floraspring.com Open in urlscan Pro
198.7.56.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://purehealth.ontralink.com/c/s/uZ9/se5pH/6/k3C/4mH/69pzx0/vieredIP9P/P/P/sx
Effective URL:
https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=...
Submission: On February 16 via manual (February 16th 2022, 2:34:46 am UTC) from US — Scanned from DE

Summary HTTP 117 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 58 IPs in 6 countries across 54 domains to perform 117 HTTP transactions. The main IP is 198.7.56.175, located in Beltsville, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is floraspring.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 20th 2021. Valid for: 3 months.

This is the only time floraspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.170.211.179 209.170.211.179	13649 (ASN-VINS) (ASN-VINS)
1 1	207.148.2.105 207.148.2.105	20473 (AS-CHOOPA) (AS-CHOOPA)
1 1	144.202.19.192 144.202.19.192	20473 (AS-CHOOPA) (AS-CHOOPA)
12	198.7.56.175 198.7.56.175	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	52.217.73.126 52.217.73.126	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:803::2008	15169 (GOOGLE) (GOOGLE)
2 2	18.185.185.183 18.185.185.183	16509 (AMAZON-02) (AMAZON-02)
1 1	3.127.251.158 3.127.251.158	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.225.250 52.222.225.250	16509 (AMAZON-02) (AMAZON-02)
1	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.66.112.126 18.66.112.126	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
4	104.126.37.144 104.126.37.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	18.192.108.151 18.192.108.151	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:8c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:402... 2a00:1450:4025:402::9a	15169 (GOOGLE) (GOOGLE)
2	3.218.71.8 3.218.71.8	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
14	2606:4700::68... 2606:4700::6810:e91b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	34.107.158.93 34.107.158.93	15169 (GOOGLE) (GOOGLE)
5	35.190.27.197 35.190.27.197	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:d... 2600:1901:0:df23::	15169 (GOOGLE) (GOOGLE)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	54.75.128.113 54.75.128.113	16509 (AMAZON-02) (AMAZON-02)
2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223f:f400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.194.224.200 18.194.224.200	16509 (AMAZON-02) (AMAZON-02)
1	52.31.239.78 52.31.239.78	16509 (AMAZON-02) (AMAZON-02)
1	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.158.142.136 35.158.142.136	16509 (AMAZON-02) (AMAZON-02)
1 2	52.208.147.243 52.208.147.243	16509 (AMAZON-02) (AMAZON-02)
2 2	52.1.89.185 52.1.89.185	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:b51a:2bef:14:5241	14618 (AMAZON-AES) (AMAZON-AES)
1	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.127.158.112 3.127.158.112	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:7de5:38a9:e1be:23d8	14618 (AMAZON-AES) (AMAZON-AES)
1 1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
117	58

1 209.170.211.179 (Las Vegas, United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com

purehealth.ontralink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.148.2.105 (Dallas, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 207.148.2.105.vultr.com

safetrkthree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.202.19.192 (Atlanta, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.19.192.vultr.com

safetrkpro3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 198.7.56.175 (Beltsville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

floraspring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.73.126 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.185.183 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-185-183.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.251.158 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-251-158.eu-central-1.compute.amazonaws.com

rtb-eu.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.225.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-225-250.fra56.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-126.fra56.r.cloudfront.net

cdn.wishpond.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.126.37.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-144.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.108.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com

treach-tutters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.71.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-71-8.compute-1.amazonaws.com

www.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:e91b (United States)

ASN13335 (CLOUDFLARENET, US)

quick.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.158.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.158.107.34.bc.googleusercontent.com

stats.vidalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com

analytics-ingress-global.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

licensing.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.128.113 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-128-113.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.241 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:f400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.224.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-224-200.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.239.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.142.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-142-136.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.147.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-147-243.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.89.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-89-185.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:b51a:2bef:14:5241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.158.112 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-158-112.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:7de5:38a9:e1be:23d8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	vidalytics.com quick.vidalytics.com — Cisco Umbrella Rank: 209954 stats.vidalytics.com — Cisco Umbrella Rank: 150854	2 MB
12	floraspring.com floraspring.com	174 KB
10	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197 sslwidget.criteo.com — Cisco Umbrella Rank: 1671 widget.us.criteo.com — Cisco Umbrella Rank: 20189 dis.criteo.com — Cisco Umbrella Rank: 619	17 KB
7	bitmovin.com analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 41121 licensing.bitmovin.com — Cisco Umbrella Rank: 19646	1006 B
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 983 trc.taboola.com — Cisco Umbrella Rank: 571 trc-events.taboola.com — Cisco Umbrella Rank: 1715 sync-t1.taboola.com — Cisco Umbrella Rank: 1241	20 KB
5	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 796 ads.yahoo.com — Cisco Umbrella Rank: 835 ups.analytics.yahoo.com — Cisco Umbrella Rank: 269	2 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2190 tr.outbrain.com — Cisco Umbrella Rank: 1993 sync.outbrain.com — Cisco Umbrella Rank: 717	5 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 350	4 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1062	68 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 458 i6.liadm.com — Cisco Umbrella Rank: 1371	1 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 943	640 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 331	12 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 740 rtb-eu.mfadsrvr.com — Cisco Umbrella Rank: 78725	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 614 cdn.stickyadstv.com — Cisco Umbrella Rank: 2281	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	716 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 621	855 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1839	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	738 B
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 1741	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283	394 B
2	google.de www.google.de — Cisco Umbrella Rank: 6342	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	wishpond.com www.wishpond.com — Cisco Umbrella Rank: 49929	1 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 372	7 KB
2	wishpond.net cdn.wishpond.net — Cisco Umbrella Rank: 48336	42 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829 pixel.quantserve.com — Cisco Umbrella Rank: 374	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4387	2 KB
2	amazonaws.com s3.amazonaws.com	105 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 754	418 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2302	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 900	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 561	263 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1763	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1796	337 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	240 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 478	785 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 552	682 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1163	427 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	1 KB
1	treach-tutters.com treach-tutters.com
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	13 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1072	7 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1066	59 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	74 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	safetrkpro3.com 1 redirects safetrkpro3.com	872 B
1	safetrkthree.com 1 redirects safetrkthree.com	271 B
1	ontralink.com 1 redirects purehealth.ontralink.com	997 B
117	54

	Domain	Requested by
14	quick.vidalytics.com	floraspring.com quick.vidalytics.com
12	floraspring.com	floraspring.com
5	analytics-ingress-global.bitmovin.com	quick.vidalytics.com
4	secure.adnxs.com	3 redirects
4	gum.criteo.com	3 redirects static.criteo.net
4	analytics.tiktok.com	floraspring.com analytics.tiktok.com
3	dis.criteo.com
3	tr.snapchat.com	sc-static.net
3	stats.vidalytics.com	quick.vidalytics.com
3	tr.outbrain.com	amplify.outbrain.com floraspring.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com floraspring.com
2	pixel.advertising.com	2 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ups.analytics.yahoo.com
2	partner.mediawallahscript.com	1 redirects
2	idsync.rlcdn.com
2	licensing.bitmovin.com	quick.vidalytics.com
2	trc-events.taboola.com	cdn.taboola.com
2	sp.analytics.yahoo.com	floraspring.com
2	trc.taboola.com	cdn.taboola.com
2	www.google.de	floraspring.com
2	www.google.com	floraspring.com
2	www.wishpond.com	cdn.wishpond.net
2	s.yimg.com	floraspring.com s.yimg.com
2	cdn.wishpond.net	www.googletagmanager.com cdn.wishpond.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dev.visualwebsiteoptimizer.com	floraspring.com
2	rtb.mfadsrvr.com	2 redirects
2	s3.amazonaws.com	floraspring.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ads.yahoo.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	floraspring.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	floraspring.com
1	pixel.quantserve.com	floraspring.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	treach-tutters.com	floraspring.com
1	cdn.taboola.com	floraspring.com
1	static.criteo.net	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	e1.emxdgt.com	floraspring.com
1	rtb-eu.mfadsrvr.com	1 redirects
1	www.googletagmanager.com	floraspring.com
1	fonts.googleapis.com	floraspring.com
1	safetrkpro3.com	1 redirects
1	safetrkthree.com	1 redirects
1	purehealth.ontralink.com	1 redirects
117	73

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
partners.pineapple.co

Subject Issuer	Validity	Valid
floraspring.com cPanel, Inc. Certification Authority	`2021-12-20` - `2022-03-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
cdn.wishpond.net Amazon	`2021-10-20` - `2022-11-17`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
treach-tutters.com R3	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
wishpond.com Amazon	`2021-04-08` - `2022-05-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
quick.vidalytics.com Cloudflare Inc ECC CA-3	`2021-08-17` - `2022-08-16`	a year	crt.sh
*.vidalytics.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-04` - `2023-02-16`	a year	crt.sh
*.bitmovin.com Go Daddy Secure Certificate Authority - G2	`2020-06-02` - `2022-06-02`	2 years	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Frame ID: 32FFC4B96557FE4770F9391EAE326934
Requests: 84 HTTP requests in this frame

Frame: https://cdn.wishpond.net/storage.html
Frame ID: 33AA9308986AB9AB023F00BBF90A8D86
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag
Frame ID: 13A32E3F717981F45E008284EAEF9944
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cb973317-d0e8-4273-8280-d0607692ae5c
Frame ID: 15328D6B081964E099F5A96DC6781654
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=i1h5nYmbJMcmSLHFWRVfkbwwzbEHWduF
Frame ID: F7E58372812ECC48E5295F3CBAB50777
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Video - Limited Time Only!

