www.wearfigs.com Open in urlscan Pro
13.32.121.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Effective URL:
https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&...
Submission: On August 03 via api (August 3rd 2022, 1:25:05 pm UTC) from US — Scanned from DE

Summary HTTP 429 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 116 IPs in 10 countries across 89 domains to perform 429 HTTP transactions. The main IP is 13.32.121.80, located in United States and belongs to AMAZON-02, US. The main domain is www.wearfigs.com. The Cisco Umbrella rank of the primary domain is 116519.
TLS certificate: Issued by Amazon on May 22nd 2022. Valid for: a year.

This is the only time www.wearfigs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.121.80 13.32.121.80	16509 (AMAZON-02) (AMAZON-02)
26	2606:4700::68... 2606:4700::6810:1f3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2600:9000:211... 2600:9000:211a:9000:4:6d29:5d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:dc:... 2a02:26f0:dc:187::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	104.16.255.71 104.16.255.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:223... 2600:9000:223e:b000:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.96.92.79 104.96.92.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
1	13.32.98.147 13.32.98.147	16509 (AMAZON-02) (AMAZON-02)
3	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
4	199.232.18.109 199.232.18.109	54113 (FASTLY) (FASTLY)
1	54.210.202.232 54.210.202.232	14618 (AMAZON-AES) (AMAZON-AES)
8	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a02:26f0:350... 2a02:26f0:3500:6::17d8:4dab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:dc:... 2a02:26f0:dc:18a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	18.64.78.252 18.64.78.252	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.17.76 18.66.17.76	16509 (AMAZON-02) (AMAZON-02)
20	23.36.163.224 23.36.163.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	162.243.13.175 162.243.13.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	13.32.27.35 13.32.27.35	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	18.66.112.72 18.66.112.72	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:7e00:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:a000:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
3	2600:9000:223... 2600:9000:223c:200:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.27 18.66.122.27	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:249... 2600:9000:2490:ae00:f:ee6c:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	108.138.7.91 108.138.7.91	16509 (AMAZON-02) (AMAZON-02)
2 3	54.191.207.134 54.191.207.134	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
7	2606:4700:10:... 2606:4700:10::6816:146c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
8 12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	54.210.205.155 54.210.205.155	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
12 13	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
8 13	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	104.21.58.221 104.21.58.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.4.16 99.86.4.16	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.6 13.32.121.6	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.61 99.86.4.61	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.215.95 143.204.215.95	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:246a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.58.221 65.9.58.221	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:f600:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:2800:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	52.31.191.2 52.31.191.2	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b120:4ab9:a165:6787:58f	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.19.116 107.21.19.116	14618 (AMAZON-AES) (AMAZON-AES)
2	54.215.202.231 54.215.202.231	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.34 65.9.66.34	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.23 13.32.121.23	16509 (AMAZON-02) (AMAZON-02)
4 5	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
6	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	3.73.7.113 3.73.7.113	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	18.198.159.243 18.198.159.243	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223d:ae00:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	18.196.185.162 18.196.185.162	16509 (AMAZON-02) (AMAZON-02)
3	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.185.150.140 18.185.150.140	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3	18.198.158.44 18.198.158.44	16509 (AMAZON-02) (AMAZON-02)
3	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
8	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
3	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 4	52.213.150.8 52.213.150.8	16509 (AMAZON-02) (AMAZON-02)
3	141.95.98.71 141.95.98.71	16276 (OVH) (OVH)
2 2	34.203.132.51 34.203.132.51	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:444... 2600:1f18:444a:4602:5dad:49cd:e8da:29f0	14618 (AMAZON-AES) (AMAZON-AES)
1 4	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:612... 2600:1f18:612b:4216:25d9:1223:9f5d:e330	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
3	108.128.241.23 108.128.241.23	16509 (AMAZON-02) (AMAZON-02)
3	18.224.195.6 18.224.195.6	16509 (AMAZON-02) (AMAZON-02)
2	54.170.211.103 54.170.211.103	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	104.18.7.131 104.18.7.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.14.235 104.18.14.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::6815:46f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
429	116

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

mkto-sj300004.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-80.fra60.r.cloudfront.net

www.wearfigs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6810:1f3d (United States)

ASN13335 (CLOUDFLARENET, US)

gepi.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webservices.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2600:9000:211a:9000:4:6d29:5d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

magnolia.assets.prod.wearf1gs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:187::13b8 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 104.16.255.71 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:223e:b000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.92.79 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-92-79.deploy.static.akamaitechnologies.com

a18274933994.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o241518.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.98.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-98-147.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

utils.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.18.109 (Vienna, Austria)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.202.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-202-232.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:6::17d8:4dab (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

134vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:18a::1931 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.78.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-78-252.txl50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-76.vie50.r.cloudfront.net

djnf6e5yyirys.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.36.163.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-224.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.243.13.175 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rbqnb9ch.wearfigs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-35.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-72.fra56.r.cloudfront.net

container.pepperjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:7e00:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a000:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn1.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:200:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-27.fra60.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2490:ae00:f:ee6c:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.nosto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-91.fra56.r.cloudfront.net

pix.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.191.207.134 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-207-134.us-west-2.compute.amazonaws.com

pixel.tvsciapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:146c (United States)

ASN13335 (CLOUDFLARENET, US)

widget.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 8 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.210.205.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-205-155.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638::1c (France) 12 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 8 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.58.221 (None, )

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-16.fra6.r.cloudfront.net

cdn1.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-6.fra60.r.cloudfront.net

api-cf.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-61.fra6.r.cloudfront.net

www.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:246a (United States)

ASN13335 (CLOUDFLARENET, US)

api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-221.fra56.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:f600:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2800:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:a4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.31.191.2 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-191-2.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:4ab9:a165:6787:58f (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.19.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-116.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.215.202.231 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-202-231.us-west-1.compute.amazonaws.com

ws.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-23.fra60.r.cloudfront.net

tracker.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.62 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.73.7.113 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-7-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.159.243 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-159-243.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223d:ae00:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.185.162 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-185-162.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.150.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.158.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.150.8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.132.51 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-132-51.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:444a:4602:5dad:49cd:e8da:29f0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4216:25d9:1223:9f5d:e330 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.128.241.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.224.195.6 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-195-6.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.211.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-211-103.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.7.131 (None, )

ASN13335 (CLOUDFLARENET, US)

wearfigs.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.14.235 (None, )

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:46f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

privymktg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

wearfigs.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	wearf1gs.com magnolia.assets.prod.wearf1gs.com — Cisco Umbrella Rank: 128578	847 KB
34	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2094	734 KB
29	global-e.com gepi.global-e.com — Cisco Umbrella Rank: 23738 web.global-e.com — Cisco Umbrella Rank: 19221 utils.global-e.com — Cisco Umbrella Rank: 18791 webservices.global-e.com — Cisco Umbrella Rank: 18869 s3.global-e.com — Cisco Umbrella Rank: 76994	643 KB
23	criteo.com 12 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755 sslwidget.criteo.com — Cisco Umbrella Rank: 1552 dis.criteo.com — Cisco Umbrella Rank: 699	28 KB
20	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 894	88 KB
17	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	15 KB
14	google.de www.google.de — Cisco Umbrella Rank: 5596	2 KB
14	google.com 8 redirects region1.analytics.google.com — Cisco Umbrella Rank: 5381 www.google.com — Cisco Umbrella Rank: 10	7 KB
11	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3063 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2911 i.vimeocdn.com — Cisco Umbrella Rank: 2896	286 KB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1980 ekr.zdassets.com — Cisco Umbrella Rank: 2301	441 KB
10	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3788	898 KB
10	wearfigs.com www.wearfigs.com — Cisco Umbrella Rank: 116519 rbqnb9ch.wearfigs.com — Cisco Umbrella Rank: 113980	51 KB
9	privy.com widget.privy.com — Cisco Umbrella Rank: 13987 api.privy.com — Cisco Umbrella Rank: 14222 assets.privy.com — Cisco Umbrella Rank: 20818 events.privy.com — Cisco Umbrella Rank: 23009	240 KB
9	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	27 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 434	157 KB
8	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1340	4 KB
8	affirm.com cdn1.affirm.com — Cisco Umbrella Rank: 5811 api-cf.affirm.com — Cisco Umbrella Rank: 5910 www.affirm.com — Cisco Umbrella Rank: 5650 tracker.affirm.com — Cisco Umbrella Rank: 6487	202 KB
7	adscale.de 4 redirects ih.adscale.de — Cisco Umbrella Rank: 1323 cotads.adscale.de — Cisco Umbrella Rank: 2588	3 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 898	2 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 653 sync-t1.taboola.com — Cisco Umbrella Rank: 1048 trc-events.taboola.com — Cisco Umbrella Rank: 1491	20 KB
7	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 3458 rp.liadm.com — Cisco Umbrella Rank: 1709 rp4.liadm.com — Cisco Umbrella Rank: 8285 i.liadm.com — Cisco Umbrella Rank: 576 i6.liadm.com — Cisco Umbrella Rank: 1609	14 KB
7	cloudfront.net djnf6e5yyirys.cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	73 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 763	2 KB
6	adnxs.com 4 redirects acdn.adnxs.com — Cisco Umbrella Rank: 584 ib.adnxs.com — Cisco Umbrella Rank: 238	8 KB
6	akamaized.net 134vod-adaptive.akamaized.net — Cisco Umbrella Rank: 99545	17 MB
5	nosto.com connect.nosto.com — Cisco Umbrella Rank: 14756	95 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4168 wearfigs.attn.tv — Cisco Umbrella Rank: 184981	126 KB
4	zendesk.com wearfigs.zendesk.com — Cisco Umbrella Rank: 149703	2 KB
4	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757	599 B
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	3 KB
4	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	730 B
4	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 649	2 KB
4	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 713	4 KB
4	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
4	bidr.io 2 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6157	2 KB
4	friendbuy.com cdn1.friendbuy.com — Cisco Umbrella Rank: 28337 ws.friendbuy.com — Cisco Umbrella Rank: 34334	11 KB
4	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3022 heapanalytics.com — Cisco Umbrella Rank: 2533	50 KB
4	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1722 vimeo.com — Cisco Umbrella Rank: 1598 player-telemetry.vimeo.com — Cisco Umbrella Rank: 7250	11 KB
3	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1303	801 B
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 502	1012 B
3	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2996	547 B
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	3 KB
3	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1273	445 B
3	adform.net cm.adform.net — Cisco Umbrella Rank: 1657	484 B
3	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 411	418 B
3	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1422	516 B
3	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605	489 B
3	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 521	103 B
3	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 326	717 B
3	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 610	373 B
3	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 686	598 B
3	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1184	120 B
3	media.net contextual.media.net — Cisco Umbrella Rank: 526	2 KB
3	tvsciapi.com 2 redirects pixel.tvsciapi.com — Cisco Umbrella Rank: 61555	843 B
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 6732	8 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803	68 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 google-analytics.com — Cisco Umbrella Rank: 43	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	234 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 660 a18274933994.cdn.optimizely.com — Cisco Umbrella Rank: 145988 logx.optimizely.com — Cisco Umbrella Rank: 1187	86 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 309	107 B
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1986	439 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	315 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2440	18 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 469	622 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 756	20 KB
1	privymktg.com 1 redirects privymktg.com — Cisco Umbrella Rank: 22227	1 KB
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 3718	252 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 14684	153 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	9 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2143	256 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 5383	232 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 5837	301 B
1	getrockerbox.com getrockerbox.com — Cisco Umbrella Rank: 4662	674 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1411	157 B
1	pix.pub pix.pub — Cisco Umbrella Rank: 6019	411 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2371	6 KB
1	pbbl.co cdn.pbbl.co — Cisco Umbrella Rank: 9344
1	pepperjam.com container.pepperjam.com — Cisco Umbrella Rank: 9477	9 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1300	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	14 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 952	8 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 878	69 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2243	39 KB
1	sentry.io o241518.ingest.sentry.io — Cisco Umbrella Rank: 110538	278 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 730	437 B
1	mkto-sj300004.com mkto-sj300004.com	1 KB
429	89

