Submitted URL: http://minutes.click/
Effective URL: https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxc...
Submission: On October 14 via manual from DE — Scanned from DE

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 21 HTTP transactions. The main IP is 104.16.192.14, located in and belongs to CLOUDFLARENET, US. The main domain is stopandshop.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.
This is the only time stopandshop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.219.168.162 32931 (PEAKTERA)
1 1 49.12.0.235 24940 (HETZNER-AS)
1 1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 172.67.135.44 13335 (CLOUDFLAR...)
1 1 54.154.232.8 16509 (AMAZON-02)
1 104.16.192.14 13335 (CLOUDFLAR...)
2 142.250.185.72 15169 (GOOGLE)
3 104.17.209.240 13335 (CLOUDFLAR...)
2 142.250.184.226 15169 (GOOGLE)
3 13.107.21.200 8068 (MICROSOFT...)
2 185.60.216.19 32934 (FACEBOOK)
1 2 45.79.164.223 63949 (LINODE-AP...)
1 172.217.23.100 15169 (GOOGLE)
3 185.60.216.35 32934 (FACEBOOK)
21 12
Domain Requested by
3 www.facebook.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 siteintercept.qualtrics.com zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2 lciapi.ninthdecimal.com 1 redirects
2 connect.facebook.net minutes.click
connect.facebook.net
2 www.googletagmanager.com stopandshop.com
www.googletagmanager.com
2 lookandfind.me minutes.click
2 minutes.click 1 redirects
1 www.google.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com minutes.click
1 stopandshop.com lookandfind.me
1 stopandshop.li9jiy.net 1 redirects
1 utkv6nyu.de 1 redirects
1 clever-redirect.com 1 redirects
1 rtpnt.xyz 1 redirects
21 17

This site contains no links.

Subject Issuer Validity Valid
lookandfind.me
R3
2021-09-04 -
2021-12-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-29 -
2022-06-28
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA
2020-10-26 -
2021-11-26
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-09-30 -
2022-03-30
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh
*.ninthdecimal.com
Go Daddy Secure Certificate Authority - G2
2020-09-22 -
2021-10-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
www.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 1 frames:

Primary Page: https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1
Frame ID: 8C96F2B8352E811C254D8B6019115065
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Security Block in Place

Page URL History Show full URLs

  1. http://minutes.click/ Page URL
  2. http://minutes.click/match-4773/67091/186129943/1634216968/mf_677fcede-caa9-4d91-b69c-0da03414646... HTTP 302
    https://rtpnt.xyz/v6/r?s=r8d&s3=minutes.click HTTP 302
    https://clever-redirect.com/s/r6?s=r8d&s2=&s3=minutesclick HTTP 302
    https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&... Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=f3229c0b0c36dac8d6fce04cb... HTTP 302
    https://stopandshop.li9jiy.net/c/123201/753559/10966?subId1=at107999_a192052_m12_p134708_cDE_sf3229c0b0c36d... HTTP 301
    https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=sto... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

16
Domains

17
Subdomains

12
IPs

4
Countries

1376 kB
Transfer

3710 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://minutes.click/ Page URL
  2. http://minutes.click/match-4773/67091/186129943/1634216968/mf_677fcede-caa9-4d91-b69c-0da034146461/bWludXRlcy5jbGljaw== HTTP 302
    https://rtpnt.xyz/v6/r?s=r8d&s3=minutes.click HTTP 302
    https://clever-redirect.com/s/r6?s=r8d&s2=&s3=minutesclick HTTP 302
    https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Df3229c0b0c36dac8d6fce04cbdcc1106%26url%3Dhttps%253A%252F%252Fwww.stopandshop.com%252F&h=8eda4716aa024dced33b0a7bafb3a319 Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=f3229c0b0c36dac8d6fce04cbdcc1106&url=https%3A%2F%2Fwww.stopandshop.com%2F HTTP 302
    https://stopandshop.li9jiy.net/c/123201/753559/10966?subId1=at107999_a192052_m12_p134708_cDE_sf3229c0b0c36dac8d6fce04cbdcc1106&sharedid=107999 HTTP 301
    https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://minutes.click/match-4773/67091/186129943/1634216968/mf_677fcede-caa9-4d91-b69c-0da034146461/bWludXRlcy5jbGljaw== HTTP 302
  • https://rtpnt.xyz/v6/r?s=r8d&s3=minutes.click HTTP 302
  • https://clever-redirect.com/s/r6?s=r8d&s2=&s3=minutesclick HTTP 302
  • https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick
Request Chain 13
  • https://lciapi.ninthdecimal.com/v1/lci/imp/adv-stopshop/c-22904?typ=online&brand=stopshop&plcmnt=adgoalX20GmbH&iol=X&aud=IR&crtv=Affiliate&pub=undefined&gtmcb=906737925 HTTP 302
  • https://lciapi.ninthdecimal.com/1x1.gif