Page URL History Show full URLs

https://purehealth.ontralink.com/c/s/uZ9/se5pH/6/k3C/4mH/69pzx0/vieredIP9P/P/P/sx HTTP 302
https://safetrkthree.com/?E=bCWc6WTZAh1KggyAp9embEIWO1ngp8g1&s1=0215ENR HTTP 302
https://safetrkpro3.com/?E=bCWc6WTZAh1KggyAp9embEIWO1ngp8g1&s1=0215ENR&ckmguid=54f7c6f1-1d12-4858-bd... HTTP 302
https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&cam... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

117
Requests

86 %
HTTPS

30 %
IPv6

54
Domains

73
Subdomains

58
IPs

6
Countries

2847 kB
Transfer

5742 kB
Size

73
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://vidalytics.com/?utm_source=Powered%20By&utm_medium=Player&utm_content=KwmJQD4K
Title: Powered by Vidalytics

Search URL Search Domain Scan URL

URL: https://vidalytics.com/contact
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://partners.pineapple.co/affiliate-signup/
Title: Affiliate Signup

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://purehealth.ontralink.com/c/s/uZ9/se5pH/6/k3C/4mH/69pzx0/vieredIP9P/P/P/sx HTTP 302
https://safetrkthree.com/?E=bCWc6WTZAh1KggyAp9embEIWO1ngp8g1&s1=0215ENR HTTP 302
https://safetrkpro3.com/?E=bCWc6WTZAh1KggyAp9embEIWO1ngp8g1&s1=0215ENR&ckmguid=54f7c6f1-1d12-4858-bdfe-6e43b7ec373d HTTP 302
https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://rtb.mfadsrvr.com/pixel?id=521041&type=img HTTP 302
https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img HTTP 302
https://rtb-eu.mfadsrvr.com/sync?ssp=emx&initiator=me HTTP 302
https://e1.emxdgt.com/put?d=d35&uid=30f340d0-74db-4cf4-a129-71cce0adb361

Request Chain 55

https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Mwu31Hx2Z3dwWFVyV0FvZWl5VStFSkZlQm1tRHh0UEdqc0RPRmlIMVdTSTY5RTZ4VXZFOHdiNGkxaExJcTJrakx4M1I4MVU0Uk8yZkFkblhpSmt0V1ovaktVN2trbitUcXlFL2pidTFhTUovS1lOSlRDcEpSekVsMHJPUXJXM0RKTmpsU05ZOENyM3BMYjBEVDV4RDhJM3kyUE8yclhvMk5vbmZPSjUvRjlFTkJtRm5NdXM5WXRYa1VUMFpJR1FGdnU1VGhObWdTMnFqQ2hrbWxTTThOdTVybmJINytYTjMrTXlJY2t2SFFXbXViVStpaGhwUndlVHJsOTMxK2JTdEpEbnpIWXN0bWEwZ0gzTkZhM0lZVEpodmRSZz09fA&cppv=2

Request Chain 57

https://sslwidget.criteo.com/event?a=77723&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJGT1B1eXMlMkYyZ1VETGQlMkJmTndsQWtMJTJGdlc2NEQzU0hlYXolMkJ0ZkElMkJsZnVubE5Vd3RHZWhsNDZNR1RJV05IWXFHV2Nvd2NKQWFLS1JhMEFRaTJZNFRmNVRYbzd4VmNJMmclM0QlM0Q&tld=floraspring.com&dtycbr=93863 HTTP 302
https://widget.us.criteo.com/event?a=77723&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJGT1B1eXMlMkYyZ1VETGQlMkJmTndsQWtMJTJGdlc2NEQzU0hlYXolMkJ0ZkElMkJsZnVubE5Vd3RHZWhsNDZNR1RJV05IWXFHV2Nvd2NKQWFLS1JhMEFRaTJZNFRmNVRYbzd4VmNJMmclM0QlM0Q&tld=floraspring.com&dtycbr=93863

Request Chain 67

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=i1h5nYmbJMcmSLHFWRVfkbwwzbEHWduF

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1WcndEZU1lcUNzR3h0ZzFYUk9Sa0kzRVVPUVFXNzhJdjB2Y3dodw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 69

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&custom=&tag_format=img&tag_action=sync&custom=&cb=360db825-2751-4a46-bc21-1f243898c8bc HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=360db825-2751-4a46-bc21-1f243898c8bc&final=true&reqid=ff959e60-8ed0-11ec-8c8d-9342a2746d9d&timestamp=2022-02-16T02%3A34%3A43.398Z

Request Chain 77

https://secure.adnxs.com/setuid?entity=52&code=k-JSKSeseqCsGxtg1XRORkI3EUOQTPVrad8xJlLw&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-JSKSeseqCsGxtg1XRORkI3EUOQTPVrad8xJlLw%26seg%3D95287

Request Chain 79

https://eb2.3lift.com/xuid?mid=2711&xuid=k-dLJEPceqCsGxtg1XRORkI3EUOQRXRh_EcGE1uA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-dLJEPceqCsGxtg1XRORkI3EUOQRXRh_EcGE1uA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 81

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A&C=1

Request Chain 83

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1wlxyMeqCsGxtg1XRORkI3EUOQTkU23A9VI2wg&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1wlxyMeqCsGxtg1XRORkI3EUOQTkU23A9VI2wg&expires=30&user_group=5

Request Chain 89

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iDOHP8eqCsGxtg1XRORkI3EUOQSrCR7Li75D3w HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iDOHP8eqCsGxtg1XRORkI3EUOQSrCR7Li75D3w

Request Chain 90

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA&_li_chk=true&previous_uuid=17cdea1618304a49aadcb1c781af2626 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA

Request Chain 92

https://pixel.advertising.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1&apid=UPffa1fb10-8ed0-11ec-9745-06f93f5618ee

Request Chain 94

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-xlQLI8eqCsGxtg1XRORkI3EUOQQIdKeu1DQstQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 96

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/3J2Fh4strOMeO_MVzrFTqn9aEPXpSb10/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2896580400634479181

Request Chain 97

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6976100672220240395

117 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request aff_special20.php Show response
floraspring.com/z/
Redirect Chain

https://purehealth.ontralink.com/c/s/uZ9/se5pH/6/k3C/4mH/69pzx0/vieredIP9P/P/P/sx
https://safetrkthree.com/?E=bCWc6WTZAh1KggyAp9embEIWO1ngp8g1&s1=0215ENR
https://safetrkpro3.com/?E=bCWc6WTZAh1KggyAp9embEIWO1ngp8g1&s1=0215ENR&ckmguid=54f7c6f1-1d12-4858-bdfe-6e43b7ec373d
https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

20 KB
20 KB

435ms
175ms

Document
text/html

198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: a3fe794be7dc681430f70998f8de331fbb7584b66f991dfaaf3da952db63dc1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 16 Feb 2022 02:34:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=60
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Wed, 16 Feb 2022 02:34:39 GMT
content-type: text/html; charset=utf-8
content-length: 300
cache-control: private
location: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK bootstrap.min.css
floraspring.com/z/inc/ 110 KB
18 KB 240ms
134ms Stylesheet
text/css 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/inc/bootstrap.min.css
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 20:54:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 18200
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 68ms
27ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3350aa32423c1610b373923a72d60233e7469d396607e44555820e679f076991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 01:14:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 02:34:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 02:34:39 GMT

GET
H/1.1 200
OK buy-safe.css
floraspring.com/z/inc/ 534 B
582 B 366ms
125ms Stylesheet
text/css 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/inc/buy-safe.css
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 230
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK jquery-ui.min.css
floraspring.com/css/ 28 KB
7 KB 487ms
120ms Stylesheet
text/css 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/css/jquery-ui.min.css
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6980
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK ouibounce.min.css
floraspring.com/z/css/ 2 KB
1 KB 598ms
111ms Stylesheet
text/css 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/css/ouibounce.min.css
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 698
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK vsl.css
floraspring.com/css/ 3 KB
1 KB 693ms
101ms Stylesheet
text/css 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/css/vsl.css
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 2e065798bfd944481654974a125acaf680c248a16ea54ffb6f22d253529029ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1007
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK thumb6.jpg
s3.amazonaws.com/flora-spring/ 56 KB
56 KB 418ms
111ms Image
image/jpeg 52.217.73.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/flora-spring/thumb6.jpg
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.73.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:41 GMT
Last-Modified: Fri, 19 Jun 2020 14:28:38 GMT
Server: AmazonS3
x-amz-request-id: T68PM9PHFXHTYA0Y
ETag: "5903f97d5c1477d254c8f417bdd6cdd3"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 57352
x-amz-id-2: XdeMN2F3hIDOGz26SdSaFwtvYowF+bSKny7qtJCTokmNkrrjo1Uf5rioO80yt6zALCHKfpecdqc=

GET
H/1.1 200
OK animated-qbutton.gif
s3.amazonaws.com/flora-spring/ 48 KB
48 KB 435ms
125ms Image
image/gif 52.217.73.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/flora-spring/animated-qbutton.gif
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.73.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a5a1d1bd22a59ff303258bf1193d9b2e6d7c96d25e4d7fd42b3e0cb1ed7c4f8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:41 GMT
Last-Modified: Fri, 19 Mar 2021 15:05:55 GMT
Server: AmazonS3
x-amz-request-id: T68T15KY78A7SKHD
ETag: "f5ebf95bf385b2b4ed9ce6570a353ff9"
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 49097
x-amz-id-2: 9oyqNcspdkxk9qqP/+dUdg2Xyj4sU8lxGZ1iPxhUYF7ErliN4C+bOY5ImDzYV5zUpzAVyZZd+/c=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
74 KB 86ms
38ms Script
application/javascript 2a00:1450:400e:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d70075b99f4145f9a3c7ab2ec03604651542ee27e8cc78f688f650e3c5aa3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74983
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:57:59 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Feb 2022 02:34:40 GMT

GET
H/1.1 200
OK jquery.js Show response
floraspring.com/z/inc/ 82 KB
29 KB 121ms
121ms Script
application/javascript 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/inc/jquery.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 29325
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK jwplayer-new.js Show response
floraspring.com/z/inc/ 83 KB
27 KB 103ms
103ms Script
application/javascript 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/inc/jwplayer-new.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: fe2317ad7743f5d8b5b0876a0824fc476a1f21f3568cfa98aa0f704bec2ef330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 27137
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
floraspring.com/js/ 246 KB
67 KB 178ms
151ms Script
application/javascript 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/js/jquery-ui.min.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK ouibounce.min.js Show response
floraspring.com/z/js/ 2 KB
1 KB 290ms
94ms Script
application/javascript 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/js/ouibounce.min.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 783
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H/1.1 200
OK fadeInOut.js Show response
floraspring.com/z/inc/ 118 B
478 B 385ms
94ms Script
application/javascript 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/z/inc/fadeInOut.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 112
Expires: Fri, 18 Mar 2022 02:34:40 GMT

GET
H2

204

put
e1.emxdgt.com/
Redirect Chain

https://rtb.mfadsrvr.com/pixel?id=521041&type=img
https://rtb.mfadsrvr.com/ul_cb/pixel?id=521041&type=img
https://rtb-eu.mfadsrvr.com/sync?ssp=emx&initiator=me
https://e1.emxdgt.com/put?d=d35&uid=30f340d0-74db-4cf4-a129-71cce0adb361