	Domain	Requested by
41	magnolia.assets.prod.wearf1gs.com	www.wearfigs.com gepi.global-e.com
34	cdn.shopify.com	www.wearfigs.com
20	analytics.tiktok.com	gepi.global-e.com analytics.tiktok.com
14	www.google.de
14	webservices.global-e.com	gepi.global-e.com webservices.global-e.com
13	www.google.com	8 redirects
13	gum.criteo.com	12 redirects gepi.global-e.com
12	googleads.g.doubleclick.net	8 redirects gepi.global-e.com
10	images.ctfassets.net	www.wearfigs.com
9	static.zdassets.com	gepi.global-e.com static.zdassets.com
9	www.googleadservices.com	gepi.global-e.com
9	cdn.cookielaw.org	www.wearfigs.com cdn.cookielaw.org gepi.global-e.com magnolia.assets.prod.wearf1gs.com
8	ad.yieldlab.net	mkto-sj300004.com
8	gepi.global-e.com	www.wearfigs.com gepi.global-e.com
7	tr.snapchat.com	magnolia.assets.prod.wearf1gs.com
7	rbqnb9ch.wearfigs.com	gepi.global-e.com
7	fresnel.vimeocdn.com	f.vimeocdn.com
6	assets.privy.com	gepi.global-e.com
6	dis.criteo.com
6	ct.pinterest.com	magnolia.assets.prod.wearf1gs.com
6	134vod-adaptive.akamaized.net	f.vimeocdn.com
5	ib.adnxs.com	4 redirects
5	connect.nosto.com	gepi.global-e.com magnolia.assets.prod.wearf1gs.com
4	wearfigs.zendesk.com	static.zdassets.com
4	ad.sxp.smartclip.net	1 redirects mkto-sj300004.com
4	dpm.demdex.net	1 redirects
4	ups.analytics.yahoo.com	1 redirects mkto-sj300004.com
4	ad.360yield.com	1 redirects mkto-sj300004.com
4	r.casalemedia.com	1 redirects mkto-sj300004.com
4	ih.adscale.de	4 redirects
4	x.bidswitch.net	1 redirects mkto-sj300004.com
4	segment.prod.bidr.io	2 redirects
3	s.thebrighttag.com
3	beacon.krxd.net
3	criteo-partners.tremorhub.com	mkto-sj300004.com
3	id5-sync.com	mkto-sj300004.com
3	visitor.omnitagjs.com	mkto-sj300004.com
3	cm.adform.net	mkto-sj300004.com
3	eb2.3lift.com	mkto-sj300004.com
3	criteo-sync.teads.tv	mkto-sj300004.com
3	sync-t1.taboola.com	mkto-sj300004.com
3	rtb-csync.smartadserver.com	mkto-sj300004.com
3	match.sharethrough.com	mkto-sj300004.com
3	pixel.rubiconproject.com	mkto-sj300004.com
3	simage2.pubmatic.com	mkto-sj300004.com
3	sync.outbrain.com	mkto-sj300004.com
3	exchange.mediavine.com	mkto-sj300004.com
3	contextual.media.net	mkto-sj300004.com
3	cotads.adscale.de
3	cm.g.doubleclick.net	3 redirects
3	sslwidget.criteo.com	gepi.global-e.com
3	www.affirm.com	magnolia.assets.prod.wearf1gs.com cdn1.affirm.com
3	heapanalytics.com
3	pixel.tvsciapi.com	2 redirects
3	api.fouanalytics.com	gepi.global-e.com magnolia.assets.prod.wearf1gs.com
3	cdn.attn.tv	gepi.global-e.com
3	cdn1.affirm.com	gepi.global-e.com www.affirm.com
3	d2hrivdxn8ekm8.cloudfront.net	gepi.global-e.com
3	s3.global-e.com
3	www.googletagmanager.com	gepi.global-e.com
3	f.vimeocdn.com	player.vimeo.com
3	utils.global-e.com	www.wearfigs.com
3	www.wearfigs.com	mkto-sj300004.com magnolia.assets.prod.wearf1gs.com
2	fonts.googleapis.com	gepi.global-e.com
2	trc-events.taboola.com	magnolia.assets.prod.wearf1gs.com
2	wearfigs.attn.tv	magnolia.assets.prod.wearf1gs.com
2	idsync.rlcdn.com
2	sync-criteo.ads.yieldmo.com	mkto-sj300004.com
2	i6.liadm.com
2	i.liadm.com	2 redirects
2	www.facebook.com
2	ws.friendbuy.com	magnolia.assets.prod.wearf1gs.com
2	us-central1-adaptive-growth.cloudfunctions.net	magnolia.assets.prod.wearf1gs.com
2	cdn1.friendbuy.com	magnolia.assets.prod.wearf1gs.com
2	stats.g.doubleclick.net	www.googletagmanager.com magnolia.assets.prod.wearf1gs.com
2	pixel.tapad.com	2 redirects
2	connect.facebook.net	gepi.global-e.com
2	bat.bing.com	gepi.global-e.com
2	www.google-analytics.com	gepi.global-e.com magnolia.assets.prod.wearf1gs.com
2	s.pinimg.com	gepi.global-e.com
2	player.vimeo.com	gepi.global-e.com mkto-sj300004.com
1	ekr.zdassets.com	magnolia.assets.prod.wearf1gs.com
1	google-analytics.com
1	privymktg.com	1 redirects
1	events.privy.com	magnolia.assets.prod.wearf1gs.com
1	events.attentivemobile.com	cdn.attn.tv
1	a.twiago.com
1	cdnjs.cloudflare.com	cdn1.affirm.com
1	tracker.affirm.com	cdn1.affirm.com
1	vc.hotjar.io	magnolia.assets.prod.wearf1gs.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	action.media6degrees.com
1	action.dstillery.com	1 redirects
1	d1lu3pmaz2ilpx.cloudfront.net	magnolia.assets.prod.wearf1gs.com
1	d330aiyvva2oww.cloudfront.net	magnolia.assets.prod.wearf1gs.com
1	dvqigh9b7wa32.cloudfront.net	magnolia.assets.prod.wearf1gs.com
1	api.privy.com	magnolia.assets.prod.wearf1gs.com
1	vars.hotjar.com	gepi.global-e.com
1	mug.criteo.com
1	api-cf.affirm.com	magnolia.assets.prod.wearf1gs.com
1	trc.taboola.com	gepi.global-e.com
1	getrockerbox.com	gepi.global-e.com
1	acdn.adnxs.com	gepi.global-e.com
1	script.hotjar.com	gepi.global-e.com
1	alb.reddit.com
1	region1.analytics.google.com	www.googletagmanager.com
1	widget.privy.com	gepi.global-e.com
1	pix.pub
1	cdn.pdst.fm	gepi.global-e.com
1	cdn.taboola.com	gepi.global-e.com
1	cdn.pbbl.co	gepi.global-e.com
1	b-code.liadm.com	gepi.global-e.com
1	static.hotjar.com	gepi.global-e.com
1	container.pepperjam.com	gepi.global-e.com
1	www.redditstatic.com	gepi.global-e.com
1	cdn.heapanalytics.com	gepi.global-e.com
1	djnf6e5yyirys.cloudfront.net	gepi.global-e.com
1	static.criteo.net	gepi.global-e.com
1	sc-static.net	gepi.global-e.com
1	unpkg.com	gepi.global-e.com
1	player-telemetry.vimeo.com	f.vimeocdn.com
1	i.vimeocdn.com	player.vimeo.com
1	logx.optimizely.com	magnolia.assets.prod.wearf1gs.com
1	vimeo.com	f.vimeocdn.com
1	www.datadoghq-browser-agent.com	gepi.global-e.com
1	o241518.ingest.sentry.io	magnolia.assets.prod.wearf1gs.com
1	a18274933994.cdn.optimizely.com	gepi.global-e.com
1	web.global-e.com	gepi.global-e.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.optimizely.com	www.wearfigs.com
1	mkto-sj300004.com
429	132

