www.kohlsfeedback.org Open in urlscan Pro
2606:4700:3035::6815:5209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kohlsfeedback.org/
Effective URL:
https://www.kohlsfeedback.org/
Submission: On February 07 via manual (February 7th 2023, 1:52:17 am UTC) from AU — Scanned from US

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 1 countries across 13 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3035::6815:5209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kohlsfeedback.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time www.kohlsfeedback.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:a785	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2606:4700:303... 2606:4700:3035::6815:5209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	198.145.13.11 198.145.13.11	2044 (DF-PTL1) (DF-PTL1)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
11	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
4	2600:141b:500... 2600:141b:5000::b81d:8faa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	2600:9000:24e... 2600:9000:24eb:4c00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
3	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
89	24

1 2606:4700:3037::ac43:a785 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kohlsfeedback.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::6815:5209 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kohlsfeedback.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kohlsfeedback.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.11 (Tualatin, United States)

ASN2044 (DF-PTL1, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:5000::b81d:8faa (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24eb:4c00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2004 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 pix.us.criteo.net — Cisco Umbrella Rank: 2324 csm.us.criteo.net — Cisco Umbrella Rank: 2313	642 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	245 KB
14	kohlsfeedback.org 2 redirects kohlsfeedback.org www.kohlsfeedback.org	142 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 ad.doubleclick.net — Cisco Umbrella Rank: 184	48 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 484 rtb0.doubleverify.com — Cisco Umbrella Rank: 715 rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 1821 tps.doubleverify.com — Cisco Umbrella Rank: 525	133 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	51 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 4853 ads.us.criteo.com — Cisco Umbrella Rank: 2256 cat.va.us.criteo.com — Cisco Umbrella Rank: 2628	50 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	97 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 11454 in.getclicky.com — Cisco Umbrella Rank: 9634	6 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 661	582 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	610 B
89	13

	Domain	Requested by
14	pix.us.criteo.net	ads.us.criteo.com
12	www.kohlsfeedback.org	www.kohlsfeedback.org
11	static.criteo.net	ads.us.criteo.com static.criteo.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	www.kohlsfeedback.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	cdn.doubleverify.com	ads.us.criteo.com cdn.doubleverify.com www.kohlsfeedback.org
3	www.gstatic.com	googleads.g.doubleclick.net
2	csm.us.criteo.net	ads.us.criteo.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ad.doubleclick.net	1 redirects ads.us.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	kohlsfeedback.org	2 redirects
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	fonts.gstatic.com	fonts.googleapis.com
1	d.agkn.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	in.getclicky.com	static.getclicky.com
1	static.getclicky.com	www.kohlsfeedback.org
89	26

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-18` - `2023-03-15`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-12` - `2023-03-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-16` - `2023-04-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.kohlsfeedback.org/
Frame ID: B6E04BD27C41754B481B512A46856DEA
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
Frame ID: 12F56B7C3DAFED60FA9965589C19FD96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&adk=1812271804&adf=3025194257&lmt=1675715359&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732411&bpp=13&bdt=662&idt=259&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7006574434595&frm=20&pv=2&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=327
Frame ID: 0355D54ECECA0B7C89EF84294E945C5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=2405117892&adk=1414024204&adf=3816439326&pi=t.ma~as.2405117892&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732424&bpp=19&bdt=675&idt=337&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Q88rQF619e&p=https%3A//www.kohlsfeedback.org&dtd=354
Frame ID: 4256F844A55A0F07E6291192CADE10AF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=9877533368&adk=3943937697&adf=310585067&pi=t.ma~as.9877533368&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732443&bpp=3&bdt=694&idt=377&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WVu6WLn2AZ&p=https%3A//www.kohlsfeedback.org&dtd=390
Frame ID: D78B823797322FF8B20570202423D428
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w&u=%7CZt%2BhYCco7pYI74mn8qc%2BOSm%2FYF7MWVqLfOjrhDGrngU%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%26client%3Dca-pub-8048356870324591%26adurl%3D
Frame ID: D110B24FD8CA57A74AB2CBD8E43D84D3
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E7B9CD92C000EC47FCFC9E0070E4F26
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3503.js
Frame ID: F067EB931DDE286ED565DCF31D33DEB1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js
Frame ID: F7D79AA6BD06D34A6D55EEE0F5576C77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF91325BBB60DE4A1E1A4CCA9A63243F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9BF1694067D56E9D037E268C63D0286
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KohlsFeedback - Take Survey Official www.kohlsfeedback.com

Page URL History Show full URLs

http://kohlsfeedback.org/ HTTP 301
https://kohlsfeedback.org/ HTTP 301
https://www.kohlsfeedback.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

89
Requests

99 %
HTTPS

83 %
IPv6

13
Domains

26
Subdomains

24
IPs

1
Countries

1419 kB
Transfer

3116 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kohlsfeedback.org/ HTTP 301
https://kohlsfeedback.org/ HTTP 301
https://www.kohlsfeedback.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c29645db5a8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPLqraymgv0CFcRFcgodlCgMWw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c29645db5a8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 56

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

89 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kohlsfeedback.org/
Redirect Chain

http://kohlsfeedback.org/
https://kohlsfeedback.org/
https://www.kohlsfeedback.org/

67 KB
16 KB

126ms
65ms

Document
text/html

2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543a36a04476b381281f0452f08b8885a7b8d99cfc45f8a03079d72e8b9a9542

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79587c18ee62c409-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 01:52:11 GMT
last-modified: Mon, 06 Feb 2023 20:29:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjY6Ji6Dg3hMv1d11pz77oBu%2FMm%2BSIszsOqEySrzIyIvIfQvkKPOTjsdfLvA7JLuQMY52tZxTK9TulT6dVNx1MlMYwTxv7aMrjsA7a61NkvOhwPCaTfoEv0l%2FXekDc%2FVgeOFnmT6kYbXUQWIWKS83d03nQU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79587c16b980c409-EWR
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 01:52:11 GMT
location: https://www.kohlsfeedback.org/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoyPJHGeDAhKE1q7Hr80W6kBkNdJd9ksR6%2BcN5VLPFOVC13uAbkuzvrUPVgHsv1SX7qpN20bL2u9fcByD%2FN8sKfuiCt03LOS%2FIl%2BvhHkfdkFToYgJqoyOlQZBoUhyGZyoSgusizkYxo%2BnlfwGMJHrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://www.kohlsfeedback.org/xmlrpc.php
x-redirect-by: WordPress
x-ua-compatible: IE=edge