0
59 B

96ms
18ms

Image
text/html

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d35&uid=30f340d0-74db-4cf4-a129-71cce0adb361
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d35&uid=30f340d0-74db-4cf4-a129-71cce0adb361
Date: Wed, 16 Feb 2022 02:34:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 56ms
20ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=2887&u=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&r=0.8648918045249214
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 96ebe95566363fc1f3751188337e3b36f00c91c54372bdfe0b1a28ef532fd50f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 02:34:40 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 97ms
97ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=2887&d=floraspring.com&u=DDF48D9DFAF4ABF3184B904BCB38D4E10&h=48efe9e9a08428eb30fdb22fe3491429&t=false&r=0.09260389271014335

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1788
date: Wed, 16 Feb 2022 02:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Feb 2022 04:04:52 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 69ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 23 Feb 2022 02:34:40 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 58ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Feb 2022 02:34:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 87ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95A906399C104CDBAEA1FBD4EC6C6FB3 Ref B: FRAEDGE1316 Ref C: 2022-02-16T02:34:40Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 scevent.min.js Show response
sc-static.net/ 16 KB
7 KB 67ms
20ms Script
application/javascript 52.222.225.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.225.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-225-250.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: af3f350dca72e0309a29b508ce47c6a81588c1f1c4925407a397c53163d541b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-P4
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6261
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-amz-cf-id: PoiVR7o775iieNkHpywp9JG1i3JZB3k0K1BZfssT0IsaxOz3BQm8vg==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 41ms
15ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Wed, 16 Feb 2022 02:54:40 GMT

GET
H2 200 connect.js Show response
cdn.wishpond.net/ 157 KB
40 KB 48ms
7ms Script
application/javascript 18.66.112.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/connect.js?merchantId=1513220&writeKey=27d699b2df82
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-126.fra56.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:51:01 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 17:36:17 GMT
server: nginx/1.17.5
age: 143020
etag: W/"61fd6411-272e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
cache-control: public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: eVbzAF-9WxUAJZ3jTtV2w021eFl9vQ9KByo53RVPF3F1-Im8A3y99g==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 67ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR9ZK4G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 17 Feb 2022 02:34:40 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 75ms
21ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 16 Feb 2022 02:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1122
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: +xAamgE2+H1FhCIc2TfQSyimh99aluPm58jzu4hEqpycHzp4YfaW1g3IPT41fXsgNruoRmq5aZI=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: MBW0VPH81CBGHMFW
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 146ms
103ms Script
application/javascript 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C354507G09FC36CGKGPG&lib=ttq
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 96c5b7db792466a79b9ed86953e77df86977c4ebb3d83015f30f56c852395c70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-akamai-request-id: 9d8f7c8.d672825
date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 92,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=3, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 202202160234400101131350791BA54E00
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.220.105.219
x-tt-trace-host: 01e734ec113b96009503c3f0f33771d8355f19ff6cfa5d20dc43556d39a762882180fd26827f2ec3e59bbe998c4d4dd19f2ae1f37ca490092e1c63c920b3b6cbb542aadb4ba029256599040a6a42a7656b40968ed0329190424bc999a056e0b38e28d0ca49f0e1baed26713358682e4d38
expires: Wed, 16 Feb 2022 02:34:40 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1419346/ 55 KB
17 KB 129ms
105ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46338dc48d729d15a526058958ed4d6e3cde30f8fcd7978370a67abfe64c9db1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: vtTL4bPm6BZVrnl37DHk7HbYuQSOpGKR
content-encoding: gzip
etag: "af26efc887005e07e9e4e92ea344e12b"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17368
x-amz-id-2: burj4M8QWh/tKewLsHH3UcpoSoRzfcSlAJ2Gt4KfdKyJUo4ZPPs15NZNNK2TiFVtu6AJywIrT64=
x-served-by: cache-hhn4031-HHN
last-modified: Sun, 13 Feb 2022 11:03:12 GMT
server: AmazonS3
x-timer: S1644978881.898687,VS0,VE97
date: Wed, 16 Feb 2022 02:34:40 GMT
vary: Accept-Encoding
x-amz-request-id: 2EPR3HX2KZC7H6PV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 29
x-cache-hits: 1

GET
H2 400 .js
treach-tutters.com/d/ 0
0 41ms
8ms Script
text/html 18.192.108.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&lpt=Free%20Video%20-%20Limited%20Time%20Only!&t=1644978880788
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.192.108.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-108-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 37ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=897549097&t=pageview&_s=1&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&ul=en-us&de=UTF-8&dt=Free%20Video%20-%20Limited%20Time%20Only!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=637851845&gjid=279829768&cid=1356133544.1644978881&tid=UA-113385709-1&_gid=1903393526.1644978881&_r=1&gtm=2wg290MR9ZK4G&z=1695806283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/ 2 KB
2 KB 52ms
22ms Script
text/javascript 2a00:1450:400e:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693528767/?random=1644978880859&cv=9&fst=1644978880859&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&tiba=Free%20Video%20-%20Limited%20Time%20Only!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79895cf3d8cc0f5b7ede0dfca3214cce0df18b3dfcf514dc289d06a2711c353a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-rXRXmwZSu3n0s.js Show response
rules.quantcount.com/ 1 KB
1 KB 88ms
11ms Script
application/javascript 2600:9000:223c:8c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-rXRXmwZSu3n0s.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6164926a125470b01cff59c2ba9ed02589c8950b0452b2a18becb2d0bfba9222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:13:41 GMT
content-encoding: gzip
age: 1261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 19 Nov 2019 22:58:30 GMT
server: AmazonS3
etag: W/"08cb09205cd3b16973422b786a3c839a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Dm5IXMPhMF5vuU29weuVd2m_003GShxYjUPNK4vthGwatmAlFdzrhQ==

GET
H2 204 56270944.js Show response
bat.bing.com/p/action/ 0
110 B 199ms
198ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56270944.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 02:34:40 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A661F245C863421BBBA08D0048A38436 Ref B: FRAEDGE1316 Ref C: 2022-02-16T02:34:40Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 455ms
133ms Script
application/javascript 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00334f27e888e04062e48c656e1eda1b21
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:41 GMT
content-encoding: gzip
X-TraceId: b22e55d0349337ea75208a5f601a0afd
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 408ms
88ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00334f27e888e04062e48c656e1eda1b21&obApiVersion=1.0-gtm&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&optOut=false&bust=03260065226771205
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:41 GMT
Cache-Control: no-cache
X-TraceId: 4b41e940d877371825e9692c043cf15d
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 408ms
89ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00334f27e888e04062e48c656e1eda1b21&obApiVersion=1.0-gtm&obtpVersion=1.6.0&name=VSL-Page&dl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&optOut=false&bust=027992782325129895
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:41 GMT
Cache-Control: no-cache
X-TraceId: ce45c862b49a68bcf8707782f62ce76d
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 45ms
16ms XHR
text/plain 2a00:1450:4025:402::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-113385709-1&cid=1356133544.1644978881&jid=637851845&gjid=279829768&_gid=1903393526.1644978881&_u=YEBAAEAAAAAAAC~&z=775958833

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Feb 2022 02:34:40 GMT
content-type: text/plain
access-control-allow-origin: https://floraspring.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 storage.html Show response
cdn.wishpond.net/ Frame 33AA 3 KB
2 KB 7ms
7ms Document
text/html 18.66.112.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/storage.html
Requested by: Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1513220&writeKey=27d699b2df82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-126.fra56.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/

Response headers

content-type: text/html; charset=UTF-8
server: nginx/1.17.5
last-modified: Thu, 18 Feb 2021 20:51:18 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 12 Feb 2022 02:41:12 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800
etag: W/"602ed346-c7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Nabw-hQuE_zPY2nQIqtzlQhJbe7UnRBDSBj01ZoGSzbZw7a_qLGU2g==
age: 345214

GET
H2 200 popups.json Show response
www.wishpond.com/ 13 B
1 KB 117ms
116ms XHR
application/json 3.218.71.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1513220&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR

Requested by

Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1513220&writeKey=27d699b2df82

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.71.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-71-8.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://floraspring.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NON"
strict-transport-security: max-age=300
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: 647d6937-0e3f-4ccb-81a5-85f13f40d918
x-runtime: 0.011421
server: nginx/1.17.5
x-frame-options: DENY
x-download-options: noopen
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: de-DE
access-control-allow-origin: https://floraspring.com
access-control-expose-headers
access-control-allow-credentials: true
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-type: application/json; charset=utf-8

OPTIONS
H2 200 popups.json
www.wishpond.com/ Frame 0
0 305ms
100ms Preflight
text/plain 3.218.71.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.218.71.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-71-8.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://floraspring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Feb 2022 02:34:41 GMT
content-type: text/plain
server: nginx/1.17.5
vary: Accept-Encoding
access-control-allow-origin: https://floraspring.com
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-expose-headers
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
x-request-id: 55ec8cc9-fcee-4fd6-8f95-cc80564f7b6e
x-runtime: 0.001384
strict-transport-security: max-age=300
x-download-options: noopen
content-encoding: gzip

GET
H2 200 10135825.json Show response
s.yimg.com/wi/config/ 2 B
450 B 79ms
30ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10135825.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:41:39 GMT
x-content-type-options: nosniff
age: 3182
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: H1NK6S2NRSBAWDRA
x-amz-id-2: /stPEnzNGs5JOCBig2OwffGvF+SciZJk3yqOVc9TSZj3j2QuLfWguBYuwXlWOO9rR7zki/dx/F8=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 62ms
25ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113385709-1&cid=1356133544.1644978881&jid=637851845&_u=YEBAAEAAAAAAAC~&z=349275988

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 59ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-113385709-1&cid=1356133544.1644978881&jid=637851845&_u=YEBAAEAAAAAAAC~&z=349275988