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.opera.com
www.apple.com
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.com
www.youtube.com
help.wearfigs.com
wearfigs.attn.tv
ir.wearfigs.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
mkto-sj300004.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-14`	a year	crt.sh
wearfigs.com Amazon	`2022-05-22` - `2023-06-20`	a year	crt.sh
*.global-e.com Sectigo RSA Organization Validation Secure Server CA	`2022-05-02` - `2023-06-02`	a year	crt.sh
assets.prod.wearf1gs.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
cdn.shopify.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-01` - `2023-03-31`	a year	crt.sh
utils.global-e.com GTS CA 1D4	`2022-07-24` - `2022-10-22`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-03-18` - `2023-03-17`	a year	crt.sh
logx.optimizely.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-06-07` - `2022-09-05`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
rbqnb9ch.wearfigs.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
*.pepperjam.com Go Daddy Secure Certificate Authority - G2	`2022-01-29` - `2023-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-12` - `2022-08-10`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
cdn1.affirm.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.attn.tv Amazon	`2022-04-04` - `2023-05-02`	a year	crt.sh
*.pbbl.co Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
*.nosto.com Amazon	`2022-02-02` - `2023-03-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-06-12` - `2022-09-10`	3 months	crt.sh
pix.pub Amazon	`2022-01-11` - `2023-02-08`	a year	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
getrockerbox.com Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-12`	a year	crt.sh
*.friendbuy.com Amazon	`2022-03-29` - `2023-04-26`	a year	crt.sh
affirm.com Amazon	`2021-12-22` - `2023-01-18`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.sxp.smartclip.net GTS CA 1D4	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.360yield.com Amazon	`2022-06-29` - `2023-07-28`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
attn.tv Cloudflare Inc ECC CA-3	`2022-01-03` - `2023-01-02`	a year	crt.sh
attentivemobile.com Cloudflare Inc ECC CA-3	`2021-11-22` - `2022-11-21`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
wearfigs.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Frame ID: A5414EAA21ECCDB60A00F556C576C58D
Requests: 282 HTTP requests in this frame

Frame: https://a18274933994.cdn.optimizely.com/client_storage/a18274933994.html
Frame ID: FD42812459E8343D54E2480499B392E7
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0
Frame ID: ED108DDE1D0A78DE0F8661363AF60FE1
Requests: 21 HTTP requests in this frame

Frame: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
Frame ID: 0B8ED09F129B1B1216CBE8D5B1165C60
Requests: 14 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cfc785d1-a6c1-4b34-bdee-2b6334c192e8&_scsid=f15c22d3-4469-4224-a342-e7318142fd13&_sclid=3e347e5f-cf79-46f6-8675-499d076277a6
Frame ID: EE3F6D0FB9BFA92EAA685F47A0AA9154
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 75C6CAFF56EDDA11C3C5BE0055B654A4
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: E566B73A4ED1B7B374A0579B7975C2A4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.wearfigs.com&origin=onetag
Frame ID: FB4886201D218A902924759AECE923AD
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: F3426552B2E8D87C61B388CD89054638
Requests: 1 HTTP requests in this frame

Frame: https://www.affirm.com/apps/toast/
Frame ID: 7AC4325FD0F2E7690023B76578F83882
Requests: 4 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30
Frame ID: F9F0A28FA269DB40F9EEC57AA68118DD
Requests: 30 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A07A2175338E1ED34FD2462A44991401
Requests: 1 HTTP requests in this frame

Frame: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA
Frame ID: 00F8E04B709835EFCCA9F4CFD8402AAE
Requests: 30 HTTP requests in this frame

Frame: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA
Frame ID: C795DF010F0AF402FC8351E4CF7D5A3D
Requests: 30 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-b71a7ee60b36e20dd8c1.js
Frame ID: 8999F2C872246DA75F5175ADBBB1D0D0
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FIGS Scrubs Official Site - Medical Uniforms & ApparelBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCq... Page URL
https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=cu... Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Global-e (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

web\.global-e\.com

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Nosto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

connect\.nosto\.\w+/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

429
Requests

90 %
HTTPS

35 %
IPv6

89
Domains

132
Subdomains

116
IPs

10
Countries

23165 kB
Transfer

34333 kB
Size

124
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.opera.com/
Title: Opera

Search URL Search Domain Scan URL

URL: https://www.apple.com/safari/
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wearFIGS/
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/wearFIGS/
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wearFIGS/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wearFIGS/
Title: pinterest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/wearFIGS/
Title: youtube

Search URL Search Domain Scan URL

URL: https://help.wearfigs.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://wearfigs.attn.tv/p/8Nr/landing-page
Title: Sign up for Texts

Search URL Search Domain Scan URL

URL: https://help.wearfigs.com/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://ir.wearfigs.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo= Page URL
https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 162

https://pixel.tvsciapi.com/pixel?l=tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc&gtmcb=650560403 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3280&partner_device_id=tvs-55441270-3871-4862-b8fd-d6d9662ecf32&partner_url=https://pixel.tvsciapi.com/tapadcallback/tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc/?id=${TA_DEVICE_ID}&partner=TAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3280&partner_device_id=tvs-55441270-3871-4862-b8fd-d6d9662ecf32&partner_url=https://pixel.tvsciapi.com/tapadcallback/tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc/?id=${TA_DEVICE_ID}&partner=TAPAD HTTP 302
https://pixel.tvsciapi.com/tapadcallback/tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc/?id=365b7151-d305-4c12-9492-5599deb432f5 HTTP 302
https://pixel.tvsciapi.com/static/attributionengine/images/pixel.png

Request Chain 209

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYrzaF56X1gbE0bCoCQ&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHZrQU-kxCSInQ-cmX8nEzyKFka3kLrsMmQ HTTP 302
https://www.google.com/pagead/1p-conversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrzaF56X1gbE0bCoCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHfhXByAnpcm9V-wfMU0rFv-9wNq0siTEYw&random=3408216409&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrzaF56X1gbE0bCoCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHfhXByAnpcm9V-wfMU0rFv-9wNq0siTEYw&random=3408216409&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 210

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYvDsF6PGxgL4-ruQDA&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHW6Y7ryUX8EH-9YIMg4ADP9x3OhMv339tg HTTP 302
https://www.google.com/pagead/1p-conversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvDsF6PGxgL4-ruQDA&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHSPGwQ4rrnEhgUMs5lQo2yPYHZGnUydU3w&random=3386617410&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvDsF6PGxgL4-ruQDA&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHSPGwQ4rrnEhgUMs5lQo2yPYHZGnUydU3w&random=3386617410&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 211

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYoPoF4Ow1gbyxJTIBQ&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHUMix4iXgAToLp2pZP3DLfwXeNaBPsz4Dw HTTP 302
https://www.google.com/pagead/1p-conversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYoPoF4Ow1gbyxJTIBQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHdjPEC4J6WKDkwFJzzAtXUl22uZstYTRAQ&random=605012482&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYoPoF4Ow1gbyxJTIBQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHdjPEC4J6WKDkwFJzzAtXUl22uZstYTRAQ&random=605012482&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 212

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYtPeF5fO1garvq-oCQ&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHTewKsGLwyvwoYGEdEagZsaR4OiUG5wzPg HTTP 302
https://www.google.com/pagead/1p-conversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYtPeF5fO1garvq-oCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHZ-Cmj6RwFq0MJGtKdmv06TzkyhP3lYLgQ&random=312637878&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYtPeF5fO1garvq-oCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHZ-Cmj6RwFq0MJGtKdmv06TzkyhP3lYLgQ&random=312637878&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 213

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYvXaF_W_mLAPr8-EyA0&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHaGoBXMASUx7C9KuU6vVrvA3LCqF24pLiw HTTP 302
https://www.google.com/pagead/1p-conversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvXaF_W_mLAPr8-EyA0&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHRejpuTa-DLrrVhiQq0CBPsPAufGqaMELg&random=244938892&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvXaF_W_mLAPr8-EyA0&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHRejpuTa-DLrrVhiQq0CBPsPAufGqaMELg&random=244938892&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 214

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYuTYF8L5xwKb7p64Aw&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHRPj4t1mCxO-spG7q5b00FKL0sWHwMuQLA HTTP 302
https://www.google.com/pagead/1p-conversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYuTYF8L5xwKb7p64Aw&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHYYUIu4TAVDUl7QCuSkNu7dB9HGGLhJiPQ&random=2570388676&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYuTYF8L5xwKb7p64Aw&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHYYUIu4TAVDUl7QCuSkNu7dB9HGGLhJiPQ&random=2570388676&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 215

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYsXqF8uT1wbI_oewDg&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHQKu2cbamYDipe9_sH5IOigumSy_ddNMng HTTP 302
https://www.google.com/pagead/1p-conversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYsXqF8uT1wbI_oewDg&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHXSoAf2-cE6gHFCO2DYtUr6zoTCprdWcxw&random=3334916676&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYsXqF8uT1wbI_oewDg&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHXSoAf2-cE6gHFCO2DYtUr6zoTCprdWcxw&random=3334916676&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 216

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KHfqYrbgF5GsmLAP1d6Y4Ac&sscte=1&crd=&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHVFEA455IDJLXvBYwsupSaEBkfuwO_k7xA HTTP 302
https://www.google.com/pagead/1p-conversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrbgF5GsmLAP1d6Y4Ac&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHbVhxAp3v0OfY13-YteyCbder-VxRtkWeQ&random=2936740915&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrbgF5GsmLAP1d6Y4Ac&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHbVhxAp3v0OfY13-YteyCbder-VxRtkWeQ&random=2936740915&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 229

https://gum.criteo.com/sid/json?origin=onetag&domain=wearfigs.com&sn=ChromeSyncframe&so=0&topUrl=www.wearfigs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5fYXHHxISUM4VWZuUnZyekZkYUJBRWhkcmxHRzkzYjdIbFBZL05RQW1SenhXbmF6K05POHFTQm9FcnltbXphbTFjaW1pQUxZNTdUWFNiREtQekZHVlc4TTZZdmN6UWY3a3lZSzJuYmtOSWo5c3pxWWFJYVhXM01sQzBSS3NKM0toQ3dWRlJJcEN0aWx5VlhBL2lIbS93MHdvTjg5VmErNlZVeU43WTB1TzI3REhiMFJEWVlaTmM1UzU3SlIyT002L08vY2xYVm95QmJ3WlkwN0dIWlVwL0Q3QmVpYTB5Uit3R1IyRHlvRXlPRjBKc2pNUUdGZzJveDIwUkd3UE1DTWlvS1FsYW4xUURlT3FJQ29lOGJPUGhDWHdyUT09fA&cppv=2