GET
H2 200 fa845fd99e98e22dbeb4e61545fdcb03.css
www.kohlsfeedback.org/wp-content/cache/min/1/ 122 KB
20 KB 74ms
67ms Stylesheet
text/css 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/cache/min/1/fa845fd99e98e22dbeb4e61545fdcb03.css
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a210af67d20147544995aa119a2c9df9ad52a28460bbf33a1c2d81626183c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 22 Nov 2022 08:27:06 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=124658
etag: W/"1e6f2-5ee0aeff0665a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aasW5kdCcZXt9TOYcYnW96ztRWzOXRzkEOL2IQwpYvv7C%2FvGjvQWJ8JTrxyR8h2IaLnjZYwq43h%2FZlCObGN4HPh7jpC5ASHaMQg8gCN4kVUrs36NeECqkwM%2B7uTDd2DLjCXu3wr%2BM0%2F7s6iDxDe4TRMjayo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79587c19a809c409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.kohlsfeedback.org/wp-includes/js/jquery/ 88 KB
32 KB 49ms
43ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 04:05:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15e54-5ee0749366446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxUUWRGDs99VWhmDZo%2BeNrJNtutFUHpXf0afKCYx0%2BT62kBBBw6wo7QRqKo1Vi8fb36Y5TJiIThH9jDCmS3MK7rwnP5ZLnHaN9m9PvgyJyMmWgJo5ESX4CpyG4QnHAiBZzfqiLupbwWj2VDk1JxebnjDD%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19a80cc409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.kohlsfeedback.org/wp-includes/js/jquery/ 11 KB
4 KB 62ms
56ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 04:05:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2bd8-5ee0749366446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iKpaVrdrv%2BZf9S8UpdrjgTWD70%2FdvZKIbVC5UAcund1EMKiu6zrfXiFgp6p%2FDjoDusYkbHcc85%2BLN00mg%2BIrPwag0zACXXGF2hjkOUHlN5VW4WLxopc4odlWwniVcqvw7wQNletXcLUfY3TNLPr3V8CtD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b820c409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 85ms
41ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8048356870324591

Requested by

Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c225077320e9ccf05088de3f5b88a366e88468de5d7608d725ab64e6b5a52edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kohlsfeedback.org/
Origin: https://www.kohlsfeedback.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49950
x-xss-protection: 0
server: cafe
etag: 3738426309516427720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 01:52:11 GMT

GET
H2 200 101357695.js Show response
static.getclicky.com/ 15 KB
5 KB 76ms
34ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/101357695.js
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daaf49e864ef26b3d96facbac942ba5ce3cdcc6f5c8fea7828cc000cd770626b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sun, 12 Feb 2023 19:18:25 GMT
date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 19:18:25 GMT
server: cloudflare
age: 110026
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 79587c1aaf43c420-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: MISS

GET
H2 200 index.js Show response
www.kohlsfeedback.org/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 75ms
69ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=1668840149
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38fe3259ea7beb28f8f8245e808815b186c9c11e5ec68c2f04466223c12792b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 19 Nov 2022 06:42:29 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"26d0-5edcd20449f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yw%2FiMQc7g%2FBuKhUxknRRri3dbHVuq5ULDqM2Nnr0%2FO%2FUymbGx6H8u7r7JScz6k4zB8QkGy5AlmlHQFQLlZQpRoXfGaS950GqIRooYwAhgNcHQSHkrJ3f0Hh%2FNYxVCbiGRZKvH7tzrQ9z2JFlPo4FQU1gm%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b822c409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 index.js Show response
www.kohlsfeedback.org/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 85ms
79ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/js/index.js?ver=1668840149
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd14831f3a64217213c137445777af7a26c09c35c28b4b0df6514a785d9f1e96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 19 Nov 2022 06:42:29 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"3015-5edcd20449f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTykhL405Gx5wSKWLCz%2Fb%2FgBaS4mE7zifhwisi5aP50w%2FQsmJwaMoNBwytGtnpQoQEMJLLdLivD%2BvMo2t6kX%2F%2F%2FwzH%2BSPyMcSKKMDtr6m3Hjlw6mZyFVLktYtYVXwSU7IYVskah8ifJP1kcXvZKYeMi0%2BPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b825c409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 front.min.js Show response
www.kohlsfeedback.org/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 58ms
52ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 06:59:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17cb-5cc7bef83f6c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlKciEYE8ktNY%2FulPn8UA8ad8DXQsknfoyFbm7Ut%2FXZatiyywd26qJBCfUAtjHM7YMydAe0lfOpatpgNL0xPkySuFBCBqS7u2oUIyJuctB3MlVm%2FHEmI37f0FzQDIpx1RuR3VW2F4NRa5lb2aBuZ3Sg4Yqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b829c409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 menu.min.js Show response
www.kohlsfeedback.org/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 45ms
39ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.3
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Oct 2021 23:13:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b1c-5cf499f50fb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLy6RiwmCM%2BKkQXoQsk0aZQywTqxYyG1bAlMS1PthlhrGxsbh2krjAV2NYxkcjlsYBY38rPhD3ZEStWaE1%2B%2BiAFVwPyZBFZzJzZUwDtS8knNWUP6auHTzdgEY0UM1QFs5u85SuGVmv2N1Q%2Bb7gSX3sXXHj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b82bc409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 comment-reply.min.js Show response
www.kohlsfeedback.org/wp-includes/js/ 3 KB
2 KB 60ms
54ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 04:05:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ba5-5ee074936c206"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0INkW0aL1ESbKhzMH%2BmdBsQDheEano4ksmzKsDCQ0Gaj8lahtDKOkfNAm%2FjkKhBWuE9shRKKW4%2BkJPzCsXbGtq1cGcE5BDlnvuJ65lQ4rQgs%2B%2FRt8dciNRcwDXiaLYRLqmhZgy1QeHUwZfLg9fuhhnq5ebQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b82cc409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.datatables.min.js Show response
www.kohlsfeedback.org/wp-content/plugins/tablepress/js/ 84 KB
30 KB 79ms
73ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/plugins/tablepress/js/jquery.datatables.min.js?ver=1.14
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77d65299a6a0dd7165162e9e51005bcb2c7db7250b04c1ae4058d26e497070f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Sep 2021 06:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1505c-5cc7befa27b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o26zOawqaAUrj4uGfG%2FyyjL3BuvLZ%2F%2FFe2H2yrI1LRNRrNFg9rGe0QYhAUNDfdbE4lJ5RLecBf4zKPAvp9l1yctWT6Q9Sz7IC9Ici3vkYjmxI06G0iYmlF%2Bq3etVn7R91Ba8A7JL7DZOyu4fR%2FONlnQG8To%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c19b82ec409-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
www.kohlsfeedback.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 62ms
56ms Script
application/javascript 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kohlsfeedback.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Mar 2022 09:52:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2063-5db6c803d3880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fjt5YoWUZjXy9qi96qbb3IvueXpJ9nDhhS%2BQE2z0JWvmNv4RWl2Kb08i5JKO%2F%2BM0WLhS7jTxGyjaepUtEtE9gFPng6y%2BEB8xqoh1%2BmgXjkW3mfrj0W0PJhxxoNwSUjN1lb0XSejlJInByj4VvnpYeG0iNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79587c1a7d098c41-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baaef2c3a50c4615dfb2373ab00a4eb7c3ad7b1abc938d712d0808ccea8aff53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bcc09ef3ece4460a44b358be3fd383560cc86a039ea27d14d0d7eef2a2fe914