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 13A3 13 KB
5 KB 79ms
23ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=floraspring.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2137
date: Wed, 16 Feb 2022 02:34:40 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 /
www.google.com/pagead/1p-user-list/693528767/ 42 B
154 B 22ms
22ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693528767/?random=1644978880859&cv=9&fst=1644976800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=3900510504&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693528767/ 42 B
154 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693528767/?random=1644978880859&cv=9&fst=1644976800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&tiba=Free%20Video%20-%20Limited%20Time%20Only!&async=1&fmt=3&is_vtc=1&random=3900510504&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1419346/trc/3/ 2 KB
1 KB 38ms
29ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1419346/trc/3/json?tim=1644978881014&data=%7B%22id%22%3A957%2C%22ii%22%3A%22%2Fz%2Faff_special20.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1644978881007%2C%22cv%22%3A%2220220209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dkendago-pineapple-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1644978881014%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e6a92b2ae95cdfd7467123f57c4214c31b2e7580ccba79f2a05a456d7d803e93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms: 23
date: Wed, 16 Feb 2022 02:34:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1644978881.029230,VS0,VE23
x-served-by: cache-hhn4031-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
716 B 103ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2016%20Feb%202022%2002%3A34%3A41%20GMT&n=0&b=Free%20Video%20-%20Limited%20Time%20Only!&.yp=10135825&f=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 16 Feb 2022 02:34:41 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 101ms
101ms Script
application/javascript 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C354507G09FC36CGKGPG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-akamai-request-id: c04ffb4e.d6729c8
date: Wed, 16 Feb 2022 02:34:41 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-215.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 90,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=4, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 2022021602344101011300607102CB5ADF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.220.105.215
x-tt-trace-host: 01e734ec113b96009503c3f0f33771d8355f19ff6cfa5d20dc43556d39a7628821e48814164c3ac2790905132d611282b94623d6bd626286ec31c66493ff28d0d446d749da19ed690ca6730b0dcdd4be97237b4b32f0c848839117b7fa7d386f4801fa35f50c45bddf7b8fdc2fc44eb430
expires: Wed, 16 Feb 2022 02:34:41 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 710 B
1 KB 97ms
97ms Script
application/javascript 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C354507G09FC36CGKGPG&hostname=floraspring.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C354507G09FC36CGKGPG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c1154a5787899e886b9b313bf69c3302812d4f865810967d9dfb1bb964de77b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-akamai-request-id: b222a545.d672a1c
date: Wed, 16 Feb 2022 02:34:41 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-218.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 90,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2, inner; dur=2
content-length: 316
pragma: no-cache
server: nginx
x-tt-logid: 202202160234410101131351740FBBD950
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.220.105.218
x-tt-trace-host: 01e734ec113b96009503c3f0f33771d8355f19ff6cfa5d20dc43556d39a7628821c91ba2408f660bde80805db8e37d3edbc449e2dbd9cae56228d2587b36066dee165057272678a7d05a027e3ce0dd008e44e9e289aa51c4e6788ae00b9223ae77786e7749ecd118ae8a67d7d5554d37e0
expires: Wed, 16 Feb 2022 02:34:41 GMT

GET
H2 200 pixel;r=716230461;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r...
pixel.quantserve.com/ 35 B
371 B 22ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=716230461;source=gtm;labels=_fp.event.Default;rf=0;a=p-rXRXmwZSu3n0s;url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR;uht=2;fpan=1;fpa=P0-1358637728-1644978881063;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=floraspring.com;je=0;sr=1600x1200x24;dst=0;et=1644978881063;tzo=0;ogl=

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK stop-pop.min2.js Show response
floraspring.com/js/ 3 KB
1 KB 95ms
95ms Script
application/javascript 198.7.56.175
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://floraspring.com/js/stop-pop.min2.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.7.56.175 Beltsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: Apache /
Resource Hash: 58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:41 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Dec 2020 10:01:53 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1145
Expires: Fri, 18 Mar 2022 02:34:41 GMT

GET
H2 200 loader.min.js Show response
quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/ 37 KB
9 KB 655ms
501ms Script
application/javascript 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/loader.min.js
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39422d8870a0e4c9f69578c861fa067d963adbfeacd526c4307768c45ea9fcc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:41 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: ADPycdsadF7cSvvA3-DjFejaDEIw17vldeNNwah7qTzMLrEPjPD1FbP84133WlNlAREz63TdTDPkYbXTGAWSm0la4bqJkRBFxQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 8755
last-modified: Tue, 15 Feb 2022 10:38:41 GMT
server: cloudflare
etag: "d434c6760a0b24717804405ed627fbfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=oEr0yg==, md5=1DTGdgoLJHF4BEBe1if7/g==
x-goog-generation: 1644921521458847
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 8755
accept-ranges: bytes
cf-ray: 6de360d7bc9d59b9-MXP
expires: Thu, 17 Mar 2022 10:39:04 GMT

GET
H2 204 unip Show response
trc.taboola.com/1419346/log/3/ 0
105 B 17ms
17ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1419346/log/3/unip?en=view_content&tim=1644978881017&vi=1644978881007&ri=d9ad2c1861abfe6908b4db0da15ebe8e&ref=null&cv=20220209-5-RELEASE&item-url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&tos=57&ssd=1&scd=100
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 16 Feb 2022 02:34:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1644978881.074111,VS0,VE9
x-served-by: cache-hhn4031-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://floraspring.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 0
bat.bing.com/action/ 0
150 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56270944&Ver=2&mid=001c1f85-b7fb-438d-a292-4d0240629df6&sid=fe3289508ed011ecaaf563385542bd9a&vid=fe326d608ed011eca70fdfbbaba45896&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Video%20-%20Limited%20Time%20Only!&p=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&r=&lt=3486&evt=pageLoad&msclkid=N&sv=1&rn=429219
Requested by: Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C93444B8EAB644238B00368995A9F21F Ref B: FRAEDGE1316 Ref C: 2022-02-16T02:34:41Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 13A3
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=floraspring.com&sn=ChromeSyncframe&so=0&topUrl=floraspring.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Mwu31Hx2Z3dwWFVyV0FvZWl5VStFSkZlQm1tRHh0UEdqc0RPRmlIMVdTSTY5RTZ4VXZFOHdiNGkxaExJcTJrakx4M1I4MVU0Uk8yZkFkblhpSmt0V1ovaktVN2trbitUcXlFL2pidTFhTUovS1lOSlRDcEpSekVsMHJPUX...

433 B
631 B

59ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Mwu31Hx2Z3dwWFVyV0FvZWl5VStFSkZlQm1tRHh0UEdqc0RPRmlIMVdTSTY5RTZ4VXZFOHdiNGkxaExJcTJrakx4M1I4MVU0Uk8yZkFkblhpSmt0V1ovaktVN2trbitUcXlFL2pidTFhTUovS1lOSlRDcEpSekVsMHJPUXJXM0RKTmpsU05ZOENyM3BMYjBEVDV4RDhJM3kyUE8yclhvMk5vbmZPSjUvRjlFTkJtRm5NdXM5WXRYa1VUMFpJR1FGdnU1VGhObWdTMnFqQ2hrbWxTTThOdTVybmJINytYTjMrTXlJY2t2SFFXbXViVStpaGhwUndlVHJsOTMxK2JTdEpEbnpIWXN0bWEwZ0gzTkZhM0lZVEpodmRSZz09fA&cppv=2

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0039cda5a79f8ab5349dbabea8b3213a2907fa20764c160c0c696f46db2aee05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4852
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Mwu31Hx2Z3dwWFVyV0FvZWl5VStFSkZlQm1tRHh0UEdqc0RPRmlIMVdTSTY5RTZ4VXZFOHdiNGkxaExJcTJrakx4M1I4MVU0Uk8yZkFkblhpSmt0V1ovaktVN2trbitUcXlFL2pidTFhTUovS1lOSlRDcEpSekVsMHJPUXJXM0RKTmpsU05ZOENyM3BMYjBEVDV4RDhJM3kyUE8yclhvMk5vbmZPSjUvRjlFTkJtRm5NdXM5WXRYa1VUMFpJR1FGdnU1VGhObWdTMnFqQ2hrbWxTTThOdTVybmJINytYTjMrTXlJY2t2SFFXbXViVStpaGhwUndlVHJsOTMxK2JTdEpEbnpIWXN0bWEwZ0gzTkZhM0lZVEpodmRSZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2161
content-length: 541
expires: 0

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
712 B 135ms
134ms Ping
application/octet-stream 104.126.37.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C354507G09FC36CGKGPG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-144.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 10924b0e.d672b7b
date: Wed, 16 Feb 2022 02:34:41 GMT
x-cache-remote: TCP_MISS from a23-220-105-211.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-140.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 126,104.126.37.140
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=26, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022021602344101011300608610ADEBDB
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.220.105.211
x-tt-trace-host: 01e734ec113b96009503c3f0f33771d8355f19ff6cfa5d20dc43556d39a7628821979897fe4476f41efbc41b8606b2c5d7d97eb02da6931443ca324c2fd79bc0194dcd3da78632e0bd32dc1ebd0a3e87003fcbc6e7d7eb5656e3f5fb11184968e13378112ff6d68a58b697314c69881e05
expires: Wed, 16 Feb 2022 02:34:41 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=77723&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJG...
https://widget.us.criteo.com/event?a=77723&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJG...

7 KB
8 KB

394ms
131ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=77723&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJGT1B1eXMlMkYyZ1VETGQlMkJmTndsQWtMJTJGdlc2NEQzU0hlYXolMkJ0ZkElMkJsZnVubE5Vd3RHZWhsNDZNR1RJV05IWXFHV2Nvd2NKQWFLS1JhMEFRaTJZNFRmNVRYbzd4VmNJMmclM0QlM0Q&tld=floraspring.com&dtycbr=93863

Requested by

Host: floraspring.com
URL: https://floraspring.com/z/aff_special20.php?a=1752&s1=0215ENR&s2=&s3=&s4=&o=83&r=54988708&cr=274&campid=7204&utm_medium=1752&utm_source=0215ENR

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

68c2d8709f904ecc7ee539730e64faf1bac64c9ee68201af12b3b20b4013dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10019295
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:40 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=77723&v=5.8.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJGT1B1eXMlMkYyZ1VETGQlMkJmTndsQWtMJTJGdlc2NEQzU0hlYXolMkJ0ZkElMkJsZnVubE5Vd3RHZWhsNDZNR1RJV05IWXFHV2Nvd2NKQWFLS1JhMEFRaTJZNFRmNVRYbzd4VmNJMmclM0QlM0Q&tld=floraspring.com&dtycbr=93863
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2148224
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 player-dash-mse.min.js Show response
quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/ 2 MB
418 KB 643ms
643ms Script
application/javascript 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94ed9063fab9f87d08210429f13be6837d804bda1b93195a1b60aea6976c7c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: ADPycdviaxaglcyr9__seQW4gopyLwIBibjZh5LWAbbpQYyynTmXkZ0x3mROwfU-gA7zr7-y1V5R6x2GDO8ymgNEgaI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 427222
last-modified: Tue, 15 Feb 2022 10:38:43 GMT
server: cloudflare
etag: "c1e72353eb93ed2625172e5dd00118d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RVriAw==, md5=wecjU+uT7SYlFy5d0AEY2Q==
x-goog-generation: 1644921523342236
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300, s-maxage=2592000
x-goog-stored-content-length: 427222
accept-ranges: bytes
cf-ray: 6de360dad87159b9-MXP
expires: Thu, 17 Mar 2022 10:40:10 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1419346/log/3/ 0
247 B 77ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1419346/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=100&ssd=1&est=1644978881010&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1644978882567&vi=1644978881007&ri=d9ad2c1861abfe6908b4db0da15ebe8e&ref=null&cv=20220209-5-RELEASE&item-url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://floraspring.com
pragma: no-cache
date: Wed, 16 Feb 2022 02:34:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 awesome-log Show response
stats.vidalytics.com/ 43 B
419 B 556ms
173ms XHR
image/gif 34.107.158.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/awesome-log?cid=KwmJQD4K
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.158.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.158.107.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
server: istio-envoy
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
etag: "KwmJQD4K/6yGLoyKGwO98HS9n"
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: public, max-age=2592000
x-envoy-upstream-service-time: 51
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