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
minutes.click/
409 B
493 B
Document
General
Full URL
http://minutes.click/
Protocol
HTTP/1.1
Server
104.219.168.162 , United States, ASN32931 (PEAKTERA, US),
Reverse DNS
n7r.top-clicks.info
Software
nginx/1.14.2 /
Resource Hash
ca349f8b5f30b34acf01d36079ad9c5b8f5b9c0106dab866309f2484b7b8e3a9

Request headers

Host
minutes.click
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.14.2
Date
Thu, 14 Oct 2021 13:09:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Content-Encoding
gzip
a
lookandfind.me/s/
Redirect Chain
  • http://minutes.click/match-4773/67091/186129943/1634216968/mf_677fcede-caa9-4d91-b69c-0da034146461/bWludXRlcy5jbGljaw==
  • https://rtpnt.xyz/v6/r?s=r8d&s3=minutes.click
  • https://clever-redirect.com/s/r6?s=r8d&s2=&s3=minutesclick
  • https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick
433 B
600 B
Document
General
Full URL
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick
Requested by
Host: minutes.click
URL: http://minutes.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash
f022a06f11b270098b83cc1bcc8014e00d7dbdb1513d068b76e88ec50cdb9a1c

Request headers

:method
GET
:authority
lookandfind.me
:scheme
https
:path
/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://minutes.click/

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
433
content-type
text/html; charset=UTF-8
date
Thu, 14 Oct 2021 13:09:29 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy
no-referrer
x-powered-by
PHP/7.4.24
location
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Oct 2021 13:09:29 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
r
lookandfind.me/s/
349 B
379 B
Document
General
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Df3229c0b0c36dac8d6fce04cbdcc1106%26url%3Dhttps%253A%252F%252Fwww.stopandshop.com%252F&h=8eda4716aa024dced33b0a7bafb3a319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

:method
GET
:authority
lookandfind.me
:scheme
https
:path
/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Df3229c0b0c36dac8d6fce04cbdcc1106%26url%3Dhttps%253A%252F%252Fwww.stopandshop.com%252F&h=8eda4716aa024dced33b0a7bafb3a319
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/a?t=1?f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=stopandshop.com&s1=r8d&s2=&s3=minutesclick

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
349
content-type
text/html; charset=UTF-8
date
Thu, 14 Oct 2021 13:09:29 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
Primary Request /
stopandshop.com/
Redirect Chain
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=f3229c0b0c36dac8d6fce04cbdcc1106&url=https%3A%2F%2Fwww.stopandshop.com%2F
  • https://stopandshop.li9jiy.net/c/123201/753559/10966?subId1=at107999_a192052_m12_p134708_cDE_sf3229c0b0c36dac8d6fce04cbdcc1106&sharedid=107999
  • https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affi...
1 MB
794 KB
Document
General
Full URL
https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Df3229c0b0c36dac8d6fce04cbdcc1106%26url%3Dhttps%253A%252F%252Fwww.stopandshop.com%252F&h=8eda4716aa024dced33b0a7bafb3a319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.192.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a86d315432ccf6f446f78e5908f939fb660ea078e6a611cceeb2fc654767a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
stopandshop.com
:scheme
https
:path
/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lookandfind.me/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3Df3229c0b0c36dac8d6fce04cbdcc1106%26url%3Dhttps%253A%252F%252Fwww.stopandshop.com%252F&h=8eda4716aa024dced33b0a7bafb3a319

Response headers

date
Thu, 14 Oct 2021 13:09:29 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=ukskBNqtfHQsELnRcLFGfZEfM__jI5bcgi6mBKxlGGE-1634216969-0-AVfeWsm+X+KRz0FwzYWSlH8x6TXq531yjOVRbrK0JXCq9zBhxfee9CmJZBnWDG/QZB7qihFRhlHfqn7MIroHqnk=; path=/; expires=Thu, 14-Oct-21 13:39:29 GMT; domain=.stopandshop.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
server
cloudflare
cf-ray
69e10adb9f916919-FRA
content-encoding
gzip