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58b677a339d7c95008416c703381e19df0c5d4021c627116b9b8c269ec99fe5c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef269fc9179b06c6fcdca3c656152e90a7fb7e9b32201bc4d030da86242ae1f7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 980 B
980 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dfd0cc0bc2c551f9779249efaac0a586b85fa33f11f5b3cbda5093a01ea3e42

Request headers

Referer
Origin: https://www.kohlsfeedback.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 361 KB
118 KB 116ms
92ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8048356870324591

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30268dff19086ac3adf5588f0d30141a5ee00c194e0b857f25288c0a8ae9bc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121168
x-xss-protection: 0
server: cafe
etag: 8688278170855343481
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 01:52:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/ Frame 12F5 10 KB
5 KB 34ms
6ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8048356870324591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kohlsfeedback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:40:07 GMT
etag: 10353107486223812946
expires: Mon, 20 Feb 2023 07:40:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KohlsFeedback.jpeg
www.kohlsfeedback.org/wp-content/uploads/2021/12/ 21 KB
22 KB 35ms
34ms Image
image/jpeg 2606:4700:3035::6815:5209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kohlsfeedback.org/wp-content/uploads/2021/12/KohlsFeedback.jpeg
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d45231e592233b5cef6fca48bbe181d9acb6cc2501a3050bb1232214a2bb83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:12 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 10:52:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5469-5edf8db82ad80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eple7NTf0o%2B4WuRNiUNjAiAmxnWbr%2FCbnOvAsPBRYLcivrys1Bw10PgZMThuNixYl3dEbLvjasDKIkQ82ufD3fHG8CJoxn%2F9wKjhvrUWVvwK%2Bcm1xL0jy1qS4bcuBa%2F1Fpi7gdki3M2803dZaNaTuksY9Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79587c1e3d5f8c41-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21609

GET
H2 200 in.php Show response
in.getclicky.com/ 117 B
355 B 281ms
84ms Script
text/javascript 198.145.13.11
DF-PTL1

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101357695&type=pageview&href=%2F&title=KohlsFeedback%20-%20Take%20Survey%20Official%20www.kohlsfeedback.com&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.35353848829842116
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/101357695.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.11 Tualatin, United States, ASN2044 (DF-PTL1, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: f57979fe83371aff400631200457db6489ab3b935094cd6421a1aa3fd8ea5963

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
610 B 58ms
30ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kohlsfeedback.org&callback=_gfp_s_&client=ca-pub-8048356870324591

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53a712b49b68b9a4554dd3b150b8be3ed4d31f589d5fcf1056162690cda6375d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 89ms
38ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kohlsfeedback.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0355 0
188 B 209ms
196ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&adk=1812271804&adf=3025194257&lmt=1675715359&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732411&bpp=13&bdt=662&idt=259&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7006574434595&frm=20&pv=2&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=327

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kohlsfeedback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:12 GMT
expires: Tue, 07 Feb 2023 01:52:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4256 93 KB
33 KB 705ms
691ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=2405117892&adk=1414024204&adf=3816439326&pi=t.ma~as.2405117892&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732424&bpp=19&bdt=675&idt=337&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Q88rQF619e&p=https%3A//www.kohlsfeedback.org&dtd=354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cfeef810b8651c42026064acdce971e0c71e8b5e70b391da543c021b44b2d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kohlsfeedback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33597
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:13 GMT
expires: Tue, 07 Feb 2023 01:52:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D78B 23 KB
10 KB 576ms
574ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=9877533368&adk=3943937697&adf=310585067&pi=t.ma~as.9877533368&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732443&bpp=3&bdt=694&idt=377&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WVu6WLn2AZ&p=https%3A//www.kohlsfeedback.org&dtd=390

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1abe28c52bb41c1d39124de9dbab7b2e03dc579dca8e9d976fe00188bd6b4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kohlsfeedback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10071
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:13 GMT
expires: Tue, 07 Feb 2023 01:52:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame D78B 3 KB
1 KB 42ms
7ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=9877533368&adk=3943937697&adf=310585067&pi=t.ma~as.9877533368&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732443&bpp=3&bdt=694&idt=377&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WVu6WLn2AZ&p=https%3A//www.kohlsfeedback.org&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 07:43:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame D78B 18 KB
8 KB 39ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 07:43:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D78B 157 KB
49 KB 72ms
29ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:52:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D78B 0
0 36ms
35ms Fetch
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFjyQzK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoEzQFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-KNlGVvjdmT-J3pCxvwHmr0DGZiXzmeyxynHJUe5gX6AHz7WbWGgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MDQ4MzU2ODcwMzI0NTkxGAA&sigh=PNhpIdydc6E&uach_m=[UACH]&cid=CAQSGwDUE5ymYL4dFQPpMd_jX3pB3lyBaFICGkBajRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=9877533368&adk=3943937697&adf=310585067&pi=t.ma~as.9877533368&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732443&bpp=3&bdt=694&idt=377&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WVu6WLn2AZ&p=https%3A//www.kohlsfeedback.org&dtd=390
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 01:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Feb 2023 01:52:13 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame D78B 0
0 83ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kK_oEs36RPwHmALiIp0XAgAAAKpQWsOMO1F1EMyu4WP6q4DvgjW_F-wFGAASAAAKDkFRVUJDZ1lEQ2dFQkNn&wp=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 273868
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D110 169 KB
50 KB 160ms
130ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w&u=%7CZt%2BhYCco7pYI74mn8qc%2BOSm%2FYF7MWVqLfOjrhDGrngU%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%26client%3Dca-pub-8048356870324591%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