POST
H2 200 licensing Show response
analytics-ingress-global.bitmovin.com/ 117 B
378 B 389ms
14ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/licensing
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.48.0 /
Resource Hash: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Feb 2022 02:34:42 GMT
via: 1.1 google
server: v1.48.0
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
alt-svc: clear
content-length: 117

POST
H2 200 licensing Show response
licensing.bitmovin.com/ 165 B
419 B 167ms
134ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/licensing
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 165

GET
H2 200 stream.mpd Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/ 6 KB
6 KB 195ms
154ms XHR
application/dash+xml 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/stream.mpd
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce997a9d3c9bc6ad191395c1c6e996190531a1e7aae1077cdcaa277463ea7c78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdtfJLoh7M-y3qEmw4KktmGIVqBurRVbxXpwjyVNQz0q-0qRbGfTOvIOKSQhT7VAxwa8xsa3A5n_R8Ch1AombwE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: application/dash+xml
content-length: 5841
last-modified: Wed, 26 Jan 2022 16:38:24 GMT
server: cloudflare
etag: "33bd37754ab552e1e36cc471f18d9df5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=2OKEGQ==, md5=M703dUq1UuHjbMRx8Y2d9Q==
x-goog-generation: 1643215104201911
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 5841
accept-ranges: bytes
cf-ray: 6de360e49d0359bf-MXP
expires: Mon, 23 Jan 2023 21:48:37 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 41ms
19ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cb973317-d0e8-4273-8280-d0607692ae5c

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

3e31a8b685a814bb494004663454d84a425d0c8425b332b7f492bf761cfdd42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 17ms
17ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.48.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
alt-svc: clear
server: v1.48.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1532 0
241 B 34ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cb973317-d0e8-4273-8280-d0607692ae5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/

Response headers

server: nginx/1.17.3
date: Wed, 16 Feb 2022 02:34:43 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame F7E5
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=i1h5nYmbJMcmSLHFWRVfkbwwzbEHWduF

42 B
394 B

21ms
18ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=i1h5nYmbJMcmSLHFWRVfkbwwzbEHWduF
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=i1h5nYmbJMcmSLHFWRVfkbwwzbEHWduF
date: Wed, 16 Feb 2022 02:34:42 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3063
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame F7E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1WcndEZU1lcUNzR3h0ZzFYUk9Sa0kzRVVPUVFXNzhJdjB2Y3dodw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

67ms
25ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:42 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 182539
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame F7E5
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&custom=&tag_format=img&tag_action=sync&custom=&cb=360db825-2751-4a46-bc21-1f24389...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=360db825-2751-4a4...

0
638 B

31ms
31ms

Image
text/plain

54.75.128.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=360db825-2751-4a46-bc21-1f243898c8bc&final=true&reqid=ff959e60-8ed0-11ec-8c8d-9342a2746d9d&timestamp=2022-02-16T02%3A34%3A43.398Z
Protocol: HTTP/1.1
Server: 54.75.128.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-128-113.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:43 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 16 Feb 2022 02:34:43 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=360db825-2751-4a46-bc21-1f243898c8bc&final=true&reqid=ff959e60-8ed0-11ec-8c8d-9342a2746d9d&timestamp=2022-02-16T02%3A34%3A43.398Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 400 362338.gif
idsync.rlcdn.com/ Frame F7E5 0
0 39ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&ct=3&cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 204 v1
ads.yahoo.com/cms/ Frame F7E5 0
47 B 24ms
20ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame F7E5 43 B
376 B 35ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:43 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 16 Feb 2022 02:34:43 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame F7E5 0
482 B 53ms
17ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_C9698eqCsGxtg1XRORkI3EUOQT9SfBa6m_0aQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame F7E5 0
476 B 386ms
107ms Image
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-91wv58eqCsGxtg1XRORkI3EUOQSjcCB8HkbiPg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:43 GMT
Cache-Control: no-cache
X-TraceId: 6ed39dc46f126519000372caaccb6e41
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame F7E5 0
427 B 159ms
111ms Image
text/plain 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-HFp1kceqCsGxtg1XRORkI3EUOQSSa8-Wu63CuA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 16 Feb 2022 02:34:43 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F7E5 0
239 B 68ms
13ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-HFp1kceqCsGxtg1XRORkI3EUOQSSa8-Wu63CuA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame F7E5
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-JSKSeseqCsGxtg1XRORkI3EUOQTPVrad8xJlLw&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-JSKSeseqCsGxtg1XRORkI3EUOQTPVrad8xJlLw%26seg%3D95287

43 B
1 KB

21ms
20ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-JSKSeseqCsGxtg1XRORkI3EUOQTPVrad8xJlLw%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 02:34:43 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c934c872-fe75-4641-acd8-edc7d5c993d8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 02:34:43 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3125e61e-ada1-43a4-9e66-6f6b6bd86a2f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-JSKSeseqCsGxtg1XRORkI3EUOQTPVrad8xJlLw%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F7E5 42 B
682 B 66ms
26ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-MvkIPseqCsGxtg1XRORkI3EUOQQGph2z8LVXmg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:478
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame F7E5
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-dLJEPceqCsGxtg1XRORkI3EUOQRXRh_EcGE1uA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-dLJEPceqCsGxtg1XRORkI3EUOQRXRh_EcGE1uA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-dLJEPceqCsGxtg1XRORkI3EUOQRXRh_EcGE1uA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-dLJEPceqCsGxtg1XRORkI3EUOQRXRh_EcGE1uA&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Wed, 16 Feb 2022 02:34:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame F7E5 45 B
785 B 75ms
38ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-17NSh8eqCsGxtg1XRORkI3EUOQSYU7CkU88X2Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 16 Feb 2022 02:34:43 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 16 Feb 2022 02:34:43 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame F7E5
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A&C=1

43 B
1 KB

26ms
26ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A&C=1
Protocol: HTTP/1.1
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 02:34:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 16 Feb 2022 02:34:43 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 02:34:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Wed, 16 Feb 2022 02:34:43 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame F7E5 0
240 B 56ms
17ms Image
text/plain 2600:9000:223f:f400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-maEbSMeqCsGxtg1XRORkI3EUOQQ_ZAX7e0HyjA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: zCdMed9TuruQLsais6Cqx62YSJIEXRW2X5iYW8TcRE4K-hBzQhrQLw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame F7E5
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1wlxyMeqCsGxtg1XRORkI3EUOQTkU23A9VI2wg&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1wlxyMeqCsGxtg1XRORkI3EUOQTkU23A9VI2wg&expires=30&user_group=5

43 B
495 B

8ms
7ms

Image
image/gif

18.194.224.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1wlxyMeqCsGxtg1XRORkI3EUOQTkU23A9VI2wg&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.194.224.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-224-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-1wlxyMeqCsGxtg1XRORkI3EUOQTkU23A9VI2wg&expires=30&user_group=5
Date: Wed, 16 Feb 2022 02:34:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame F7E5 35 B
337 B 125ms
36ms Image
image/gif 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-eoG6m8eqCsGxtg1XRORkI3EUOQQbMI7YTVtKkw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-239-78.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame F7E5 23 B
172 B 111ms
32ms Image
image/gif 184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-912q9ceqCsGxtg1XRORkI3EUOQT5n9fW0ZE9Zw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 16 Feb 2022 02:34:43 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F7E5 0
98 B 50ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-fAGfbMeqCsGxtg1XRORkI3EUOQTkiV2TEigYXw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15888

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F7E5 43 B
163 B 69ms
17ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-i0S0bceqCsGxtg1XRORkI3EUOQSd1Z6Feubxcw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame F7E5 68 B
263 B 36ms
8ms Image
image/png 35.158.142.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-h3RN3seqCsGxtg1XRORkI3EUOQSYQuMykiYhNw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.142.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-142-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame F7E5
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iDOHP8eqCsGxtg1XRORkI3EUOQSrCR7Li75D3w
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iDOHP8eqCsGxtg1XRORkI3EUOQSrCR7Li75D3w

43 B
447 B

38ms
38ms

Image
image/gif

52.208.147.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iDOHP8eqCsGxtg1XRORkI3EUOQSrCR7Li75D3w
Protocol: H2
Server: 52.208.147.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-147-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 02:34:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iDOHP8eqCsGxtg1XRORkI3EUOQSrCR7Li75D3w
date: Wed, 16 Feb 2022 02:34:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame F7E5
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA&_li_chk=true&previous_uuid=17cdea1618304a49aadcb1c781af2626
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA

43 B
419 B

390ms
95ms

Image
image/gif

2600:1f18:444a:4602:b51a:2bef:14:5241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:44 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-tEtADMeqCsGxtg1XRORkI3EUOQQEYR3LflxRPA
Date: Wed, 16 Feb 2022 02:34:43 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame F7E5 43 B
428 B 325ms
98ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-taR_08eqCsGxtg1XRORkI3EUOQSas5wv7fM3vA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:43 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame F7E5
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1&apid=UPffa1fb10-8ed0-11ec-9745-06f93f5618ee

0
132 B

11ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1&apid=UPffa1fb10-8ed0-11ec-9745-06f93f5618ee

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-bpyezceqCsGxtg1XRORkI3EUOQSnlyGL_bT7zg&_origin=1&apid=UPffa1fb10-8ed0-11ec-9745-06f93f5618ee
date: Wed, 16 Feb 2022 02:34:43 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame F7E5 43 B
183 B 320ms
93ms Image
image/gif 2600:1f18:612b:4216:7de5:38a9:e1be:23d8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-W2boqseqCsGxtg1XRORkI3EUOQTPeflEjn16Uw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7de5:38a9:e1be:23d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame F7E5
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-xlQLI8eqCsGxtg1XRORkI3EUOQQIdKeu1DQstQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
462 B