Redirect headers

date
Thu, 14 Oct 2021 13:09:29 GMT
content-length
0
location
https://stopandshop.com?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1
set-cookie
AWSALB=abf98qQUNDj9/D2nqiOTmuTjUQJyKcKSLs0ENMM8GtnjxOHhi5U99sDyNn9kC3I77CReK4UIcyWztAmB82UvEF3vIbVHsMKJsyzLeXhtBDptdcfaU6RRFOU5zx6H; Expires=Thu, 21 Oct 2021 13:09:29 GMT; Path=/ AWSALBCORS=abf98qQUNDj9/D2nqiOTmuTjUQJyKcKSLs0ENMM8GtnjxOHhi5U99sDyNn9kC3I77CReK4UIcyWztAmB82UvEF3vIbVHsMKJsyzLeXhtBDptdcfaU6RRFOU5zx6H; Expires=Thu, 21 Oct 2021 13:09:29 GMT; Path=/; SameSite=None; Secure brwsr=f7079d9b-2cef-11ec-a185-496c003cb239; Domain=.li9jiy.net; Path=/; Secure; Max-Age=62208000; Expires=Wed, 4 Oct 2023 13:09:29 GMT; HttpOnly; SameSite=None irld=LSlF1XCwoTUuk3q5wi3yicU2wSJtwvYSSr3iGykQTE-yVhRkx; Path=/; Secure; Max-Age=15552000; Expires=Tue, 12 Apr 2022 13:09:29 GMT; HttpOnly; SameSite=None
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Thu, 14 Oct 2021 13:09:29 GMT
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
gtm.js
www.googletagmanager.com/
516 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PN7ML7L
Requested by
Host: stopandshop.com
URL: https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4434a922708652e25e3c4aad5e6687f576841778194891ff9d8daa26428348cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86471
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 13:09:29 GMT
truncated
/
684 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3206c1f1048b355458c33ca3ad2dc73f575a4d436a89dd6f8249f019adfc1978

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
38 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ee785c546f8f3cac4b3959f21f2d3fbc9f1a353c7289605d8756fd7a05599e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
96 KB
96 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2fdffadde5ebd39ff053c431ff7dc14021d909a7f6b04693a922115ab2f068d

Request headers

Referer
Origin
https://stopandshop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/
96 KB
96 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
423ff1d277bd6036cb39b7a56eaaedc5db5f03134b4d825a9d66ecdda17b39e4

Request headers

Referer
Origin
https://stopandshop.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/octet-stream
gtm.js
www.googletagmanager.com/
333 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N4ZR4L2&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN7ML7L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3df179ee2fcb5e2b01382a94ef4e219cc71983f6a5c6b9ebc22dbbd748c07e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86943
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 13:09:30 GMT
/
zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com/SIE/
7 KB
4 KB
Script
General
Full URL
https://zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3f8e6TCEOtW1Rnn
Requested by
Host: minutes.click
URL: http://minutes.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d550d87bdc41b6224c6714b5c3ed32b31f755106e6b7ee3bf9a11b6129028b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
47006
cf-polished
origSize=8435
cf-ray
69e10ae028cc1f31-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
4
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-JsZTYl6RAih+bcLb3DFD6lwKYBY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
conversion_async.js
www.googleadservices.com/pagead/
37 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4ZR4L2&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ce5d04728dd44773a0ca662d448519c8183ee373509d9f2b113de26ee27e6ac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14434
x-xss-protection
0
server
cafe
etag
6459822914052056002
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 13:09:30 GMT
bat.js
bat.bing.com/
34 KB
10 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4ZR4L2&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:29 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 19:11:47 GMT
x-msedge-ref
Ref A: FD550359329C4753BC22BEAC8B4C9CEC Ref B: PRG01EDGE1021 Ref C: 2021-10-14T13:09:30Z
etag
"805b72e6bad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10001
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: minutes.click
URL: http://minutes.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25966
x-xss-protection
0
pragma
public
x-fb-debug
BYQCmMzlPELWbjQ329e1jyfYPsYxALYJ/j7OoWJjiH9W5TtXep1WEtX9amq8hRe+p3/VZunRgZinwnvNRAcvVw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 14 Oct 2021 13:09:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
1x1.gif
lciapi.ninthdecimal.com/
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/imp/adv-stopshop/c-22904?typ=online&brand=stopshop&plcmnt=adgoalX20GmbH&iol=X&aud=IR&crtv=Affiliate&pub=undefined&gtmcb=906737925
  • https://lciapi.ninthdecimal.com/1x1.gif
42 B
284 B
Image
General
Full URL
https://lciapi.ninthdecimal.com/1x1.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.79.164.223 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
lciapi-ewr-12.ninthdecimal.com
Software
openresty/1.15.8.2 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 13:09:30 GMT
Last-Modified
Mon, 03 Apr 2017 22:08:25 GMT
Server
openresty/1.15.8.2
ETag
"58e2c7d9-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42