efa1d8894473d998e0611db9f46b5cd5183f482e46ca745f4c06493ede884f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=jsgF1hjFenPAplCukN5A2swfB2EO8OQrKc7-a6izRrwUXvS7XqqKUmLMDVlzbgMpb0g0bXUnRxpIoDdEPsMNHJ9jqg00q4txV-ewaxCAwpq6_posRWN1la2qO_23Zjv7gBTxNll3QUmAtv-EXVkDO184GEG9utMH34N7eK6wiCvAvxXLXlYOEfySgDcIe581Zhv6su9sMTRsiAhX-fI7ukFxF9vNll1YR7dnOjsV8XQ5Oof_Pclnx8usgzwtbx1lFy5gTF7daYeML-tg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 112870829
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame D78B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa4db9e50b500cac215f26fdc57a27b10671faa383d17c17f3f16db8027d09c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 4256 9 KB
5 KB 33ms
6ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=2405117892&adk=1414024204&adf=3816439326&pi=t.ma~as.2405117892&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732424&bpp=19&bdt=675&idt=337&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Q88rQF619e&p=https%3A//www.kohlsfeedback.org&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 06:33:40 GMT

GET
H2 200 513af9d1b5a543ad9a698bccda73537c.js Show response
www.gstatic.com/mysidia/ Frame 4256 10 KB
5 KB 34ms
7ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/513af9d1b5a543ad9a698bccda73537c.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16bf67d722df8b74057a0935af2ef35fb6d7bc219cd5715df9b7d644cea16a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4624
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 May 2023 21:22:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4256 8 KB
1 KB 70ms
28ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 01:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 00:29:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 01:52:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 4256 2 KB
765 B 14ms
9ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 07:43:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 4256 22 KB
9 KB 8ms
6ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9012
x-xss-protection: 0
server: cafe
etag: 10578598109654303351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 07:43:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 4256 3 KB
1 KB 8ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 07:43:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 4256 18 KB
8 KB 9ms
7ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 07:43:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4256 157 KB
48 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:52:13 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 4256 33 KB
14 KB 11ms
9ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 16:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 16:40:01 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D110 2 KB
1 KB 60ms
10ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w&u=%7CZt%2BhYCco7pYI74mn8qc%2BOSm%2FYF7MWVqLfOjrhDGrngU%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%26client%3Dca-pub-8048356870324591%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:13 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D110 2 KB
1 KB 62ms
15ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D110 308 B
636 B 46ms
16ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 02 Feb 2024 01:52:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D110 293 B
621 B 42ms
13ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 02 Feb 2024 01:52:13 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame D110 2 KB
3 KB 60ms
5ms Script
application/javascript 2600:141b:5000::b81d:8faa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=1020x280
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w&u=%7CZt%2BhYCco7pYI74mn8qc%2BOSm%2FYF7MWVqLfOjrhDGrngU%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%26client%3Dca-pub-8048356870324591%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81d:8faa New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 01:52:13 GMT
X-GUploader-UploadID: ADPycdtwPDxuLTYFgtxrxMD7MwKY6vv4KixRMn5uGZFIRtpN7Y5NEOHPWM9Zn1NNLJd2lpis9Gw-OJGi4Qydfrwe7Htlbg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 1922
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
Server: UploadServer
x-goog-meta-previous-generation-number: 1673253614982549
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control: max-age=86400
x-goog-stored-content-length: 1922
Accept-Ranges: bytes
x-goog-meta-pipeline-id: 742670731
Expires: Wed, 18 Jan 2023 14:01:15 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D110 8 KB
4 KB 62ms
7ms Script
application/javascript 2600:141b:5000::b81d:8faa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w&u=%7CZt%2BhYCco7pYI74mn8qc%2BOSm%2FYF7MWVqLfOjrhDGrngU%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%26client%3Dca-pub-8048356870324591%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81d:8faa New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1edc80568d0972c5618833ef3f8098adf77563deb261f335679c4458a31fe821

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 01:52:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Feb 2023 16:07:24 GMT
Server: Microsoft-IIS/10.0
ETag: "0c623ef7b39d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3337

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D110 43 B
348 B 65ms
15ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=1OVpYcal2szQIPBKfCmByVFNlJr5tXOGTRTDzWFtmKGDdw6qr5XU28HhEv427p2qmEH6uWVuFyO716AlgWV_REzs9l9BUWyTSfwQz5T5YJPAApt3NEINgUi9qdy4NdeQyZexGnDyQseONiiLXqN63NEtBxA5qQZ1gCMqsLMf4sNInGfkj243TaKumzcjcFJddCAo-p3JZgYQ18M_UII3Wd_wJyOnhe0AxxjbWw9BsumqUj4UaJWm-3qtGuimIp5zi_kkxsJWc1Xy6rj6myR-Ee0CjkyU_iKJX6FRDqQ6a1VZAcOKXx2WZw02km_7LqpYvdIXWryIiRiDaSnTo5hwDys7WPWbNOQTwJFt-4UHSYpYa_x-cDwOsPpBLP5fIOD53BBPK9hO7wxhdQ0udmB3MrJiwTmp2Hm5ZkhXGkMyCW4PGJ_F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 01:52:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3730233
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame D110 43 B
582 B 122ms
25ms Image
image/gif 2600:9000:24eb:4c00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=63e1aecdae559f71c4398c29645db5a8&col=308271,0,0,0,11120203,63e1aecdae559f71c4398c29645db5a8
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w&u=%7CZt%2BhYCco7pYI74mn8qc%2BOSm%2FYF7MWVqLfOjrhDGrngU%3D%7C&c1=TUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%26client%3Dca-pub-8048356870324591%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24eb:4c00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 01:52:13 GMT
via: 1.1 db40f991203b1c080f632e25ccc81bd2.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: BOS50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: yYiHgKVPdbw66iI3R74ivi32NBg-4zXBdFKP1CcpxzV7veLbU-QkHA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

B29214310.358196926;dc_pre=CPLqraymgv0CFcRFcgodlCgMWw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c29645db5a8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame D110
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c29645db5a8;dc_lat=;dc_rdid=;tag_for_ch...
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPLqraymgv0CFcRFcgodlCgMWw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c2964...

42 B
118 B

40ms
38ms

Image
image/gif

142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPLqraymgv0CFcRFcgodlCgMWw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c29645db5a8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?