Request Chain 250

https://action.dstillery.com/orbserv/nsjs?adv=cl164979812909943&ns=6868&nc=Figs_SV&ncv=68&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl164979812909943&ns=6868&nc=Figs_SV&ncv=68&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 251

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-972&value=&uncacheplz=7884675744 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-972&value=&uncacheplz=7884675744&_bee_ppp=1

Request Chain 252

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=1260751434 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=1260751434&_bee_ppp=1

Request Chain 253

https://rp.liadm.com/j?dtstmp=1659533096855&aid=a-04bo&se=e30&duid=c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc&tna=v2.4.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&wpn=lc-bundle&refr=https%3A%2F%2Fmkto-sj300004.com%2F&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWFyZmlncy5jb20vIj48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iU2hvcCBGSUdTIGZvciBjb21mb3J0YWJsZSBkZXNpZ25lciBzY3J1YnMgYW5kIG1lZGljYWwgYXBwYXJlbCB0aGF04oCZcyAxMDAlIGF3ZXNvbWUuIFRvbnMgb2YgY29sb3JzIGFuZCBmYXNoaW9uYWJsZSBzdHlsZXMuIEdldCByZWFkeSB0byBsb3ZlIHlvdXIgc2NydWJzISI-PHRpdGxlPkJhY2sgQnV0dG9uPC90aXRsZT48dGl0bGU-U2VhcmNoIEljb248L3RpdGxlPjx0aXRsZT5GaWx0ZXIgSWNvbjwvdGl0bGU- HTTP 302
https://rp4.liadm.com/j?dtstmp=1659533096855&aid=a-04bo&se=e30&duid=c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc&tna=v2.4.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&wpn=lc-bundle&refr=https%3A%2F%2Fmkto-sj300004.com%2F&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWFyZmlncy5jb20vIj48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iU2hvcCBGSUdTIGZvciBjb21mb3J0YWJsZSBkZXNpZ25lciBzY3J1YnMgYW5kIG1lZGljYWwgYXBwYXJlbCB0aGF04oCZcyAxMDAlIGF3ZXNvbWUuIFRvbnMgb2YgY29sb3JzIGFuZCBmYXNoaW9uYWJsZSBzdHlsZXMuIEdldCByZWFkeSB0byBsb3ZlIHlvdXIgc2NydWJzISI-PHRpdGxlPkJhY2sgQnV0dG9uPC90aXRsZT48dGl0bGU-U2VhcmNoIEljb248L3RpdGxlPjx0aXRsZT5GaWx0ZXIgSWNvbjwvdGl0bGU-&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTA%3D&n3pc=true

Request Chain 284

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_cm&google_hm=ay03S0t0MUUwSWVjZk9YWTI3V01wbkZzbGhNVkJKdEpuSG1qX1FGQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

Request Chain 286

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

Request Chain 287

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=660e44db6f974a10b1de7112d31d1ad4 HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302

Request Chain 288

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg&C=1

Request Chain 289

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA

Request Chain 300

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ&verify=true

Request Chain 304

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mKy7fgPzWdxqOWQgnhanMM1bofPJ4uCI HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mKy7fgPzWdxqOWQgnhanMM1bofPJ4uCI

Request Chain 306

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg

Request Chain 307

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA&ang_testid=1

Request Chain 322

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=YJSKNRpKShfz40jlN6HQ8ArQe62zZNhY

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_cm&google_hm=ay03S0t0MUUwSWVjZk9YWTI3V01wbkZzbGhNVkJKdEpuSG1qX1FGQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

Request Chain 328

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

Request Chain 329

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302

Request Chain 344

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg

Request Chain 345

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aG_HDmn91R2O2s0_5yF9awE3-07WRk2P

Request Chain 355

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_cm&google_hm=ay03S0t0MUUwSWVjZk9YWTI3V01wbkZzbGhNVkJKdEpuSG1qX1FGQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

Request Chain 356

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

Request Chain 357

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302

Request Chain 374

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=u2TYGimbyhB5xreL3g_3cOLXbtbMXcS0

Request Chain 384

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=DJ3oap2hoH5yYM0mo4fHkvyJFI75383-

Request Chain 385

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZA6Huj2X_q-zzmmmtr9GltF6HWkUHNyW

Request Chain 388

https://privymktg.com/collect?v=1&cid=122c33d3-00ca-464c-ac75-46df4c6bdc94&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dr=https%3A%2F%2Fmkto-sj300004.com%2F&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=6673183962074762 HTTP 302
https://google-analytics.com/collect?v=1&cid=122c33d3-00ca-464c-ac75-46df4c6bdc94&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dr=https%3A%2F%2Fmkto-sj300004.com%2F&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=6673183962074762

Request Chain 395

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=BIQQNeDObTzEf5cxPIqf261OISrzFs-S

Request Chain 396

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=6vWTAg7xGSqbrqMg4rjVljqe5CdIHRuX

Request Chain 397

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TBDxO9x5HaTw6z21I-zPUPPQbkGdh1FD

Request Chain 402

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vb9PcZWKSNM8rsETuxW9Zb7RGnH6QE27

Request Chain 415

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Uk36xnxXiFcqfkq1SchackVoAinlN6Pr

429 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
mkto-sj300004.com/ 608 B
1 KB 475ms
220ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-DkdraJJ379EeXh228+8hFjQD7VkRlTjkOq5CGib6nfo=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 734f604928c59969-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-DkdraJJ379EeXh228+8hFjQD7VkRlTjkOq5CGib6nfo=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Wed, 03 Aug 2022 13:24:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: e83b2c1cd2a44b21

GET
H2 200 Primary Request / Show response
www.wearfigs.com/ 307 KB
36 KB 456ms
337ms Document
text/html 13.32.121.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-80.fra60.r.cloudfront.net
Software: envoy / Next.js
Resource Hash: d2ec21db353a25e2660262d889033f6fa3007f8df95b07acb81433796582a1e5

Request headers

Referer: https://mkto-sj300004.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, s-maxage=600, public
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 13:24:53 GMT
etag: W/"4cc8f-bNUoLJXY4GeWpeVdGahdawUBWLM"
server: envoy
vary: Accept-Encoding
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-id: QyNYNFqeswV_aYGJ857_IALRqqEcGi4obBn3MTL23bwME3L9HKyCxA==
x-amz-cf-pop: FRA60-P1
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 125
x-powered-by: Next.js

GET
H2 200 1021 Show response
gepi.global-e.com/includes/js/ 236 KB
70 KB 203ms
63ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/includes/js/1021
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b21f7900b433999dea9a9c1dd3c1b851e2da6ee09a8359d82dd6336464a1670e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
last-modified: Tue, 02 Aug 2022 15:05:19 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: GEM_JS, GEM_JS_1021
content-type: application/x-javascript; charset=utf-8
cf-cache-status: HIT
cache-control: public, max-age=1200
cf-ray: 734f604e5ffb917a-FRA
expires: Wed, 03 Aug 2022 13:44:54 GMT

GET
H2 200 1021
gepi.global-e.com/includes/css/ 3 KB
1 KB 241ms
102ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/includes/css/1021
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dfcd992429c959224b5892b9026398d0594d958f484259fa96beeefa67ce6375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
edge-cache-tag: GEM_CSS, GEM_CSS_1021
pragma: no-cache
x-aspnetmvc-version: 4.0
last-modified: Tue, 02 Aug 2022 15:34:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-store
cf-polished: origSize=2954
cf-ray: 734f604e5ffa917a-FRA
cf-bgj: minify

GET
H2 200 747cc78aba831d72ce3e.css
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/css/ 3 KB
1 KB 221ms
47ms Stylesheet
text/css 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/css/747cc78aba831d72ce3e.css
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0f50cd7363d3fcd7e2eac30723a0be9e2e45c480d782a2f0a95bd384fdb5eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150910
etag: W/"9bd8d0322109b80409d728c3ff546b6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: akW8ZAGOTp9XBHLp8dtiYCO_Zu86Zlh7T2jxCxgqQ3dg9-pgu4diBQ==

GET
H2 200 18267933827.js Show response
cdn.optimizely.com/js/ 272 KB
84 KB 331ms
237ms Script
text/javascript 2a02:26f0:dc:187::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/18267933827.js

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::13b8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4278b218534f6c4e06ffce50c31dd7cc8b5633a63e73534480ef842d8e768c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: FwQC6HL2RamBQVpjvUzmtXMOJk2pa_F9
content-encoding: gzip
etag: "d65a76f5c57a5af74dc687d25ee441fe"
x-amz-request-id: Z76799KG2T5QMYM5
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1946
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="45";dur=0,cdnip;desc="2a02:26f0:dc:187::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 85424
x-amz-id-2: UQZtd4sXxrLBEnWiZeuA7/26MPnjmHNZC5Wt/VjvaGdC8KoVjiFvjuaI+Ca6g4foZCDmcNlJXZg=
last-modified: Thu, 28 Jul 2022 23:58:17 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 13:24:54 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 webpack-3d4437a3d4b548d01d59.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 5 KB
3 KB 240ms
94ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/webpack-3d4437a3d4b548d01d59.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a83bea72ff29916df6db03e66a9305af21cf002debc21fcc578cdb28b39e5722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:54 GMT
server: AmazonS3
age: 150910
etag: W/"3f4794111f900907d61f0bb330890885"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: H9uIDVFyuXP0bAxWd_jRvN69TrsQwCgntC4kl5kaU6sooPzRlYrCEQ==

