1fd59808c9bca000c37
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc3d9684171a2c695425379f6988415653550c5008c904a432f407ec9068518c
be21727dc36aa9c43e3cd14f636395c34c582e6b6f16e42d094d9aa47a66b8e5
c34e65c51641c8ee722b779f1f7c139378ea65a97c04a77b65835413b9ccff4a
c721779892435dadf16c88d118bbddaccf915824610cdc4d26649fefb97cf57f
c8c8fc7dd75965154927dfba081414584f5b03b72b12cc35454ade8d1e5ed70a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca8b24e591972c5a85fdd7f7d94d0c43cc1d5ea9b839ebcb0941c221739e20b8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e20d51c211c166de1334abf0d6ba78efea1005b70fd7e25d31c1e0443573665d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f4cfe31bc1e9e6ac5cd9581e3718bdb4cfe201a5fd48bd0573c976db588bc2
e69b8ed4e4edd747ca15e9948ccfb01f8e58b62d0320ea969911c025c99512b0
ea8719e60835e698f7aa231e33f70d84810994177e5e526e1a33c9709fdd93f0
eeb14304df80162a407a20bf901d4c5035b150d408a49aa9da4925e7b163dd3d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
f74444652fb6d53547f6dbf2aa1a6b6fbac3405606370aa972c8dbb10e9d2a96
f8b0220980de4339ca04d32bc5656435847fecb3a47f2eac38e33277e18eddc8