Redirect headers

Location
https://lciapi.ninthdecimal.com/1x1.gif
Date
Thu, 14 Oct 2021 13:09:30 GMT
Server
openresty/1.15.8.2
Connection
keep-alive
Content-Length
151
Content-Type
text/html
12.0694c394c89326ddb6fe.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
55 KB
17 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.0694c394c89326ddb6fe.chunk.js?Q_CLIENTVERSION=1.62.0&Q_CLIENTTYPE=web&Q_BRANDID=stopandshop.com
Requested by
Host: zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com
URL: https://zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3f8e6TCEOtW1Rnn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31364854b8b38cfa23c163773331d62f9658a3431e768636dd7da1c00d325bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
48255
cf-polished
origSize=57116
cf-ray
69e10ae0d9d21f31-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
20
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Oct 2021 21:55:21 GMT
server
cloudflare
etag
W/"df1c-17c579a9528"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787499836/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787499836/?random=1634216970392&cv=9&fst=1634216970392&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgab0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstopandshop.com%2F%3Firclickid%3DSAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0%26campaignId%3D10966%26site%3Dstopandshop.com%26utm_kxconf%3D%253Duw0zhhtmh%26c3ch%3DAffiliate%26c3nid%3DIR-123201%26utm_source%3DIR%26utm_medium%3DAffiliate%26utm_campaign%3Dadgoal%2520GmbH%26utm_content%3DOnline%2520Tracking%2520Link%26utm_keyword%3D107999%26irgwc%3D1&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Security%20Block%20in%20Place&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5fd2f9305b7fd40d5d702fdf6bdfcc387b9de4cb26f9455180ffba9918c7335c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1195
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
644428442669458
connect.facebook.net/signals/config/
490 KB
144 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/644428442669458?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
ab7ab768326ad490da037b668112fe9f0ca18f8d23cb0799b9f4056d310cc819
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
K1ekWOlPJmW/d9d1wFCdyuEKesI4erJMoplN7osCOkaytBwcBFpE6knpezQvnLZGVaLgEpIbHnN6F2yOXjB7ew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 14 Oct 2021 13:09:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
3 KB
1 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_3f8e6TCEOtW1Rnn&Q_CLIENTVERSION=1.62.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0694c394c89326ddb6fe.chunk.js?Q_CLIENTVERSION=1.62.0&Q_CLIENTTYPE=web&Q_BRANDID=stopandshop.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5677db15f1bca9f6cf26c529c20281638fca61bafabb9358ca419633f233fdd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Oct 2021 13:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
7
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://stopandshop.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
e9c75eb3fda91a30
cf-ray
69e10ae12a2d1f31-FRA
17397085.js
bat.bing.com/p/action/
0
129 B
Script
General
Full URL
https://bat.bing.com/p/action/17397085.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Oct 2021 13:09:29 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: C54A0C4C2C7F47AC95234C4823DF7ECE Ref B: PRG01EDGE1021 Ref C: 2021-10-14T13:09:30Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