GET
H2 200 framework-6419dc6081358336873e.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 148 KB
47 KB 198ms
52ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/framework-6419dc6081358336873e.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48116469b4b3231fa1550756465d62811d2148f23104e403c76ea119a76fc4dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:52 GMT
server: AmazonS3
age: 150910
etag: W/"820db3101c798d217afb7502b8e08b5a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 2yRWJ4Nib0ZcVaSJSxRfdcTSbrCmc_HW_PV8e0vqU5NWQuAxvg47ZA==

GET
H2 200 main-729500de806b09c80051.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 90 KB
27 KB 196ms
50ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/main-729500de806b09c80051.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 660fd4ca089d5f9e52f8abdb62d8b1ca98ad2fe554364a6b6e6d01a38ef98bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150910
etag: W/"95a847beb56efa1978875cee89673bd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: qeBHO2GK_dgps3nbeZXlKYR5Bh49jkb2dx14KFKoT2atEZ-duxDcXA==

GET
H2 200 _app-c1fd59efa7f1f0928fb5.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/ 2 MB
518 KB 196ms
50ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad1c219ff94663b118109fbd5e8732d1df2109d6e6d5c1357cad61345b80452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150910
etag: W/"1e4b0edde88c370c0257660f009a75dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: Ry9UC3QnV_uU6LepQ9FE1IbKNMFs0sDqWLTPYvdPDjlWbtSc0oTEwg==

GET
H2 200 8671-19dd63b47f9ea92b050b.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 15 KB
6 KB 196ms
50ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/8671-19dd63b47f9ea92b050b.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a91836e2644510e44cd3a91b1a217ce771c2c93870ee8009ecc23a97bc445f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:36 GMT
server: AmazonS3
age: 150910
etag: W/"b530436bb74cc5945c95dce1a3e57863"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: ixsE1XNejM1m_ngL-KS342uz3e_JSRzObSsvCT_bMjpbOVaOI5AjSA==

GET
H2 200 8402-9e9027b8fcd5e53c9234.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 54 KB
14 KB 213ms
207ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/8402-9e9027b8fcd5e53c9234.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2c8e1d3d26b9d29dfa282199888f576f0780be4b5f4b7d6470f843c63c3a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:55 GMT
server: AmazonS3
age: 150910
etag: W/"f1824e3169af6246a5e1660c3da0cbb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: d2Um2Qgpw42nf0NZIj2nSIwE4C-csQ31eKQ0U8Ka9hQgy3ta2y313g==

GET
H2 200 5491-3ce3312ee466d55d366d.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 8 KB
3 KB 214ms
207ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5491-3ce3312ee466d55d366d.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0967f621628c8edb4d931628c455e028d645ade5e6240b2bc3c220587b2b09f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:54 GMT
server: AmazonS3
age: 150910
etag: W/"b5a79ddd4d5f5c7c319227478a47310d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: ROlew1D3y0jJ-7c9z_Tb9NTPwMbwTl_ImcAcbh5l2SuOA2jgznZIxg==

GET
H2 200 354-3cdc56cf3526973cc893.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 34 KB
10 KB 220ms
214ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/354-3cdc56cf3526973cc893.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2da008ebd641a93284e17c469057184fb945eefd4ad51748aed3c6f966e68746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:56 GMT
server: AmazonS3
age: 150910
etag: W/"ea794b309ae862b9ca0edf7d5e96073b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: LVaQAGxVzk-IYdyWOLeEvyVg13hEEeTscRAfLk5Fna6REFhVa5SpXA==

GET
H2 200 4695-0582cc9e3bcab971520b.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 20 KB
8 KB 215ms
209ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/4695-0582cc9e3bcab971520b.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4550040dff4d38f29c36a8173f35de1058faefea0eafeb81d3e3d8fe592b8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:36 GMT
server: AmazonS3
age: 150910
etag: W/"e155d913648a023fd1a69b337bb398b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: FceSmQLtCxOgvPjV843Jtgs2a3AqYmWxzh9c00xnid0f-BlQx71PzA==

GET
H2 200 9227-a1be738dbfdfb657a5e8.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 15 KB
5 KB 216ms
210ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/9227-a1be738dbfdfb657a5e8.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d3a3fe0ae1e8971fdaac8fbafdcf1d14a14f47c478fcc665b8b484b908a1a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:55 GMT
server: AmazonS3
age: 150910
etag: W/"e87b88cd23c59dfafc486daf54ef8933"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: feKdYl33q6veFTCz4t3IngaJ291KGZvCpJ4tN_nWax4xmOUrYhTJLg==

GET
H2 200 9448-c828eec1ea6f1e5a2138.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 14 KB
5 KB 216ms
210ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/9448-c828eec1ea6f1e5a2138.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c3a4acd9d4d093cab31ab5672f1d3a40088c2c72c00707760b962169d09ba03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:56 GMT
server: AmazonS3
age: 150910
etag: W/"70f1ed887871923a2cdc02e791edb2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: FFEMd81cdzwyv_zBDDQ9YITzY19FdBI8fH1Gs5ZhIxQO77X9CUHfdg==

GET
H2 200 4214-335ebf7a2cb7f3139ff1.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 20 KB
6 KB 217ms
211ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/4214-335ebf7a2cb7f3139ff1.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51c32664634ce24109c65978acc1ac17dd62cc8d5c214473a2d59cfefa6fc314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:55 GMT
server: AmazonS3
age: 150910
etag: W/"fce09273cb48a662e16e29078e83f172"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: Acz6rHOD_XO4MdhfaNzt6N152wp-ejygW3DhBIHlNHIb9qTsYoygIw==

GET
H2 200 1196-e1112b0bde7a64e28eda.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 58 KB
15 KB 216ms
212ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/1196-e1112b0bde7a64e28eda.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13217b8f57c644094438b615f04691b4615d2ed0b2ac8007fb0e4e675cde389f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150910
etag: W/"51522ebf898c74d41092106bdb9dd261"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: YhGQY9ZaOV9xkPhYVf9GRLqRHAzRN_-1cem0Wd_zV8t103Bx4vkfVA==

GET
H2 200 index-dd4704b743d5817719a4.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/ 3 KB
2 KB 215ms
211ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/index-dd4704b743d5817719a4.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a2e6448eceba03f9eed29afe817572242b5fb58567a4a53e8e2dc492dc660f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:42 GMT
server: AmazonS3
age: 150910
etag: W/"c9c7fee8bd9c4e42ec9a1a5f01c14e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: M-79Rr9wOxfRtoOiZ4CzEp4KCZdvwzx8qQoqMMifGskoOy2olpt6oQ==

GET
H2 200 _buildManifest.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/IJ8dMZiIesz8xhYownhCp/ 5 KB
2 KB 217ms
213ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/IJ8dMZiIesz8xhYownhCp/_buildManifest.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb6cf1baf1418c7cb982fb9e72bd339f03a3c6ff17c4c3c8af167da959a6f0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150910
etag: W/"e76311765e7dd3a3007c434a0836b947"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: i4aI3QmAYk_H-slA9tVMW0_NUAUpYmDRmjdsvLsaRczFvkFRYCEcGg==

GET
H2 200 _ssgManifest.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/IJ8dMZiIesz8xhYownhCp/ 77 B
460 B 217ms
213ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/IJ8dMZiIesz8xhYownhCp/_ssgManifest.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150910
etag: "b6652df95db52feb4daf4eca35380933"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 77
x-amz-cf-id: FcvpuEuavBiou_d-tnzpEEh7g9Hs2K8WoFb_sGXKpxFLiRTiYZtlqg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 129ms
46ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9c22IGK2T1KyARgpJHRGhw==
age: 3034
vary: Accept-Encoding
content-length: 7101
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 02:35:34 GMT
server: cloudflare
etag: 0x8DA74F8D7B97863
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 25b74446-301e-00ff-3de5-a6e57e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f604e29a69bfb-FRA

GET
H2 200 Purple_Shadow_2_7fa38dfd-93e2-499a-9fca-4c957ad35cc5.png
cdn.shopify.com/s/files/1/0139/8942/files/ 2 KB
3 KB 175ms
48ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/Purple_Shadow_2_7fa38dfd-93e2-499a-9fca-4c957ad35cc5.png?v=1658161759

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a5506da0d2843ed4efb113b51ffa83a805c710dac3fa0f1c2e189a60962f999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1317238
server-timing: imagery;dur=227.349, imageryFetch;dur=211.784, imageryProcess;dur=14.806;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2510
x-xss-protection: 1; mode=block
x-request-id: 14462d37-12f5-45bb-ba9a-9ead03e21d4a
timing-allow-origin: *
last-modified: Mon, 18 Jul 2022 19:30:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MgdggS4NFrjl7FvkuM%2F0uHtvF4eO0tJHBjiKfJ1cd%2B4IRaazKiAJNIT48E0GkPMDEta2SXiz8X3rJvnYkHCXyVUNZxzSJDHNCvFWgzNmSQwj6%2FyRr4hJcLOBOG39qUbSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e8f9136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/Purple_Shadow_2_7fa38dfd-93e2-499a-9fca-4c957ad35cc5.png>; rel="canonical"

GET
H2 200 Dark_Space_Grey_b9eec94b-307e-468e-97a2-fd04f8a64fcb.png
cdn.shopify.com/s/files/1/0139/8942/files/ 3 KB
4 KB 173ms
47ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/Dark_Space_Grey_b9eec94b-307e-468e-97a2-fd04f8a64fcb.png?v=1658161760