Requested by

Protocol

Server

142.251.40.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 01:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Feb 2023 01:52:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B29214310.358196926;dc_pre=CPLqraymgv0CFcRFcgodlCgMWw;dc_trk_aid=549043976;dc_trk_cid=186144873;dcopt=anid;ord=63e1aecdae559f71c4398c29645db5a8;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4256 0
0 36ms
35ms Fetch
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Clei3zK7hY9POMqvR0_wP_seniA2Rr6robsrdvsqVEcXSppKNDhABIMO_j3tgycapi8Ck2A-gAeGmj9woyAEBqAMByAPLBKoE2AFP0ExDFVPx1erWbOQlRU60nHPLgRHO9EUCrWifcmmJ8G_rvOg5Ldot_-MRU34r16J0oVmVB2637Zwaux1_16SiyYNKv0MuY9kiGd7FytuEeoI2hp0I9ux_Ifki0suRh6-xAB9mVHeJtNQ1_rggz9Pk_OG8XAeHM01t8dR9cW1njkl70ziPPmF-6wIMjoyvf0QY_GDCkvQG9t31QLP1bt6jjrLg1SnbhG2izKRqydB5JZRN6-srvRQfxyV483IemaDHEjQIT_D2OwDCLSAoyW-zqS2bZ8QmMJXABKHlm_ucBJIFBAgEGAGSBQQIBRgEgAfWs-qEBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJegB9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MDQ4MzU2ODcwMzI0NTkxGAA&sigh=wdOLyxHJ6Ls&uach_m=[UACH]&cid=CAQSGwDUE5ymacmDri_Qmff0A8z78AHjpAiq2VrEjxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=2405117892&adk=1414024204&adf=3816439326&pi=t.ma~as.2405117892&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732424&bpp=19&bdt=675&idt=337&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Q88rQF619e&p=https%3A//www.kohlsfeedback.org&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Feb 2023 01:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E7B 143 B
166 B 7ms
5ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=2405117892&adk=1414024204&adf=3816439326&pi=t.ma~as.2405117892&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732424&bpp=19&bdt=675&idt=337&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Q88rQF619e&p=https%3A//www.kohlsfeedback.org&dtd=354
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:31:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4256 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 799c482e0e73905fdac13f9980f73fb7d36519f2af63675bb6166fc3f439fead

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame D110 57 KB
19 KB 17ms
17ms Script
application/javascript 2600:141b:5000::b81d:8faa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&dvregion=0&unit=1020x280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81d:8faa New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 01:52:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4256 28 KB
28 KB 189ms
4ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:32:03 GMT
x-content-type-options: nosniff
age: 328811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 06:32:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E7B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
32ms

Document
text/html

2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:14 GMT
expires: Tue, 07 Feb 2023 01:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame D110 444 B
552 B 169ms
32ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_285295127677&jsTagObjCallback=__tagObject_callback_285295127677&num=6&ctx=13846930&cmp=29214310&plc=358196926&sid=1340728&advid=&adsrv=&unit=1020x280&isdvvid=&uid=285295127677&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=109&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=4&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%409%3DD7665324%3C%5D%40C8Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&dvp_exetime=10.50&callbackName=__verify_callback_285295127677
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: d41f987dc528400b79ef0e3f50621a7a7e82f82d712911eecd70a3f4eedb0bf3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 01:52:14 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/06/2023 01:52:14

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame D110 0
234 B 48ms
31ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=b4dd238d6c0d4ca49c302eb907a93f06&vfdur=174&cbust=1675734734208252
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 07 Feb 2023 01:52:14 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 02/06/2023 01:52:14

GET
H/1.1 200
OK dv-measurements3503.js Show response
cdn.doubleverify.com/ Frame F067 558 KB
107 KB 5ms
4ms Script
application/javascript 2600:141b:5000::b81d:8faa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3503.js
Requested by: Host: www.kohlsfeedback.org
URL: https://www.kohlsfeedback.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000::b81d:8faa New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b58a8697cf2fabf46891603b7cf9346ad4dc5b164631b3664c64f63db8a47c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 01:52:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Feb 2023 12:17:59 GMT
Server: Microsoft-IIS/10.0
ETag: "80758fe25b39d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109224

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame F7D7 36 KB
14 KB 15ms
14ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 14:49:06 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame D110 2 KB
842 B 19ms
4ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame D110 2 KB
841 B 27ms
6ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D110 12 KB
6 KB 20ms
13ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame F067 694 B
705 B 164ms
35ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=280&ttfrms=70&brid=3&brver=109.0.5414.119&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C%409%3DD7665324%3C%5D%40C8Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=258&ddur=88&uid=1675734734558813&jsCallback=dvCallback_1675734734558195&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=1020&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3503&tgjsver=3503&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DY-GuzAANJrEH4_ENAA2wtXhBsCD8gGRhFybj3w%26u%3D%257CZt%252BhYCco7pYI74mn8qc%252BOSm%252FYF7MWVqLfOjrhDGrngU%253D%257C%26c1%3DTUPLs6ok1Ijt5o8rV9_n7MYRYrKQT66mXkvYDtvVwxeRyGoHTHxmvUVIOYZSGisAgWf2QBA45XvouVgguVFcGBbd18BZRO7Qb6LDgY4yTJl-uDZWFgwI5Vp5BUL7QkDbofWCS2qt8zoEao4WpP9dLICx2CYXQuk589uG1xuqaIpDaF0lyF8hMycK7PMb1pKJH_1mSGvFlCDKwuPt7gfPYOnvaKceIpHDNOR1X9hFNs2G_iGzKnJTGGWMadzdn9eG2YL-JYN_ewNEkHApCdh_844zIV80B7MD-Q2Mu3BhyajPwEpDJn-kMm_zPsV5u6a6iC2moNH9xe7w2n7qDEmEqODMAmJAB--6eOE5eQp_ll7yP9imkCNPLuv9j66K3DmPj5dp1-Uo6IHGedgh2jIc0Va1LVuRNINNs37GanfG1Gae1f_Q4hfmysPnMuJjn3qTDAA8WJZEhGiki25Z3dcvQzOUCi1JaRvr_ojN5TRUbfCil6zZUiZ-0Oj8YR_uIsu3WE-IAXEfUtDV7e8jEO98BYEFKHKC5RBdgcPefheVFoDfYA5qjzQd_wBPjHzkdLxO7zPLAmOMStTI07_j-LOQY0tjIV97MV2nWqd6Ya-ivD8pI2z3fwWqguq95fg799qA8_T5q5osAds%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCb1q-zK7hY7HNNI3ij-8PteG2uA2cge-wXMqmqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODA0ODM1Njg3MDMyNDU5McgBCagDAcgDAqoE0AFP0De8yW8X1DddXg3MqL8lWGxQMAQcI87gDXrUS0wIrVS5oi9YdGi7X5nDPmjLykhCLJTwsnztNdVN7zfCDx9EzhiVV0g4DVQhtxHj8buWlj4g98kzAPrWenZGxwTRQ2WB7VAN0k-pmpiNaXZ1EScxNuiGMuCi30ZxOf9yFsIrb7tey9Fesc7-XVdC4imWmty9ydm2sV4EXrL17q5y9tAMU218FOSWS-LPlkX9Jisa-F5gZpcbZOM3u1pKVheGD4dUZhzXWBvWGNUtyLVFswulgAaIoeX7lpGR2HqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_14KXQ9lfDwPIYfuQt2b-24rG7Kig%2526client%253Dca-pub-8048356870324591%2526adurl%253D&fcifrms=4&brh=2&sdf=2&dvp_epl=258&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=29214310&sid=1340728&plc=358196926&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=3219420182.3014283&dvp_tukv=284665460962.0919&dvp_strhd=1.0999984741210938&dvpx_strhd=1.0999984741210938&dvp_tuid=1185369013654&jurtd=1338590798
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3503.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: b1e6c4f100847188e5488a68e5af0eb87873cbfa474b4ed28f26802c83b80ab1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Feb 2023 01:52:14 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/06/2023 01:52:14