140ms
21ms

Image
image/gif

2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 02:34:43 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1644978883.dop028.ml1.t,1644978883.cds219.ml1.shn,1644978883.dop028.ml1.t,1644978883.cds215.ml1.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 02:34:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1644978883478001-361
Expires: Wed, 16 Feb 2022 02:34:43 GMT

GET
H3 200 p
tr.snapchat.com/ 68 B
86 B 35ms
26ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=0354f18b-6e88-4d78-8775-fead2533f84d&pid=cb973317-d0e8-4273-8280-d0607692ae5c&ev=PAGE_VIEW&pl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&ts=1644978883264&rf=&v=1.6.0&if=false&bt=__LIVE__&intg=gtm&m_sl=3285&m_rd=5683&m_pi=3486&m_pl=5676&m_ic=0&u_c1=6c0d6c40-7717-420e-be03-3e159f98599f

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame F7E5
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/3J2Fh4strOMeO_MVzrFTqn9aEPXpSb10/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2896580400634479181

43 B
370 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2896580400634479181

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:42 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2268112
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2896580400634479181
pragma: no-cache
date: Wed, 16 Feb 2022 02:34:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame F7E5
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6976100672220240395

43 B
370 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6976100672220240395

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 02:34:42 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1825080
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Feb 2022 02:34:43 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a3cfd5a8-0dba-4f10-91a9-950582f2e5ff
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6976100672220240395
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 scribe Show response
stats.vidalytics.com/ 16 B
32 B 130ms
121ms XHR
application/json 34.107.158.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.158.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.158.107.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
DATA 200
OK truncated
/ 696 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/480x270_vp9_78750/ 459 B
750 B 164ms
163ms XHR
video/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/480x270_vp9_78750/init.mp4
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e203e74d4a1212d8d38b6a7bf258bdc8aa41fcc505937ec844cae6b01ca693aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdvjybM8guJ7qHRZdezdGxx0zzSJXzPZqanyboUnI5ufeciaz_AAcfMEeLaBpFAcER2jw0pP8U2OA5UM3Q7kkk7E5Q6yPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: video/mp4
content-length: 459
last-modified: Wed, 26 Jan 2022 16:26:44 GMT
server: cloudflare
etag: "8c1bc2e15b881495d42567c8ebdeb094"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=SgG/hw==, md5=jBvC4VuIFJXUJWfI696wlA==
x-goog-generation: 1643214404576131
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 459
accept-ranges: bytes
cf-ray: 6de360e5ce4259bf-MXP
expires: Tue, 24 Jan 2023 05:10:33 GMT

GET
H2 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/ 606 B
879 B 24ms
24ms XHR
audio/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/init.mp4
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cf-cache-status: HIT
age: 221565
x-guploader-uploadid: ADPycdtk9ZC-u6mJWAvtM_qRqV4bFoIijLReLaTBceJ0npXk057oqNT_5SM7rwf7dK_g6fwBebthYf9OobRqlUWWXZU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: audio/mp4
content-length: 606
last-modified: Wed, 26 Jan 2022 16:26:48 GMT
server: cloudflare
etag: "af3d86596c83ba8ac236796a59f6d6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
x-goog-generation: 1643214408810493
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 606
accept-ranges: bytes
cf-ray: 6de360e5ce4459bf-MXP
expires: Mon, 23 Jan 2023 21:48:37 GMT

POST
H3 200 scribe Show response
stats.vidalytics.com/ 16 B
32 B 125ms
125ms XHR
application/json 34.107.158.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.vidalytics.com/scribe
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.158.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.158.107.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 200 s_0.webm Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/480x270_vp9_78750/ 38 KB
39 KB 250ms
250ms XHR
video/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/480x270_vp9_78750/s_0.webm
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a13aa8d1f16b27228ddf9ba443a8c56d09cc214b31b1a55a05196ed3281ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdsKNUnyaLzt3C5kYdZ3qiuha1_Sh2Ow3Dx4_pG7a65Vh51oaJ99y0tB9HK6XEPhXdLgJe0CW4f-DqKxceRc-NM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: video/mp4
content-length: 39255
last-modified: Wed, 26 Jan 2022 16:26:44 GMT
server: cloudflare
etag: "baa0fbf46dbf2ef8ecae724b352f6199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=pLX/Cg==, md5=uqD79G2/LvjsrnJLNS9hmQ==
x-goog-generation: 1643214404764630
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 39255
accept-ranges: bytes
cf-ray: 6de360e7582159bf-MXP
expires: Tue, 24 Jan 2023 05:10:37 GMT

GET
H2 200 s_0.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/ 47 KB
47 KB 253ms
253ms XHR
audio/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/s_0.m4s
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8681322499631d7cf3855a7a3277a54b7224502221d3be8862f0b871e3321998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdvI_sOKFDtWIXwoBTV7B1BLoUD5pgZOHTqVNInHyxwuQZMaTgzV1GpPahr3ryu_t3uXCR768dC36zHfoZAMt1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: audio/mp4
content-length: 48257
last-modified: Wed, 26 Jan 2022 16:26:49 GMT
server: cloudflare
etag: "da92270963880e51ef8781748a4a0f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=77b3Kg==, md5=2pInCWOIDlHvh4F0ikoPXQ==
x-goog-generation: 1643214409004609
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 48257
accept-ranges: bytes
cf-ray: 6de360e7582359bf-MXP
expires: Mon, 23 Jan 2023 21:48:38 GMT

GET
H2 200 s_1.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/ 46 KB
47 KB 245ms
244ms XHR
audio/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/s_1.m4s
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616f53cff47a990482c967fec83ccd864a4b7ffd1c4fe1230809d2d4d952d2ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:44 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycduSsxk_-woElYLY2PJJcKd-Tle51FmLk2AUrNe0uIExBuMhP1mVHG4FJ-d5PAq5jqsFcczuZ3vE8jXnbiCqI4o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: audio/mp4
content-length: 47612
last-modified: Wed, 26 Jan 2022 16:26:49 GMT
server: cloudflare
etag: "4f0ed20bc444a7af16d65fd8f4a649da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=VjYt8A==, md5=Tw7SC8REp68W1l/Y9KZJ2g==
x-goog-generation: 1643214409062363
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47612
accept-ranges: bytes
cf-ray: 6de360e92a0f59bf-MXP
expires: Mon, 23 Jan 2023 21:48:39 GMT

POST
H2 204 impression Show response
licensing.bitmovin.com/ 0
41 B 18ms
18ms XHR
application/json 2600:1901:0:df23::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://licensing.bitmovin.com/impression
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 02:34:44 GMT
via: 1.1 google
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc: clear
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 72ms
72ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.48.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
alt-svc: clear
server: v1.48.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 70ms
70ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.48.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
alt-svc: clear
server: v1.48.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

POST
H2 204 analytics Show response
analytics-ingress-global.bitmovin.com/ 0
42 B 69ms
69ms XHR
application/json 35.190.27.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-ingress-global.bitmovin.com/analytics
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.27.190.35.bc.googleusercontent.com
Software: v1.48.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://floraspring.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Feb 2022 02:34:43 GMT
via: 1.1 google
alt-svc: clear
server: v1.48.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

GET
H2 200 init.mp4 Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/ 459 B
734 B 170ms
169ms XHR
video/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/init.mp4
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830343d1d63d4cdd5272bded3870fa1f4f8a2093335f2a295b94b43d3f5e3468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:44 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdtP8jG_s2JeDaEHckSANAVE8f0a1DCjemZSRS1deOVq5k99x-FmlC_ID7IZ4F_4b-nKQj7jAIkGhvVjdKO38SiEMtutNw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: video/mp4
content-length: 459
last-modified: Wed, 26 Jan 2022 16:27:12 GMT
server: cloudflare
etag: "a3725d50570be6b4e9e147c686fc217d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=i1gvzQ==, md5=o3JdUFcL5rTp4UfGhvwhfQ==
x-goog-generation: 1643214432654517
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 459
accept-ranges: bytes
cf-ray: 6de360eb5ca259bf-MXP
expires: Sat, 28 Jan 2023 22:36:21 GMT

GET
H2 200 s_1.webm Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/ 882 KB
883 KB 294ms
294ms XHR
video/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/s_1.webm
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df341900a83f118ce931e63a299511829d63b15a4b86f19480417d397818baea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:44 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdvnqUwfakzzWTKjYJcC7kseuFpV_kWj6Py6diHdPKKrmU7Jj7YTU2km6jk3bPUySV_JWEcVFje_j4FJTxpy85U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: video/mp4
content-length: 902715
last-modified: Wed, 26 Jan 2022 16:28:16 GMT
server: cloudflare
etag: "182215d1fcf953c9d352f648a3f220f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=j8QwIw==, md5=GCIV0fz5U8nTUvZIo/Ig8A==
x-goog-generation: 1643214496105047
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 902715
accept-ranges: bytes
cf-ray: 6de360ecde4859bf-MXP
expires: Mon, 23 Jan 2023 21:48:39 GMT

GET
H2 200 s_2.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/ 46 KB
47 KB 36ms
36ms XHR
audio/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/s_2.m4s
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183ce241734a28f409437892012ca23adbfffe177d9214a45c47ac8db2ed842a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:45 GMT
cf-cache-status: HIT
age: 221566
x-guploader-uploadid: ADPycdv0n4syNk0heta-qj-l2TIuLvbubN4mqDRnlRrHYE_e2g94ZLTX35pibwP-aOCd5qUfOzncoxmp8dcBQQ4crT0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: audio/mp4
content-length: 47498
last-modified: Wed, 26 Jan 2022 16:26:49 GMT
server: cloudflare
etag: "21e1fefdbc7c3367da8cc48226d48a17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=K257CQ==, md5=IeH+/bx8M2fajMSCJtSKFw==
x-goog-generation: 1643214409185198
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47498
accept-ranges: bytes
cf-ray: 6de360f2de3a59bf-MXP
expires: Mon, 23 Jan 2023 21:48:40 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1419346/log/3/ 0
246 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1419346/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=100&ssd=1&est=1644978881010&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1644978885568&vi=1644978881007&ri=d9ad2c1861abfe6908b4db0da15ebe8e&ref=null&cv=20220209-5-RELEASE&item-url=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1419346/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://floraspring.com
pragma: no-cache
date: Wed, 16 Feb 2022 02:34:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 s_2.webm Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/ 693 KB
694 KB 39ms
39ms XHR
video/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/s_2.webm
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f250c870ed1f51928340a0dff2734c2ed1c03c44d1df99429f1f6811517d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:45 GMT
cf-cache-status: HIT
age: 221566
x-guploader-uploadid: ADPycdu-RQkkTplT5oUWiTub3H0F3mmS3RRufWK7FRo0kx_LHwYC_bSLSu4wyu4Y1cd0JFdJbXYKRv2MKV5_EAXHUGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: video/mp4
content-length: 710035
last-modified: Wed, 26 Jan 2022 16:27:10 GMT
server: cloudflare
etag: "9cd201d51625672d1ae864177a784811"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=bmTuyQ==, md5=nNIB1RYlZy0a6GQXenhIEQ==
x-goog-generation: 1643214430794455
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 710035
accept-ranges: bytes
cf-ray: 6de360f39f0a59bf-MXP
expires: Mon, 23 Jan 2023 21:48:40 GMT