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e68528b40ad0e0664ceb7a452c3d2029359e145a531ef5b06ed650f5eed72a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1317238
server-timing: imagery;dur=89.411, imageryFetch;dur=73.276, imageryProcess;dur=15.224;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2722
x-xss-protection: 1; mode=block
x-request-id: defb990b-4d07-4827-a4cb-742b3df2dacf
timing-allow-origin: *
last-modified: Mon, 18 Jul 2022 19:30:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mfv1lOm%2FkCZ0eWMSjXTDs5MoFhfF83vWCc8YLSR1iEUAx773LY5VCWrox27Or7gotLdZaJVvUIjR4UZsjQBnDmzeUHc6bGRckAN16XXjgXYA0NC7hxREAvOBIbZigq9pdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e929136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/Dark_Space_Grey_b9eec94b-307e-468e-97a2-fd04f8a64fcb.png>; rel="canonical"

GET
H2 200 Black.png
cdn.shopify.com/s/files/1/0139/8942/files/ 892 B
1 KB 48ms
47ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/Black.png?v=1609207498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27417480c18f6b772e934eaa3ec44c1a90f1f6a6d2fc4807c2fa72e1c1e414c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 4102151
server-timing: imagery;dur=57.411, imageryFetch;dur=51.538, imageryProcess;dur=5.091;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 892
x-xss-protection: 1; mode=block
x-request-id: 32c7407e-259e-473f-b410-28c8b4c5df09
timing-allow-origin: *
last-modified: Fri, 17 Jun 2022 01:28:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ffk53OVndkqLqXk3darYctLDnEyX%2Fube8BJYDkfUY26zdSVr617CBKDjiaMaI4vkshwi7LzQolAxC2C04GnYYotVRQXxAsk93KypKETPhCc0ZKbasYLs4ZfO1zrlPR0K7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e939136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/Black.png>; rel="canonical"

GET
H2 200 Navy.png
cdn.shopify.com/s/files/1/0139/8942/files/ 944 B
1 KB 48ms
48ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/Navy.png?v=1609207498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84f41445d739ecbeb157c36479862efd32314afd5a18fcfe1c14d69084e343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 4118928
server-timing: imagery;dur=54.530, imageryFetch;dur=49.828, imageryProcess;dur=4.178;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 944
x-xss-protection: 1; mode=block
x-request-id: 1039b9ec-59b1-4c59-9432-7f73ff8ecc27
timing-allow-origin: *
last-modified: Thu, 16 Jun 2022 21:05:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLqBmy7lBhj7l5hOa0C%2BY%2B%2Bt4rrPYQUkb1SS%2BC4YokIQKBvgjzLt0IjWyWoHOQUtT9todtC6niY%2FwBjLbGbQEbdCRX4LZuWoKSw%2BQ80wpCP2T618SbhWY0ZO0A05vrqDqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e969136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/Navy.png>; rel="canonical"

GET
H2 200 RoyalBlue.png
cdn.shopify.com/s/files/1/0139/8942/files/ 1 KB
2 KB 73ms
73ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/RoyalBlue.png?v=1609207498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6490db85a5bcfa3cf586cb17480f147aaee8cb5f1f5a201725952b343f62763f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 4100268
server-timing: imagery;dur=74.879, imageryFetch;dur=65.388, imageryProcess;dur=8.211;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1062
x-xss-protection: 1; mode=block
x-request-id: 540a9c44-1080-4a53-81ec-58e967f466a2
timing-allow-origin: *
last-modified: Fri, 17 Jun 2022 02:01:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh4crLf4zlcIdze2a%2FSZ%2BOXC%2Bs6xxwmzt31QQrTyGfHEYOZOdTcaCHBdY7JpyzCkePZqIVB3EH01bwp%2BsGGEP4Gn0G9zfxOzLJJP30hKnxy4lUoIl9YoPOMR6U3aB1Oqng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e989136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/RoyalBlue.png>; rel="canonical"

GET
H2 200 Burgundy.png
cdn.shopify.com/s/files/1/0139/8942/files/ 976 B
1 KB 52ms
51ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/Burgundy.png?v=1609207498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5963e5160dc961bbc798f5ed49d75c43cd449dcf6d0f8ab65548eda437f1fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 4087576
server-timing: imagery;dur=31.059, imageryFetch;dur=23.380, imageryProcess;dur=6.484;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 976
x-xss-protection: 1; mode=block
x-request-id: c51c70e4-a98d-4866-b4c0-b36f837e8841
timing-allow-origin: *
last-modified: Fri, 17 Jun 2022 05:24:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uud2i6Xhe6Xz81Sojzc5KkwFlAToXRQMyZgFblwcA52HsDqnrmvum2eKf4G%2FbnuOzT2ZkUVd721IJ2ggzvEeBoPXLJSN48ZNpHL4rAAunsO3gIDxkWpUY61Tojgbu8Vg3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e9a9136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/Burgundy.png>; rel="canonical"

GET
H2 200 Graphite.png
cdn.shopify.com/s/files/1/0139/8942/files/ 904 B
2 KB 49ms
48ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/Graphite.png?v=1609207498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f6b3151f432fcfb78af8e74decd62d7fd687b3777ae096424b6d7c68eba5696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 4087576
server-timing: imagery;dur=75.039, imageryFetch;dur=67.886, imageryProcess;dur=6.369;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 904
x-xss-protection: 1; mode=block
x-request-id: c21b7d66-8e91-400e-8b4b-0dbd226c1188
timing-allow-origin: *
last-modified: Fri, 17 Jun 2022 05:17:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYOdlegLDwSkUQY1SS61Cd84atk7vJPWqamk7vfDRKK3WDe6f70EFawYyvEgL1yeOdwNlHK7sAX3pAwlFHSfkWcV9giC%2B6SlSmI9SAhtPTBIKcqXi5xez4P2NfDqk1COLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e9d9136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/Graphite.png>; rel="canonical"

GET
H2 200 CeilBlue.png
cdn.shopify.com/s/files/1/0139/8942/files/ 992 B
1 KB 51ms
51ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/CeilBlue.png?v=1609207498

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3471f3d26407a39c740e96af9ab18b4c126c80af362e72b91d4550a39007a0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 4077589
server-timing: imagery;dur=36.768, imageryFetch;dur=32.723, imageryProcess;dur=3.402;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 992
x-xss-protection: 1; mode=block
x-request-id: c64d30e8-05c2-4528-9e3a-cf8dd8f16350
timing-allow-origin: *
last-modified: Fri, 17 Jun 2022 08:11:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9imgmoQ2NkjYwY2pt8upDrbqtOd3tmEur0a6CZjfWPfbyJHjodeHtlX%2B6XMmWkufeXnotcFsZ5IJAPKw6RVOBjyVoFUHot1KopOxS8iDEn2q2NxXVRxmnqgvuV%2Fz1NwQAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604e7e9e9136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/CeilBlue.png>; rel="canonical"

GET
H2 200 Find-Yourself-in-FIGS-Lockup-GIF_white_Mobile__2_.gif
images.ctfassets.net/5j6wpslh72e4/5BG9l83xITi7IOPDCM2Hpx/ad957c8e0a498dd0ae39ec98eb10e20d/ 48 KB
48 KB 139ms
47ms Image
image/gif 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/5BG9l83xITi7IOPDCM2Hpx/ad957c8e0a498dd0ae39ec98eb10e20d/Find-Yourself-in-FIGS-Lockup-GIF_white_Mobile__2_.gif
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 330fc3c64247bf5e23b641a7c5ac6fb3a7f02595a4a559eb0e8e5209eac4917f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 17:48:08 GMT
server: Contentful Images API
age: 32659
etag: "4327ab82d1a213e974a9ccface64683d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 49131
x-amz-cf-id: tvXB2h3h3H8K7sHZqd9I_55Jqc3oZejdD4WgBfAbyhBv8pSKbgsJHQ==

GET
H2 200 Find-Yourself-in-FIGS-Lockup-GIF_white_Desktop__2_.gif
images.ctfassets.net/5j6wpslh72e4/1DcOdgaQH8ehW0NSHQnNEo/5ebb4537231d43a3fe11b8c864e2b77d/ 21 KB
22 KB 131ms
89ms Image
image/gif 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/1DcOdgaQH8ehW0NSHQnNEo/5ebb4537231d43a3fe11b8c864e2b77d/Find-Yourself-in-FIGS-Lockup-GIF_white_Desktop__2_.gif
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 19f016c7bc67b17a2155e294999a2fdb2bfafc13573d9b18996cd79fa82accc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 17:47:53 GMT
server: Contentful Images API
age: 36806
etag: "a8afa73856141564271074debd9ffdf2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 21794
x-amz-cf-id: DzHfXt0SKxjI3_-gGlcs34qCq4UAgYYJjH77KLFtWzL3JZ1spUnbmw==

GET
H2 200 fb.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 275 B
1 KB 58ms
54ms Image
image/svg+xml 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/fb.svg?v=1625598562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b9823efcf399e051dbe0b59db5b8737ac18c4bae25e297ae3eef9e7565f1013

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10240430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyjYlR9YHfumhXYZpXffWoq78NDac2wemvvrSSs7u624wzTbCaRxi%2Bv5%2Fd4YLOixKNBwiXSG%2Fnntn%2FBKIyEhs%2BLr5R5fetoAu4OY2khn93WCUOue8zlYsaTW5bp48sV0Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=25.371, imageryFetch;dur=23.395, imageryProcess;dur=0.170;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6a13d60b-5e09-4471-8cd8-5dc0be104cb7
timing-allow-origin: *
surrogate-key: segment4-10733 shop-31019164 mime-image/svg+xml-10733 time-bucket-20220407-10733 73516a30b94e74b99b0fc01c763f8d46862af8d889f67a5752923336eb1bb6d8
last-modified: Thu, 07 Apr 2022 00:51:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 734f604ecf3d9136-FRA
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/fb.svg>; rel="canonical"