150 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17397085&tm=gtm002&Ver=2&mid=badc412e-baa8-478d-835f-d18c9965d0cc&sid=f797c8602cef11eca810ad62d42fe592&vid=f797cf602cef11ec9f5c092f5aa3a2c9&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Security%20Block%20in%20Place&p=https%3A%2F%2Fstopandshop.com%2F%3Firclickid%3DSAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0%26campaignId%3D10966%26site%3Dstopandshop.com%26utm_kxconf%3D%253Duw0zhhtmh%26c3ch%3DAffiliate%26c3nid%3DIR-123201%26utm_source%3DIR%26utm_medium%3DAffiliate%26utm_campaign%3Dadgoal%2520GmbH%26utm_content%3DOnline%2520Tracking%2520Link%26utm_keyword%3D107999%26irgwc%3D1&r=https%3A%2F%2Flookandfind.me%2F&lt=883&evt=pageLoad&msclkid=N&sv=1&rn=801038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Oct 2021 13:09:29 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: BB8D7AA365A44803A2F9734E54F2B21D Ref B: PRG01EDGE1021 Ref C: 2021-10-14T13:09:30Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787499836/
42 B
569 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/787499836/?random=1634216970392&cv=9&fst=1634216400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgab0&sendb=1&frm=0&url=https%3A%2F%2Fstopandshop.com%2F%3Firclickid%3DSAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0%26campaignId%3D10966%26site%3Dstopandshop.com%26utm_kxconf%3D%253Duw0zhhtmh%26c3ch%3DAffiliate%26c3nid%3DIR-123201%26utm_source%3DIR%26utm_medium%3DAffiliate%26utm_campaign%3Dadgoal%2520GmbH%26utm_content%3DOnline%2520Tracking%2520Link%26utm_keyword%3D107999%26irgwc%3D1&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Security%20Block%20in%20Place&async=1&fmt=3&is_vtc=1&random=3808323028&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 13:09:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
313 B
Image
General
Full URL
https://www.facebook.com/tr/?id=644428442669458&ev=PageView&dl=https%3A%2F%2Fstopandshop.com%2F%3Firclickid%3DSAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0%26campaignId%3D10966%26site%3Dstopandshop.com%26utm_kxconf%3D%253Duw0zhhtmh%26c3ch%3DAffiliate%26c3nid%3DIR-123201%26utm_source%3DIR%26utm_medium%3DAffiliate%26utm_campaign%3Dadgoal%2520GmbH%26utm_content%3DOnline%2520Tracking%2520Link%26utm_keyword%3D107999%26irgwc%3D1&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1634216971042&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634216971032.1917001773&it=1634216970411&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 14 Oct 2021 13:09:31 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=644428442669458&ev=ViewContent&dl=https%3A%2F%2Fstopandshop.com%2F%3Firclickid%3DSAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0%26campaignId%3D10966%26site%3Dstopandshop.com%26utm_kxconf%3D%253Duw0zhhtmh%26c3ch%3DAffiliate%26c3nid%3DIR-123201%26utm_source%3DIR%26utm_medium%3DAffiliate%26utm_campaign%3Dadgoal%2520GmbH%26utm_content%3DOnline%2520Tracking%2520Link%26utm_keyword%3D107999%26irgwc%3D1&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1634216971047&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634216971032.1917001773&it=1634216970411&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 14 Oct 2021 13:09:31 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=644428442669458&ev=Microdata&dl=https%3A%2F%2Fstopandshop.com%2F%3Firclickid%3DSAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0%26campaignId%3D10966%26site%3Dstopandshop.com%26utm_kxconf%3D%253Duw0zhhtmh%26c3ch%3DAffiliate%26c3nid%3DIR-123201%26utm_source%3DIR%26utm_medium%3DAffiliate%26utm_campaign%3Dadgoal%2520GmbH%26utm_content%3DOnline%2520Tracking%2520Link%26utm_keyword%3D107999%26irgwc%3D1&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1634216972545&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Security%20Block%20in%20Place%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=2&o=30&fbp=fb.1.1634216971032.1917001773&it=1634216970411&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:09:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 14 Oct 2021 13:09:32 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| userip object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| fbq function| _fbq object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.62.0 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| uetq object| _qsie object| regeneratorRuntime object| JSON3