GET
H2 200 s_3.m4s Show response
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/ 47 KB
47 KB 35ms
35ms XHR
audio/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/fmp4/audio/h265_96000/s_3.m4s
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01d18e125cf386253975cb05ae722c333b6279d831e7f31442de5397d7946f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:46 GMT
cf-cache-status: HIT
age: 221567
x-guploader-uploadid: ADPycduheRslggPYF-_tUyOt043fzx9H5x3L5eDxWuGgphqMguPS5-B_ALwPjAb1sGL9yV8LmCcPDqAVasymsbBWYZ0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: audio/mp4
content-length: 47650
last-modified: Wed, 26 Jan 2022 16:26:49 GMT
server: cloudflare
etag: "a57a1c686e5e51e1ee925cb0c95908db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=V8akFw==, md5=pXocaG5eUeHuklywyVkI2w==
x-goog-generation: 1643214409352020
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 47650
accept-ranges: bytes
cf-ray: 6de360f5d9df59bf-MXP
expires: Mon, 23 Jan 2023 21:48:41 GMT

GET
H2 200 s_3.webm
quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/ 588 KB
0 292ms
292ms XHR
video/mp4 2606:4700::6810:e91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quick.vidalytics.com/video/KwmJQD4K/hYgHjsi2d0w_2itt/55663/47047/webm/video/1920x1080_vp9_1500000/s_3.webm
Requested by: Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/KwmJQD4K/b8I0XaF_d2HgXk11/player-dash-mse.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://floraspring.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:34:46 GMT
cf-cache-status: HIT
x-guploader-uploadid: ADPycdssdJGtu8yHIVC-0giAFWxEyrieNXjiEuvFOQY97ubDl4JzGmyhlibU8_JXKGMhwEzitbQA_3vsQ7PHfU9Q--I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: video/mp4
content-length: 791699
last-modified: Wed, 26 Jan 2022 16:27:13 GMT
server: cloudflare
etag: "02bfff2fd56b9484ebaf74f73236c127"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=NNrzzQ==, md5=Ar//L9VrlITrr3T3MjbBJw==
x-goog-generation: 1643214433311381
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31104000
x-goog-stored-content-length: 791699
accept-ranges: bytes
cf-ray: 6de360f63a4e59bf-MXP
expires: Mon, 23 Jan 2023 21:48:41 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 00:57:45	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 01:39:30	Name: _li_ss Value: MgkI_____wcQzRE
purehealth.ontralink.com/	1970-01-20 01:39:30	Name: sess_ Value: v3sv9whyn5tfyqp3yd
purehealth.ontralink.com/	1970-01-20 09:41:54	Name: contact_identity_id Value: 215170
purehealth.ontralink.com/	1969-12-31 23:59:59	Name: contact_id Value: 215170
.safetrkpro3.com/	1969-12-31 23:59:59	Name: sfd Value: TKsZJaoKh9DBMi1aHidL9RRQJe6q9195qSy/vktwYR8DEDfrk4G4Yg==
.safetrkpro3.com/	1970-01-20 18:27:12	Name: ti Value: 9BRg9QJB1VjBMi1aHidL9RRQJe6q9195qSy/vktwYR8DEDfrk4G4Yg==
floraspring.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4ecb378dc64fa60c0f5b93698f7049a6
floraspring.com/	1970-01-20 02:01:06	Name: affid Value: 1752
floraspring.com/	1970-01-20 03:05:54	Name: fraff1 Value: yeahaff20
.floraspring.com/	1970-01-20 09:43:21	Name: _vwo_uuid_v2 Value: DDF48D9DFAF4ABF3184B904BCB38D4E10\|48efe9e9a08428eb30fdb22fe3491429
.floraspring.com/	1970-01-20 03:05:54	Name: _gcl_au Value: 1.1.521393824.1644978881
.floraspring.com/	1970-01-20 18:27:30	Name: _ga Value: GA1.2.1356133544.1644978881
.floraspring.com/	1970-01-20 00:57:45	Name: _gid Value: GA1.2.1903393526.1644978881
.floraspring.com/	1970-01-20 00:56:18	Name: _gat_UA-113385709-1 Value: 1
.bing.com/	1970-01-20 10:17:54	Name: MUID Value: 23CC35968F4960BF10CF24DB8E9B61A6
.mfadsrvr.com/	1970-01-20 18:27:30	Name: tuuid Value: 30f340d0-74db-4cf4-a129-71cce0adb361
.mfadsrvr.com/	1970-01-20 18:27:30	Name: c Value: 1644978880
.mfadsrvr.com/	1970-01-20 18:27:30	Name: tuuid_lu Value: 1644978880
.criteo.com/	1970-01-20 10:17:54	Name: uid Value: 5bd6609f-5d2f-452f-a772-cb20ee3ae4b4
.floraspring.com/	1970-01-20 00:57:45	Name: _uetsid Value: fe3289508ed011ecaaf563385542bd9a
.floraspring.com/	1970-01-20 10:17:54	Name: _uetvid Value: fe326d608ed011eca70fdfbbaba45896
.quantserve.com/	1970-01-20 10:26:33	Name: mc Value: 620c62c1-14292-9bd0b-8114d
.floraspring.com/	1970-01-20 10:20:47	Name: __qca Value: P0-1358637728-1644978881063
.yahoo.com/	1970-01-20 09:42:16	Name: A3 Value: d=AQABBMFiDGICEPs0eJZ40waklPXq6kj2JEgFEgEBAQG0DWIWYgAAAAAA_eMAAA&S=AQAAAjwMtNLPnYXFyggkx6NanB4
.mfadsrvr.com/	1970-01-20 18:27:30	Name: ssh Value: !emx,1644978881
.floraspring.com/	1970-01-20 10:25:42	Name: cto_bundle Value: k-CKvl85UHNRZlh5OGIyU3VVQ1BGNkEzYktrczN0cTFaemtSNWNzM0E0V2hFS2lEV0FyVFhHTjhlVDBMJTJGT1B1eXMlMkYyZ1VETGQlMkJmTndsQWtMJTJGdlc2NEQzU0hlYXolMkJ0ZkElMkJsZnVubE5Vd3RHZWhsNDZNR1RJV05IWXFHV2Nvd2NKQWFLS1JhMEFRaTJZNFRmNVRYbzd4VmNJMmclM0QlM0Q
floraspring.com/	1970-01-20 00:56:19	Name: outbrain_cid_fetch Value: true
floraspring.com/	1970-01-23 16:32:58	Name: bitmovin_analytics_uuid Value: 21abe767-91e8-464c-9039-b8c21d098e59
.floraspring.com/	1970-01-20 10:26:05	Name: _scid Value: 6c0d6c40-7717-420e-be03-3e159f98599f
.rlcdn.com/	1970-01-20 09:41:54	Name: rlas3 Value: EB7lidBvi9OcXYUp5jXdf6Bo7aLDFaH9G1VJ3gJ96Ng=
.rlcdn.com/	1970-01-20 02:22:42	Name: pxrc Value: CAA=
.adnxs.com/	1970-01-20 03:05:54	Name: uuid2 Value: 6976100672220240395
.pubmatic.com/	1970-01-20 01:39:30	Name: KRTBCOOKIE_97 Value: 3385-uid:k-MvkIPseqCsGxtg1XRORkI3EUOQQGph2z8LVXmg&KRTB&23286-uid:k-MvkIPseqCsGxtg1XRORkI3EUOQQGph2z8LVXmg&KRTB&23287-uid:k-MvkIPseqCsGxtg1XRORkI3EUOQQGph2z8LVXmg&KRTB&23288-uid:k-MvkIPseqCsGxtg1XRORkI3EUOQQGph2z8LVXmg
.pubmatic.com/	1970-01-20 01:39:30	Name: PugT Value: 1644978883
.pubmatic.com/	1970-01-20 03:05:54	Name: PUBMDCID Value: 3
.3lift.com/	1970-01-20 03:05:54	Name: tluid Value: 2210107072825353152076
.doubleclick.net/	1970-01-20 10:17:54	Name: IDE Value: AHWqTUnxSs0W3uYyniSfBP-C_GeUlXZkreTkd0GkpQJUBm_C_FHdvEOU0Nn9SnSiNUU
.media.net/	1970-01-20 09:41:54	Name: visitor-id Value: 2879804838889969000V10
.media.net/	1970-01-20 01:39:30	Name: data-c-ts Value: 1644978883
.media.net/	1970-01-20 01:39:30	Name: data-c Value: k-17NSh8eqCsGxtg1XRORkI3EUOQSYU7CkU88X2Q~~3
.casalemedia.com/	1970-01-20 09:41:54	Name: CMID Value: YgxiwwpQBI15HIlp-OD84QAA
.casalemedia.com/	1970-01-20 03:05:54	Name: CMPS Value: 5223
.casalemedia.com/	1970-01-20 03:05:54	Name: CMPRO Value: 1145
.casalemedia.com/	1970-01-20 09:41:54	Name: CMRUM3 Value: 14620c62c32760k-DTNAk8eqCsGxtg1XRORkI3EUOQTKVfvGw1E52A
.casalemedia.com/	1970-01-20 00:57:45	Name: CMST Value: Ygxiw2IMYsMA
.addthis.com/	1970-01-20 10:17:54	Name: ouid Value: 620c62c30001825540e0c77487b1652fcf73a0e837203474f91c
.addthis.com/	1970-01-20 10:17:54	Name: uid Value: 620c62c3d72a3a78
.addthis.com/	1970-01-20 10:17:54	Name: na_id Value: 2022021602344336800642785939
.sharethrough.com/	1970-01-20 09:41:54	Name: stx_user_id Value: 997f84f4-ba3a-40cb-9822-c4a228f984f1
.turn.com/	1970-01-20 05:15:30	Name: uid Value: 2896580400634479181
.bidswitch.net/	1970-01-20 09:41:54	Name: tuuid Value: 50e7344c-0abd-4084-aded-94cbe68b6c1c
.bidswitch.net/	1970-01-20 09:41:54	Name: c Value: 1644978883
.bidswitch.net/	1970-01-20 09:41:54	Name: tuuid_lu Value: 1644978883
.mediawallahscript.com/	1970-01-20 18:27:30	Name: mCookie Value: ff9b1ca0-8ed0-11ec-8c8d-9342a2746d9d
.mediawallahscript.com/	1970-01-20 18:27:30	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.revcontent.com/	1970-02-07 06:56:18	Name: __ID Value: 06068c74279f405286d6bd419dc00b39
.revcontent.com/	1970-01-20 01:39:30	Name: v1_151 Value: 1
.adnxs.com/	1970-01-20 03:05:54	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Hb^wLND*!4<zRTC+=<+/ev2+ZQb1d?@$0eQsV>eY7Ljq'Xi=wc$82enh%:NO^((:B[L2)oerfoX>6zHSjOmd'AFsd/2)Ld$SLjL8z2P
.advertising.com/	1970-01-20 09:43:21	Name: APID Value: UPffa1fb10-8ed0-11ec-9745-06f93f5618ee
.snapchat.com/	1970-01-20 10:17:54	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBCQ0AMAgDQEUkPM1o5bBMBuJ3x2zx5TN4tiEUNkMaVELUcc7djQOoSdb6BzgiWsEyAAAA
.analytics.yahoo.com/	1970-01-20 09:43:21	Name: IDSYNC Value: "18zh~239e:1761~239e"
.360yield.com/	1970-01-20 03:05:54	Name: tuuid Value: cb3079d5-0293-471f-9bd2-9df396e4881b
.360yield.com/	1970-01-20 03:05:54	Name: tuuid_lu Value: 1644978883
ads.stickyadstv.com/	1970-01-20 01:39:30	Name: UID Value: e15f48606041e6c533a4dd4b0afe1b
ads.stickyadstv.com/	1970-01-20 01:39:30	Name: uid-bp-11554 Value: k-xlQLI8eqCsGxtg1XRORkI3EUOQQIdKeu1DQstQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 8a739dd8b2f9a22972529420479e1f92
.360yield.com/	1970-01-20 03:05:54	Name: um Value: !38,7eW.ToZaw7RjlY2s6schIUtm.DyKgmcM7LyHKtFhF0pZO9ORB2D-h7cfP7LxGjZfmJ0jpxJB,1652754883
.360yield.com/	1970-01-20 03:05:54	Name: umeh Value: !38,0,1707186883,-1
.outbrain.com/	1970-01-20 03:05:54	Name: obuid Value: 0072f5eb-dcb1-4739-8c23-50a490da9a15
.outbrain.com/	1970-01-20 01:39:30	Name: criteo Value: k-91wv58eqCsGxtg1XRORkI3EUOQSjcCB8HkbiPg
.postrelease.com/	1970-01-20 09:41:54	Name: opt_out Value: 1
.liadm.com/	1970-01-20 18:27:30	Name: lidid Value: 17cdea16-1830-4a49-aadc-b1c781af2626