GET
H2 200 twitter.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 920 B
1 KB 51ms
48ms Image
image/svg+xml 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/twitter.svg?v=1625598562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5902d035a83bac762333f76a73e62b8918674ada53374fb5dfccd6abba6ad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10166661
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSd2ZykJvnb2hCUxBOJ7gbqLBoIn5WhBZH1E3%2FQq%2FVVFAtni%2Bf12drwGdcZB3b5XvkJ4XegXwESzu9fj0SXbUYGsP4ZQYOm1b%2F6aj8GanYH1Q1bT9760FE5P%2Fw4jJsVN%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=64.530, imageryFetch;dur=63.096, imageryProcess;dur=0.190;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e82de262-ac05-449b-bab2-57714a4667de
timing-allow-origin: *
surrogate-key: segment4-45241 shop-31019164 mime-image/svg+xml-45241 time-bucket-20220407-45241 c9561674203007e07ed3e2fe99268ba8139ebf3078f8960e35fc99deabd68f70
last-modified: Thu, 07 Apr 2022 21:20:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 734f604ecf409136-FRA
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/twitter.svg>; rel="canonical"

GET
H2 200 ig.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 1 KB
1 KB 58ms
55ms Image
image/svg+xml 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/ig.svg?v=1625598562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d4f572bac358d523c32e30153af5aee1775e20c95fc5c362db33985599923dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10240430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qU%2FZIAAsQ%2FNUu0IS%2Bik5j181%2Ba0uuPaVuBVbUU36CySF2T%2FfPGJmuHbnedzmWVH7y2C0KTKILwcmCETdcEl6uarXNmkk5jRXRduMYux412139WsbhepQIAmSC2Lfh4mQyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=63.766, imageryFetch;dur=60.148, imageryProcess;dur=1.411;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c91fc2b8-5471-4678-b4ad-f1c80c95e3da
timing-allow-origin: *
surrogate-key: segment4-53486 shop-31019164 mime-image/svg+xml-53486 time-bucket-20220407-53486 5b352816327db702aef68303cd3cc439c23bdceeb2d3a8531d99588f639780b5
last-modified: Thu, 07 Apr 2022 00:51:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 734f604ecf449136-FRA
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/ig.svg>; rel="canonical"

GET
H2 200 pin.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 795 B
1 KB 54ms
50ms Image
image/svg+xml 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/pin.svg?v=1625598562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f213fd458997140528cb457fd532c1d1f28a00e17ce4deedc50618e5f02a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 9612654
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwGb4i%2BeoyImVgERFz8rFAJ2ITX3OvHXbQsl%2BmAh%2BQ3G5QkpKSV1jncXFCJZqwF26jqejooK6avpvRKiI7CZMScFGDEGbhBV1qclPEEWLgdVZ04l7h7AuVh6%2BwCDh57nPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=38.797, imageryFetch;dur=36.855, imageryProcess;dur=0.198;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6fe4a046-2222-4da6-a0e0-32e561bb0a6f
timing-allow-origin: *
surrogate-key: segment4-63538 shop-31019164 mime-image/svg+xml-63538 time-bucket-20220414-63538 028c6a6555a6865e5f328c678047a44ed799f6369db3e8fea702199be3389faa
last-modified: Thu, 14 Apr 2022 07:14:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 734f604ecf479136-FRA
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/pin.svg>; rel="canonical"

GET
H2 200 youtube.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 609 B
883 B 54ms
51ms Image
image/svg+xml 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/youtube.svg?v=1625598562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66bb4cd150935b5a45caeb0f53bfd21a78b087fad6c507b810e5d5d84072d37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10166661
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TbLHYVn9fldYK1ytOsPZmXmgODrJT%2FYWlh2kR%2FzpnKMfOA%2Fx4ozeoNV6rj1GW7HIOcGu1c%2FyFiiubneCx9uxNW3O8SXzmIDG%2BVo6jBrYnOs90rfYfNLaOff85elXqOGXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=37.379, imageryFetch;dur=35.376, imageryProcess;dur=0.148;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5bcd67d6-adab-44e5-ba34-10bb82d4068d
timing-allow-origin: *
surrogate-key: segment4-13021 shop-31019164 mime-image/svg+xml-13021 time-bucket-20220407-13021 d554ae7ab128bb92150b94cd6dd1b18b9f58be87139299fc22cf0ca14220daf4
last-modified: Thu, 07 Apr 2022 21:20:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 734f604ecf499136-FRA
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/youtube.svg>; rel="canonical"

GET
H2 200 flag-globe-icon.png
cdn.shopify.com/s/files/1/0139/8942/files/ 3 KB
4 KB 59ms
56ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/flag-globe-icon.png?v=1607119990

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f7596f06ac015a06581be6a70cfb8abf1e6fdf6dd24681adaba6e46d016c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 4087576
server-timing: imagery;dur=66.955, imageryFetch;dur=56.612, imageryProcess;dur=9.537;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3184
x-xss-protection: 1; mode=block
x-request-id: a12e30ad-b40c-40ce-b773-703e2a8e6b9e
timing-allow-origin: *
last-modified: Fri, 17 Jun 2022 05:21:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FICd9P3YUB8COdUhr%2FuNySd1qns9atCG6NmLfi4kmersQOcOG3msGtv1MTFRerxzXnW1uymtr3uAM8Jy9E4SNfnCsqsMdF0QJYQpAmJbRRaSi%2FLo4z3qWDClBTO5rZ%2FoGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604edf4c9136-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/flag-globe-icon.png>; rel="canonical"

GET
H2 200 5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a.json Show response
cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/ 4 KB
2 KB 123ms
45ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05ac6db01b5733d2020dd02bab380194bed240203cb4592ec5a959d1f78a4f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WZepdQvYXZpESk8NTkdgvA==
age: 4444
vary: Accept-Encoding
content-length: 1490
x-ms-lease-status: unlocked
last-modified: Mon, 23 May 2022 22:54:26 GMT
server: cloudflare
etag: 0x8DA3D0F3035F1E1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f7fded5a-e01e-0013-42f8-6eed07000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f604efcee9152-FRA
expires: Wed, 03 Aug 2022 17:24:54 GMT

GET
H3 200 FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
62 KB 314ms
235ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2?v=1608583712

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

374df3dfdc8e680a5b78dbd2317d40fa2b6e4e7021dd2383d72d0441e4d49d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10178269
server-timing: imagery;dur=29.409, imageryFetch;dur=29.020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62848
x-xss-protection: 1; mode=block
x-request-id: 75923a0a-be4e-450c-aedd-2cb0d3d23fad
timing-allow-origin: *
surrogate-key: segment4-34327 shop-1398942 mime-font/woff2-34327 time-bucket-20220407-34327 7d4cf8e5b8b1c94062d87a102d5380476460daaaa5e27c5ce5db58581e05d80f
last-modified: Thu, 07 Apr 2022 18:07:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcYXp9p1%2B7JsCGxYkLOxABvpzLnZYMiDVVG3oa29V8kHIHg0RmdV06FTDIxCztsnkS0HMi03IM9lsmpn22z%2B8LWJfZv7FKUIYTCxxO49F83It0aaBlvpJBZ4DfRptI8oWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604f8a069012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2>; rel="canonical"

GET
H3 200 FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
61 KB 202ms
124ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2?v=1608583712

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e477e5b8b86ca6b1358fbeb87736615204866bded195fc73b9f054529910ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10147689
server-timing: imagery;dur=180.809, imageryFetch;dur=180.318
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61980
x-xss-protection: 1; mode=block
x-request-id: 75f328c4-92a5-46e1-a57c-dd7c66435814
timing-allow-origin: *
surrogate-key: segment4-42479 shop-1398942 mime-font/woff2-42479 time-bucket-20220408-42479 5b265d78b8a556f71c1d0891715af62292b263f7136e3dd73d1cace940e9ca66
last-modified: Fri, 08 Apr 2022 02:36:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8cFRVPeM%2BCGnfVBRV0eKxkBNEyXXVjaecDkZ%2BBJkI5dBnBPhjXCTaWD2Xhj80arhZyqvPO5cLXRWv7DbN7lNPCumaSAj6CNLM8xg%2B7%2Ftk57EKPDk8TxVopa61kbPei2yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604f8a019012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2>; rel="canonical"

GET
H3 200 FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 59 KB
59 KB 164ms
87ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2?v=1608583712

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c359ca086a363b7c2aedef74522528f2b70f37cec4059e0c3ee9d7b12f9d5609

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10147689
server-timing: imagery;dur=33.794, imageryFetch;dur=33.334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59988
x-xss-protection: 1; mode=block
x-request-id: fc402094-e2d7-45e4-98c9-335164067b24
timing-allow-origin: *
surrogate-key: segment4-57616 shop-1398942 mime-font/woff2-57616 time-bucket-20220408-57616 12a099b7a984f1d4cdfea1f4718d4ee585b722a73d93b91f50fd6fe5097a4eaa
last-modified: Fri, 08 Apr 2022 02:36:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJZJHAGkvpPTJzojQ6jrOchlU%2F8wlgc0Yge2c%2Fo%2FgBsMbLm5XkNrNdSnLvWtY%2BFkBk0sWiF7FFSQ5q%2Btq5dmuQQFU4TSrgWGst3kTeD7D8lzFRUiFOt6ibPDwrjKAP26tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604f8a049012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2>; rel="canonical"

GET
H3 200 FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
62 KB 276ms
198ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2?v=1608583712

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2207492a2cc099f6c61e6f89b630cb4d3c4b0604ca481a0bb83389d9341ac52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10156392
server-timing: imagery;dur=37.035, imageryFetch;dur=36.666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62948
x-xss-protection: 1; mode=block
x-request-id: 14ef2469-6138-4f31-afec-b97821976180
timing-allow-origin: *
surrogate-key: segment4-929 shop-1398942 mime-font/woff2-929 time-bucket-20220408-929 0b4299c51035ed120195a82445c6ab3226980288d4beb0607486712495c5419d
last-modified: Fri, 08 Apr 2022 00:11:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLu7V3LX6gRV1FsS%2FT18zqRYxXP3La4V5r1eFuRB6IFHWfGAZhKihOxX8w7Y9%2Bsf7rJW72ZOsqVbCr0RCiSn00ainEHD2YtVsK8WdJKcmA9wkdCFtr%2FHNv8jFSUpwwQVOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604f8a029012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2>; rel="canonical"