15 Cookies

Domain/Path Name / Value
utkv6nyu.de/ Name: PHPSESSID
Value: ddlhto7tpq269lo7s30jeoli21
stopandshop.li9jiy.net/ Name: AWSALB
Value: abf98qQUNDj9/D2nqiOTmuTjUQJyKcKSLs0ENMM8GtnjxOHhi5U99sDyNn9kC3I77CReK4UIcyWztAmB82UvEF3vIbVHsMKJsyzLeXhtBDptdcfaU6RRFOU5zx6H
stopandshop.li9jiy.net/ Name: AWSALBCORS
Value: abf98qQUNDj9/D2nqiOTmuTjUQJyKcKSLs0ENMM8GtnjxOHhi5U99sDyNn9kC3I77CReK4UIcyWztAmB82UvEF3vIbVHsMKJsyzLeXhtBDptdcfaU6RRFOU5zx6H
.li9jiy.net/ Name: brwsr
Value: f7079d9b-2cef-11ec-a185-496c003cb239
stopandshop.li9jiy.net/ Name: irld
Value: LSlF1XCwoTUuk3q5wi3yicU2wSJtwvYSSr3iGykQTE-yVhRkx
.stopandshop.com/ Name: __cf_bm
Value: ukskBNqtfHQsELnRcLFGfZEfM__jI5bcgi6mBKxlGGE-1634216969-0-AVfeWsm+X+KRz0FwzYWSlH8x6TXq531yjOVRbrK0JXCq9zBhxfee9CmJZBnWDG/QZB7qihFRhlHfqn7MIroHqnk=
.stopandshop.com/ Name: _gcl_au
Value: 1.1.1073543460.1634216970
.stopandshop.com/ Name: __utmzz
Value: utmcsr=IR|utmcmd=Affiliate|utmccn=adgoal%20GmbH|utmcct=Online%20Tracking%20Link
.stopandshop.com/ Name: __utmzzses
Value: 1
.bing.com/ Name: MUID
Value: 3D34011E2F656DB80EC011CE2E276C2C
.stopandshop.com/ Name: _uetsid
Value: f797c8602cef11eca810ad62d42fe592
.stopandshop.com/ Name: _uetvid
Value: f797cf602cef11ec9f5c092f5aa3a2c9
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ninthdecimal.com/ Name: ndat
Value: LU+k32FoLAplAiOadE5jAg==
.stopandshop.com/ Name: _fbp
Value: fb.1.1634216971032.1917001773

1 Console Messages

Source Level URL
Text
network error URL: https://stopandshop.com/?irclickid=SAyRfD2bKxyIW31wtI004TU5UkBX850qEUVexo0&campaignId=10966&site=stopandshop.com&utm_kxconf=%3Duw0zhhtmh&c3ch=Affiliate&c3nid=IR-123201&utm_source=IR&utm_medium=Affiliate&utm_campaign=adgoal%20GmbH&utm_content=Online%20Tracking%20Link&utm_keyword=107999&irgwc=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
clever-redirect.com
connect.facebook.net
googleads.g.doubleclick.net
lciapi.ninthdecimal.com
lookandfind.me
minutes.click
rtpnt.xyz
siteintercept.qualtrics.com
stopandshop.com
stopandshop.li9jiy.net
utkv6nyu.de
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
zn3f8e6tceotw1rnn-aholddelhaize.siteintercept.qualtrics.com
104.16.192.14
104.17.209.240
104.219.168.162
13.107.21.200
142.250.184.226
142.250.185.72
157.90.169.168
172.217.23.100
172.67.135.44
185.60.216.19
185.60.216.35
45.79.164.223
49.12.0.235
54.154.232.8
78.46.197.88
0d550d87bdc41b6224c6714b5c3ed32b31f755106e6b7ee3bf9a11b6129028b4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ee785c546f8f3cac4b3959f21f2d3fbc9f1a353c7289605d8756fd7a05599e1
31364854b8b38cfa23c163773331d62f9658a3431e768636dd7da1c00d325bfa
3206c1f1048b355458c33ca3ad2dc73f575a4d436a89dd6f8249f019adfc1978
3df179ee2fcb5e2b01382a94ef4e219cc71983f6a5c6b9ebc22dbbd748c07e5c
423ff1d277bd6036cb39b7a56eaaedc5db5f03134b4d825a9d66ecdda17b39e4
4434a922708652e25e3c4aad5e6687f576841778194891ff9d8daa26428348cc
5677db15f1bca9f6cf26c529c20281638fca61bafabb9358ca419633f233fdd9
5fd2f9305b7fd40d5d702fdf6bdfcc387b9de4cb26f9455180ffba9918c7335c
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
98a86d315432ccf6f446f78e5908f939fb660ea078e6a611cceeb2fc654767a9
ab7ab768326ad490da037b668112fe9f0ca18f8d23cb0799b9f4056d310cc819
ca349f8b5f30b34acf01d36079ad9c5b8f5b9c0106dab866309f2484b7b8e3a9
ce5d04728dd44773a0ca662d448519c8183ee373509d9f2b113de26ee27e6ac3
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f022a06f11b270098b83cc1bcc8014e00d7dbdb1513d068b76e88ec50cdb9a1c
f2fdffadde5ebd39ff053c431ff7dc14021d909a7f6b04693a922115ab2f068d