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 5 KB
5 KB 208ms
21ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2F2bae0630a27c46a094683d10c9b6171a_logo_dark_horizontal.png&v=3&w=196&s=vFXArujfftNswEVUCKnNsMyj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

89ab70a5aa94a7fc9b531da399ce047377f44a4ef2e2296c07a317e6a7efdba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=27655832
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5095
expires: Sun, 24 Dec 2023 04:02:46 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 465 KB
466 KB 271ms
84ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=1200&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F230105%2F2b3f67a866874831a0e08ab1983c5f8c_img_horizontal_2.png&v=3&w=1200&s=wtMA2KklxtzjpqNza1T8cr5W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1098bd64284adbde06c3c33ccf74c961fb7672c23de7b266170cad8f3fc8bb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28301213
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 476630
expires: Sun, 31 Dec 2023 15:19:08 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 20 KB
20 KB 198ms
12ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F21641162_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=f_pW043kI_UGFmYRBGWYsikS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

879b1d16e45535e618dea546565031c059b57be0c748f425bef727931d641ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2405607
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20428
expires: Mon, 06 Mar 2023 22:05:42 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 4 KB
4 KB 214ms
29ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F3964370_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qsmiVROZW5EhmTwONnZzY6cA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

3417958dcea2b652155f72d4f7c5f134ba7a127288459b6a0ed332432d56a196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1789987
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4002
expires: Mon, 27 Feb 2023 19:05:22 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 5 KB
5 KB 212ms
28ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F22308094_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ehELgBDrXS9etREIj_a2fcek&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

fd0313aeb1af1ee35700660df7b51e3bd1b874d7d8ada7563362a5e011d02736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5372
expires: Tue, 07 Feb 2023 01:52:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 5 KB
5 KB 246ms
62ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F8435666_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=-a--tCck9VrXJH4bbY7xM8gZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

441b2d8cf2cab3fb8e20352fe2384afe96393e7586bbee58029d9999818c67c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2578921
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4622
expires: Wed, 08 Mar 2023 22:14:16 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 11 KB
11 KB 147ms
81ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F1%2Foptimized%2F21916671_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=oH3YWhgsSa7L-jsrjuscEYvL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b6e95057b5020c60f030c67a4416697da637520329320a77864135767b096616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1884628
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11170
expires: Tue, 28 Feb 2023 21:22:43 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 7 KB
7 KB 123ms
97ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F22330478_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=tL3-0pCQleVazugg8yBD7YXE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

4b3f4766397fb05e98932b7a034b9f8295a4a149673e869bb235f959f25b1323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1603794
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7130
expires: Sat, 25 Feb 2023 15:22:09 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 9 KB
9 KB 105ms
79ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F17887437_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=itFDPtDG4J0jPznnVadpvBQD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

24360abd0b36cc256e7688fd39458fdd25e888104092148ef1ca09569ce03512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=481166
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9396
expires: Sun, 12 Feb 2023 15:31:41 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 11 KB
11 KB 111ms
85ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F22336499_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=1vXjoHDwsI1yUrNsknglAkH2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

d3670f11562c7124a397523ac25a53868d235a6fe9b75e6f7653388a2e551962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1000156
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10966
expires: Sat, 18 Feb 2023 15:41:31 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 10 KB
10 KB 109ms
83ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F22772802_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=7iwoOrd0k1fUyFrKOD_0MYUx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

52a0debc9e09b7acd58615bfb073fddd4d3ebf555a25c8b309a7eb813b8425ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2403551
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10458
expires: Mon, 06 Mar 2023 21:31:26 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 23 KB
24 KB 120ms
94ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F22025376_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=qBM1BUPgvYZ3behb-AiD9Tu1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

99c0a1b8bfd854ba091718cedf6e677018b1484d17bc128dce2bc7c19ced03b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=395685
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23880
expires: Sat, 11 Feb 2023 15:47:00 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 13 KB
13 KB 108ms
83ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F8097620_fpx.tif&v=3&w=400&s=wxGm7cSOGilnOfW32WehvvJP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

bc025c7bc7be5d631f413a1d82e911791b3fa35ece10158edbcd164842d013b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2325427
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12918
expires: Sun, 05 Mar 2023 23:49:22 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame D110 5 KB
5 KB 113ms
87ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F8%2Foptimized%2F22069573_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=EC2TRRYvF0vkGlJJyNbr7aaQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0f86ed28cf3d75b7870393bf85a2af9491d0bf5b5313f7c9c7ff91f4736247ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1800179
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4878
expires: Mon, 27 Feb 2023 21:55:14 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D110 0
128 B 164ms
12ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=jsgF1hjFenPAplCukN5A2swfB2EO8OQrKc7-a6izRrwUXvS7XqqKUmLMDVlzbgMpb0g0bXUnRxpIoDdEPsMNHJ9jqg00q4txV-ewaxCAwpq6_posRWN1la2qO_23Zjv7gBTxNll3QUmAtv-EXVkDO184GEG9utMH34N7eK6wiCvAvxXLXlYOEfySgDcIe581Zhv6su9sMTRsiAhX-fI7ukFxF9vNll1YR7dnOjsV8XQ5Oof_Pclnx8usgzwtbx1lFy5gTF7daYeML-tg&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 01:52:14 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D110 2 KB
1 KB 34ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D110 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D78B 42 B
174 B 37ms
34ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyou5vb_JbXSvfya6pnscD47hEz9Dtw_0QuSqj0SGQRL_sPRpikkFdT8CA_XDnzsihRQ36_zVXcU1H19nQUOHWnLU&sig=Cg0ArKJSzBUAZXMFjImVEAE&id=lidar2&mcvt=1160&p=0,0,280,1020&mtos=0,1160,1160,1160,1160&tos=0,1160,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&vu=1&app=0&itpl=20&adk=3943937697&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675734732836&rpt=789&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 01:52:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame D110 15 KB
16 KB 56ms
16ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame D110 15 KB
16 KB 52ms
23ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Feb 2024 01:52:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 30ms
30ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230202&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e2f8cc876e5eb4b8db3e58524d18740b6927228351087ab51ce90194698302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11133
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js?bust=31071886