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://treach-tutters.com/d/.js?lpref=&lpurl=https%3A%2F%2Ffloraspring.com%2Fz%2Faff_special20.php%3Fa%3D1752%26s1%3D0215ENR%26s2%3D%26s3%3D%26s4%3D%26o%3D83%26r%3D54988708%26cr%3D274%26campid%3D7204%26utm_medium%3D1752%26utm_source%3D0215ENR&lpt=Free%20Video%20-%20Limited%20Time%20Only!&t=1644978880788 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-VrwDeMeqCsGxtg1XRORkI3EUOQQW78Iv0vcwhw&ct=3&cv=1 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplify.outbrain.com
analytics-ingress-global.bitmovin.com
analytics.tiktok.com
bat.bing.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.wishpond.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dev.visualwebsiteoptimizer.com
dis.criteo.com
e1.emxdgt.com
eb2.3lift.com
floraspring.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
licensing.bitmovin.com
match.sharethrough.com
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
purehealth.ontralink.com
quick.vidalytics.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb-eu.mfadsrvr.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.yimg.com
s3.amazonaws.com
safetrkpro3.com
safetrkthree.com
sc-static.net
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
stats.vidalytics.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
treach-tutters.com
trends.revcontent.com
ups.analytics.yahoo.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.wishpond.com
x.bidswitch.net
104.126.37.144
141.226.228.48
142.250.185.98
144.202.19.192
151.101.65.44
178.250.0.163
178.250.2.146
178.250.2.151
18.185.185.183
18.192.108.151
18.194.224.200
18.195.155.181
18.209.200.15
18.66.112.126
184.30.21.112
184.30.24.121
184.30.24.22
184.31.88.106
185.33.220.241
185.64.190.80
185.86.139.114
198.7.56.175
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::13
207.148.2.105
209.170.211.179
212.82.100.181
23.218.208.246
23.218.209.87
2600:1901:0:df23::
2600:1f18:444a:4602:b51a:2bef:14:5241
2600:1f18:612b:4216:7de5:38a9:e1be:23d8
2600:9000:223c:8c00:6:44e3:f8c0:93a1
2600:9000:223f:f400:1b:5138:8a40:93a1
2606:4700::6810:e91b
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:82a::2003
2a00:1450:400e:802::2002
2a00:1450:400e:803::2008
2a00:1450:4025:402::9a
2a02:2638:1::13
2a02:2638:1::3
3.126.56.137
3.127.158.112
3.127.251.158
3.218.71.8
34.107.158.93
34.96.102.137
35.158.142.136
35.186.226.184
35.190.27.197
35.244.174.68
52.1.89.185
52.208.147.243
52.217.73.126
52.222.225.250
52.31.239.78
54.75.128.113
64.202.112.191
69.173.144.165
74.119.119.150
76.223.111.18
0039cda5a79f8ab5349dbabea8b3213a2907fa20764c160c0c696f46db2aee05
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662
183ce241734a28f409437892012ca23adbfffe177d9214a45c47ac8db2ed842a
1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749
1d1974b2deb775a420838749b71e19bb7824e685a28fa1a50e21907c5fd7e7d0
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
24f250c870ed1f51928340a0dff2734c2ed1c03c44d1df99429f1f6811517d24
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e065798bfd944481654974a125acaf680c248a16ea54ffb6f22d253529029ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3350aa32423c1610b373923a72d60233e7469d396607e44555820e679f076991
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
39422d8870a0e4c9f69578c861fa067d963adbfeacd526c4307768c45ea9fcc2
3e31a8b685a814bb494004663454d84a425d0c8425b332b7f492bf761cfdd42a
411226d65b1f2d52d634a32a1df97297c6bc9696fbe21565e731033432902523
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46338dc48d729d15a526058958ed4d6e3cde30f8fcd7978370a67abfe64c9db1
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de78f7ae6064851c4a6d700dff1e471596d28d44518f81e2cc91b07817267f6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a13aa8d1f16b27228ddf9ba443a8c56d09cc214b31b1a55a05196ed3281ea9
58e85ec5782a9ddd2bdb1398acd024726fbf206df3ddb6745b10f2a4224fa187
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5c7358b97d06c77f1641108420df9b72caf8353bf02c1e7545c12ffe8ff20bb5
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6164926a125470b01cff59c2ba9ed02589c8950b0452b2a18becb2d0bfba9222
616f53cff47a990482c967fec83ccd864a4b7ffd1c4fe1230809d2d4d952d2ad
68c2d8709f904ecc7ee539730e64faf1bac64c9ee68201af12b3b20b4013dced
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d70075b99f4145f9a3c7ab2ec03604651542ee27e8cc78f688f650e3c5aa3fa
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
79895cf3d8cc0f5b7ede0dfca3214cce0df18b3dfcf514dc289d06a2711c353a
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
830343d1d63d4cdd5272bded3870fa1f4f8a2093335f2a295b94b43d3f5e3468
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8681322499631d7cf3855a7a3277a54b7224502221d3be8862f0b871e3321998
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
94ed9063fab9f87d08210429f13be6837d804bda1b93195a1b60aea6976c7c04
96c5b7db792466a79b9ed86953e77df86977c4ebb3d83015f30f56c852395c70
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
96ebe95566363fc1f3751188337e3b36f00c91c54372bdfe0b1a28ef532fd50f
97343db10774f87a60e4c76c6fc51da9f1165e52d036694328bbb6dee539ae2f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fe794be7dc681430f70998f8de331fbb7584b66f991dfaaf3da952db63dc1c
a5a1d1bd22a59ff303258bf1193d9b2e6d7c96d25e4d7fd42b3e0cb1ed7c4f8b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
af3f350dca72e0309a29b508ce47c6a81588c1f1c4925407a397c53163d541b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c01d18e125cf386253975cb05ae722c333b6279d831e7f31442de5397d7946f3
c1154a5787899e886b9b313bf69c3302812d4f865810967d9dfb1bb964de77b1
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce997a9d3c9bc6ad191395c1c6e996190531a1e7aae1077cdcaa277463ea7c78
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df341900a83f118ce931e63a299511829d63b15a4b86f19480417d397818baea
e203e74d4a1212d8d38b6a7bf258bdc8aa41fcc505937ec844cae6b01ca693aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a92b2ae95cdfd7467123f57c4214c31b2e7580ccba79f2a05a456d7d803e93
ea18565a7caf6a465d9b9eb73d217f9c1942c2e9b86f4e985c9de2ab4e810fa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f47e9f7f2e9c4ec05f86a82619d6c487110bc34703658a68345545e96b9e7b2a
fe2317ad7743f5d8b5b0876a0824fc476a1f21f3568cfa98aa0f704bec2ef330

floraspring.com Open in urlscan Pro 198.7.56.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

86 %HTTPS

30 %IPv6

54 Domains

73 Subdomains

58 IPs

6 Countries

2847 kBTransfer

5742 kBSize

73 Cookies

3 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

floraspring.com Open in urlscan Pro
198.7.56.175 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

86 %
HTTPS

30 %
IPv6

54
Domains

73
Subdomains

58
IPs

6
Countries

2847 kB
Transfer

5742 kB
Size

73
Cookies

117 HTTP transactions
2 data transactions