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:52:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF91 13 KB
5 KB 6ms
5ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kohlsfeedback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 151779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 07:42:36 GMT
expires: Mon, 05 Feb 2024 07:42:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D9BF 783 B
968 B 26ms
24ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0cf2dbc4f6b9e73983b0ed07a46d3cb7f7ed317838e2fdcdb47d712bdb3148d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9jD2dZgqy8WlLprdXjwegQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kohlsfeedback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-9jD2dZgqy8WlLprdXjwegQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 01:52:15 GMT
expires: Tue, 07 Feb 2023 01:52:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D9BF 0
0 26ms
25ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230202&jk=1046857718186641&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame EF91 36 KB
14 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 14:49:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4256 42 B
64 B 29ms
28ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzImELG7wU61i4IMwijpSbdLSVhW4eAey7kyGYBuj7BxknaVA9gkMB9XjIoRb-GOq_LHy5_ejiWXZZpJw0bSmRz34-8nLweJlzk_ReXgKL56wTNzyxRaYqKWuypwybEsghiWk&sai=AMfl-YSdcvisHQ-r59H3rS12WXd_uSCpEmpiGvZdI7mzoAj4igVLzZ9d6sfTAnx4qn-UXfJh4G9tk0l9rv9x&sig=Cg0ArKJSzId5D1cgmuzEEAE&cid=CAQSGwDUE5ymacmDri_Qmff0A8z78AHjpAiq2VrEjxgB&id=lidar2&mcvt=1012&p=0,0,280,1020&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1414024204&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675734732781&rpt=1610&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 01:52:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EF91 0
10 B 14ms
10ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NdCqDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:52:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.us.criteo.net/ Frame D110 0
127 B 11ms
10ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 01:52:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 31ms
30ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230202&jk=1046857718186641&bg=!gIOlg8fNAAaq5O5FiuQ7ACkAdvg8WjopNBzSR6ysk-20iLztOEf8pGeGVqmgHv_iX29p75Etz2BFtQIAAACeUgAAAARoAQcKANDxUnEOoQzETHoMog-4PzlL4ooB_tbV9G84gzoNguPbo-doNfr9KBx2GQcjcz60bVdEOlGgDyQJjDWFQCBj1ar-6i8lWfmmQF4kSBaUxg23D3FqfPfCnqMpK5kGxuWVCCtUU6FhFe61j0zaDvr5VAIirggrt07qXhLox0QDlejlyPvX_N483_zZVndTKQ7d_n09VBH0uJ59lCntTOjlbmPZnlCNpcTswunAIs5t7aX8teYe7dnmmHpORVfWu369TnDzFrtD3VK00seyjuV7-soumQKtSCMvRc3osx739PaFukaDhynOg7JzzXF1EhSoPE28q7q5ja-zOGHIlCHZaHe1vgfQu5bb7-lS6s5U3XjYV2TnMsB0XdDLmi5BwWMmNIT-Yw_LMzLL_MXTVPuiD9tJb2BxGIADWeqg6yMMYKe_mgoHiYMWKQCWJi2Eqo--F7W8sivIFrPdRFtGczvjSIsXdjR37LoyfvR-1Uy0u5xdkKCpCxqX-no5hcPWQyghJmA8lyvcD-IMNIe1x6ZrgBICVV6YsNBKk3PDs4Z3o3FUiOAJaDgcK29nbQIn6NMwoXQRRofGRC-_x8pslKaWknBwlHmCRBa5lbc58sKtTXswTby8t3Jm2dI0kYBRMR7Omp7JA3Wc7qIYYWMNCTAb5frE4BIznr6IsL_upyGVFkQ666TM3-S8i-P_XMGIW7MvD8Bv2Aqwf25e_oivucpvP98J1JAcqyqTzzcSJ1DcSO-YUYrAbwU73_T33Zdecy0c7J1r3UiU6maCo3SPjlpW27NhgltaUWsuElaPTBdJ3b3Elf4GssJ1BKiKCY6DkBy6To3Sx6cpGga-m-W1cdHG1-kIdZQaIwuLhTA-rrzHNzzpDUalm_OV042Rk3n-M7TmBI2mUeiYGTBJZceKzRIjdHNOaizv1sEvrrZ87u1LEtzK8Amj33bpwYcLShprfvKbkFu0GAOCBtlI1YwWpaycfMyXTLUQUY2hqDvA0QjPsyPtGxgPEtcVZsJwLl-TsW1gSmSGN0UKtxcGFjgumbfl9dT2Zqmz7IaBNNkSEeJC80RHI8s0eES1qL2gv42K8BaNCmLWW-WEEieKNYVfH7ZGM8ZlW7pytrRu_maump25AdEmDB77VnuJ_Dys4kxZRDJ9nsTWyJkITY44LkDig7gc5hzkJhz1R44dZCWkNrUAVZBKhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.kohlsfeedback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kohlsfeedback.org/	1970-01-20 18:50:30	Name: __gads Value: ID=8f07d6fc9dcb2ab3-22952be5e7da0023:T=1675734732:RT=1675734732:S=ALNI_Ma5EZzl0LO-qtzvcBGXk9ByXOZjnA
.kohlsfeedback.org/	1970-01-20 18:50:30	Name: __gpi Value: UID=000009a3afff571b:T=1675734732:RT=1675734732:S=ALNI_Mbzdqsf5RCUJdnLJhitQqUC6kCQKg
.kohlsfeedback.org/	1970-01-20 18:14:30	Name: _jsuid Value: 45971461
.doubleclick.net/	1970-01-20 19:04:54	Name: IDE Value: AHWqTUnWws0UECsJyvFqsWVYpuXeAPduPV55La-fTFLYabV8jw41a6cPdtYGG5SOPYg
.doubleclick.net/	1970-01-20 09:28:55	Name: test_cookie Value: CheckForPermission
.agkn.com/	1970-01-20 18:14:30	Name: ab Value: 0001%3Aao3qW6%2BuhsyZUT0sOG23OYO30N2nAAS9
.agkn.com/	1970-01-20 18:14:30	Name: u Value: C\|0AAArdGtNK3RrTQAAAAAA
.doubleclick.net/	1970-01-20 09:28:58	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8048356870324591&output=html&h=280&slotname=9877533368&adk=3943937697&adf=310585067&pi=t.ma~as.9877533368&w=1020&fwrn=4&fwrnh=100&lmt=1675715359&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.kohlsfeedback.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675734732443&bpp=3&bdt=694&idt=377&shv=r20230202&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1020x280&nras=1&correlator=7006574434595&frm=20&pv=1&ga_vid=1919212417.1675734733&ga_sid=1675734733&ga_hid=1424611458&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=964&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071886%2C31071948%2C44779793&oid=2&pvsid=1046857718186641&tmod=766614934&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WVu6WLn2AZ&p=https%3A//www.kohlsfeedback.org&dtd=390 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.us.criteo.com
adservice.google.com
cat.va.us.criteo.com
cdn.doubleverify.com
csm.us.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.getclicky.com
kohlsfeedback.org
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
static.criteo.net
static.getclicky.com
tpc.googlesyndication.com
tps.doubleverify.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.kohlsfeedback.org
142.251.40.230
198.145.13.11
2600:141b:5000::b81d:8faa
2600:9000:24eb:4c00:19:fc2c:a140:93a1
2606:4700:3035::6815:5209
2606:4700:3037::ac43:a785
2606:4700::6810:a010
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::200a
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
34.117.228.201
74.119.119.147
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0cf2dbc4f6b9e73983b0ed07a46d3cb7f7ed317838e2fdcdb47d712bdb3148d3
0f86ed28cf3d75b7870393bf85a2af9491d0bf5b5313f7c9c7ff91f4736247ed
1098bd64284adbde06c3c33ccf74c961fb7672c23de7b266170cad8f3fc8bb25
16bf67d722df8b74057a0935af2ef35fb6d7bc219cd5715df9b7d644cea16a90
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
1cfeef810b8651c42026064acdce971e0c71e8b5e70b391da543c021b44b2d58
1edc80568d0972c5618833ef3f8098adf77563deb261f335679c4458a31fe821
24360abd0b36cc256e7688fd39458fdd25e888104092148ef1ca09569ce03512
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
30268dff19086ac3adf5588f0d30141a5ee00c194e0b857f25288c0a8ae9bc40
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3417958dcea2b652155f72d4f7c5f134ba7a127288459b6a0ed332432d56a196
38fe3259ea7beb28f8f8245e808815b186c9c11e5ec68c2f04466223c12792b8
441b2d8cf2cab3fb8e20352fe2384afe96393e7586bbee58029d9999818c67c8
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b3f4766397fb05e98932b7a034b9f8295a4a149673e869bb235f959f25b1323
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52a0debc9e09b7acd58615bfb073fddd4d3ebf555a25c8b309a7eb813b8425ac
53a712b49b68b9a4554dd3b150b8be3ed4d31f589d5fcf1056162690cda6375d
543a36a04476b381281f0452f08b8885a7b8d99cfc45f8a03079d72e8b9a9542
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b677a339d7c95008416c703381e19df0c5d4021c627116b9b8c269ec99fe5c
5bcc09ef3ece4460a44b358be3fd383560cc86a039ea27d14d0d7eef2a2fe914
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
77d65299a6a0dd7165162e9e51005bcb2c7db7250b04c1ae4058d26e497070f8
799c482e0e73905fdac13f9980f73fb7d36519f2af63675bb6166fc3f439fead
79a210af67d20147544995aa119a2c9df9ad52a28460bbf33a1c2d81626183c1
7b58a8697cf2fabf46891603b7cf9346ad4dc5b164631b3664c64f63db8a47c2
7dfd0cc0bc2c551f9779249efaac0a586b85fa33f11f5b3cbda5093a01ea3e42
85e2f8cc876e5eb4b8db3e58524d18740b6927228351087ab51ce90194698302
879b1d16e45535e618dea546565031c059b57be0c748f425bef727931d641ec2
87d45231e592233b5cef6fca48bbe181d9acb6cc2501a3050bb1232214a2bb83
89ab70a5aa94a7fc9b531da399ce047377f44a4ef2e2296c07a317e6a7efdba5
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
99c0a1b8bfd854ba091718cedf6e677018b1484d17bc128dce2bc7c19ced03b8
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1abe28c52bb41c1d39124de9dbab7b2e03dc579dca8e9d976fe00188bd6b4f3
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b1e6c4f100847188e5488a68e5af0eb87873cbfa474b4ed28f26802c83b80ab1
b6e95057b5020c60f030c67a4416697da637520329320a77864135767b096616
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
baaef2c3a50c4615dfb2373ab00a4eb7c3ad7b1abc938d712d0808ccea8aff53
bc025c7bc7be5d631f413a1d82e911791b3fa35ece10158edbcd164842d013b8
c225077320e9ccf05088de3f5b88a366e88468de5d7608d725ab64e6b5a52edc
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3670f11562c7124a397523ac25a53868d235a6fe9b75e6f7653388a2e551962
d41f987dc528400b79ef0e3f50621a7a7e82f82d712911eecd70a3f4eedb0bf3
d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53
daa4db9e50b500cac215f26fdc57a27b10671faa383d17c17f3f16db8027d09c
daaf49e864ef26b3d96facbac942ba5ce3cdcc6f5c8fea7828cc000cd770626b
dd14831f3a64217213c137445777af7a26c09c35c28b4b0df6514a785d9f1e96
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef269fc9179b06c6fcdca3c656152e90a7fb7e9b32201bc4d030da86242ae1f7
efa1d8894473d998e0611db9f46b5cd5183f482e46ca745f4c06493ede884f01
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f57979fe83371aff400631200457db6489ab3b935094cd6421a1aa3fd8ea5963
fd0313aeb1af1ee35700660df7b51e3bd1b874d7d8ada7563362a5e011d02736

www.kohlsfeedback.org Open in urlscan Pro 2606:4700:3035::6815:5209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

83 %IPv6

13 Domains

26 Subdomains

24 IPs

1 Countries

1419 kBTransfer

3116 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kohlsfeedback.org Open in urlscan Pro
2606:4700:3035::6815:5209 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

83 %
IPv6

13
Domains

26
Subdomains

24
IPs

1
Countries

1419 kB
Transfer

3116 kB
Size

8
Cookies

89 HTTP transactions
7 data transactions