GET
H3 200 FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 57 KB
58 KB 127ms
50ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2?v=1608583712

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815ff4c9b8b41e38d4db9628ba39f07ca3ce2da7efb4fad31c25ac54160b85db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10147689
server-timing: imagery;dur=73.094, imageryFetch;dur=72.568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58580
x-xss-protection: 1; mode=block
x-request-id: 64450f1f-f9fa-4960-a650-32e82a44c5ce
timing-allow-origin: *
surrogate-key: segment4-46767 shop-1398942 mime-font/woff2-46767 time-bucket-20220408-46767 fb60aac781ebb760c0a12bce3418090685a6b324ae6528730b54c88f492a2296
last-modified: Fri, 08 Apr 2022 02:36:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVcLg%2BIFXAIulZPOdTGiTzbOo0rM22gkBKzbPBcn2SIl2xphKCJQzh%2BffJfwREnsckflxX4Fbdap3o8Kab4xJIl5b68W%2FzZfaYUwOuoIfzr6jZwS0kh3sgQJkqds6TE9Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f604f89f99012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2>; rel="canonical"

GET
H2 200 20220719_Launch_DarkHarbor_Seaglass_Color_Carousel_DH___SG.jpg
images.ctfassets.net/5j6wpslh72e4/5pLwaeY0BPAN6YyKow5hdz/a426cf57fbba365537a857fb9e9d1131/ 49 KB
49 KB 75ms
74ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/5pLwaeY0BPAN6YyKow5hdz/a426cf57fbba365537a857fb9e9d1131/20220719_Launch_DarkHarbor_Seaglass_Color_Carousel_DH___SG.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f18b25e9a152e121903cbaff92227f9c8a9b0799d9e04e3ed25b40b8e08c3be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 17:02:04 GMT
server: Contentful Images API
age: 32658
etag: "976eb4db8c856518c1eec7ec3a49f253"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 49693
x-amz-cf-id: byszPpm0VUuDt-6uYvicMoVSfdFfHpVxUkiH2yV9JvYV7hhz6g2xTQ==

GET
H2 200 HPCAROUSEL_BLACK-1.jpg
images.ctfassets.net/5j6wpslh72e4/2MY5zBHfQxrCaIuHHVZKMN/e969927c598da1a567cca1c84b189d21/ 33 KB
34 KB 91ms
90ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/2MY5zBHfQxrCaIuHHVZKMN/e969927c598da1a567cca1c84b189d21/HPCAROUSEL_BLACK-1.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6d192931840b5846cdd202ac4888c640d2be647332313394807c76adde0f47bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 02:40:53 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Sun, 24 Jul 2022 17:27:29 GMT
server: Contentful Images API
age: 38641
etag: "1f4359a13247de25fd073542f46ef7dc"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 34163
x-amz-cf-id: 3GRy9CNRn_FjhttPAh-1PSIBbVrovX-8KV5DXK286RqR8GBwRirTfw==

GET
H2 200 HPCAROUSEL_NAVY.jpg
images.ctfassets.net/5j6wpslh72e4/5T6MZFafj9P8kCZJ4kSHpq/64113ecfa7afdbb737f9a9ae54bc0a71/ 18 KB
18 KB 86ms
86ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/5T6MZFafj9P8kCZJ4kSHpq/64113ecfa7afdbb737f9a9ae54bc0a71/HPCAROUSEL_NAVY.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2e10acc8d39f64adea961a82e6ba5d1865108ea71ea16dedc4807ac8aa17e205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:41:23 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2022 16:42:19 GMT
server: Contentful Images API
age: 27811
etag: "b6014bb9c736ca58b9c6feb162408219"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 18349
x-amz-cf-id: rr1v8mgNKSvSecUYKVOPO7OZkucrfsRy5CpYy1clMWr0RjVGx3nJAg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 153 B
437 B 139ms
61ms XHR
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 734f604fdbe368fe-FRA
access-control-allow-headers: Content-Type

GET
H2 200 hDOncxeMFCg%3d Show response
gepi.global-e.com/Configurations/GetMerchantConfigurations/ 15 KB
4 KB 54ms
54ms Script
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Configurations/GetMerchantConfigurations/hDOncxeMFCg%3d?WebStoreCode=www.wearfigs.com&WebStoreInstanceCode=www.wearfigs.com&jsoncallback=callback_GetConfigurations
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48bd3deeafc2b55fdff034b410aa3e5ffc378d4e83483a951871d474146e8e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Aug 2022 15:05:20 GMT
server: cloudflare
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: GEM_MerchantConfigurations, GEM_MerchantConfigurations_1021
content-type: application/json; charset=utf-8
cache-control: public, max-age=600, s-maxage=86400
cf-ray: 734f604f69d2917a-FRA
x-aspnet-version: 4.0.30319

GET
H2 200 1021 Show response
web.global-e.com/merchant/clientsdk/ 96 KB
29 KB 149ms
94ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.global-e.com/merchant/clientsdk/1021?dominify=false
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d9fde7533e03aae69d02bbf6ab9013855738e1889ccd01ad8a0f5b8bea3d92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: HIT
edge-cache-tag: clientsdk_1021,clientsdk
content-length: 29852
last-modified: Wed, 03 Aug 2022 12:21:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 734f604fca86917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:44:54 GMT

GET
H2 200 hDOncxeMFCg%3d Show response
gepi.global-e.com/Localize/SetLocalize/ 138 B
569 B 87ms
87ms Script
application/javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Localize/SetLocalize/hDOncxeMFCg%3d?&cacheBuster=1659533094345&jsoncallback=callback_SetLocalize
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ed43c9e31cf28265e5a8991ecc3d51f471fcaa122dfffbc0a3f26a8c10285e27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
edge-cache-tag: GEM_SetLocalize, GEM_SetLocalize_1021
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-length: 229
x-aspnetmvc-version: 4.0
last-modified: Wed, 03 Aug 2022 13:24:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 734f604fca8b917a-FRA
expires: Wed, 03 Aug 2022 13:44:54 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.34.0/ 348 KB
83 KB 46ms
45ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ywzctmjVIapkx83Pz3a+AQ==
age: 10584
vary: Accept-Encoding
content-length: 84671
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:35 GMT
server: cloudflare
etag: 0x8DA3822B5C4CCF6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d89fe3b5-901e-0071-140d-6aaadf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f60503d169bfb-FRA

GET
H2 200 1021
gepi.global-e.com/includes/css/ 3 KB
1 KB 69ms
68ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/includes/css/1021?countryCode=DE
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dfcd992429c959224b5892b9026398d0594d958f484259fa96beeefa67ce6375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
edge-cache-tag: GEM_CSS, GEM_CSS_1021
pragma: no-cache
x-aspnetmvc-version: 4.0
last-modified: Tue, 02 Aug 2022 15:51:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-store
cf-polished: origSize=2954
cf-ray: 734f60505b8b917a-FRA
cf-bgj: minify

GET
H2 200 IsThirdPartCookiesAllowed Show response
gepi.global-e.com/Utils/ 54 B
161 B 83ms
83ms Script
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Utils/IsThirdPartCookiesAllowed?jsoncallback=callback_IsThirdPartCookiesAllowed
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: da75553d55f98d155eac8f9838f76b4660272075d3cf724a6d0122e6bd849bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=0
cf-ray: 734f60505b8c917a-FRA
x-aspnet-version: 4.0.30319

GET
H2 200 hDOncxeMFCg%3d Show response
gepi.global-e.com/Configurations/GetLocalizeConfigurations/ 31 KB
3 KB 94ms
93ms Script
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Configurations/GetLocalizeConfigurations/hDOncxeMFCg%3d?WebStoreCode=www.wearfigs.com&WebStoreInstanceCode=www.wearfigs.com&CountryCode=DE&CurrencyCode=EUR&jsoncallback=callback_GetConfigurations
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5418492a5407bf646e69a23e2222a5246f09fb72cdba6030ba16b9614ee7870b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Aug 2022 02:55:55 GMT
server: cloudflare
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: GEM_LocalizeConfigurations, GEM_LocalizeConfigurations_1021
content-type: application/json; charset=utf-8
cache-control: public, max-age=600, s-maxage=86400
cf-ray: 734f60505b8d917a-FRA
x-aspnet-version: 4.0.30319

GET
H2 200 a18274933994.html Show response
a18274933994.cdn.optimizely.com/client_storage/ Frame FD42 2 KB
1 KB 292ms
48ms Document
text/html 104.96.92.79
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a18274933994.cdn.optimizely.com/client_storage/a18274933994.html

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.92.79 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-92-79.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a08308f74ad2a0d91ec29b62ea2a2dab894b47f5e8fa133e414c7626a5a3ac8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 807
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 13:24:54 GMT
etag: "aada40f3af8218e6f56fded0dc09ccd7"
last-modified: Thu, 28 Jul 2022 23:58:08 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="45";dur=0,cdnip;desc="104.96.92.79";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: 3HMD8064UJmf0NDxH5QJ11kRiJBeHnQjPFX1FcUr8xGyImKN0N1RKSroXBR5psXU+LFzQ+8+Sdc=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: TN95PP35TCGJGVDR
x-amz-server-side-encryption: AES256
x-amz-version-id: xZupHuUeVa97oXnfYKlHk030kt2YNQgG

POST
H2 200 / Show response
o241518.ingest.sentry.io/api/5200726/envelope/ 2 B
278 B 159ms
40ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o241518.ingest.sentry.io/api/5200726/envelope/?sentry_key=48863dea23f74fc882b8e2020709283d&sentry_version=7

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 13:24:54 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wearfigs.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 datadog-rum-v3.js Show response
www.datadoghq-browser-agent.com/ 115 KB
39 KB 159ms
44ms Script
application/javascript 13.32.98.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.98.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-98-147.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:12 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
age: 45
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Z9NC6-k5Y2mQd_ICYwrETGPZ-5TYGP4-F1icX2jZarky3u5nmHmIAQ==

GET
H2 200 9699-4a655f33df94a431ab5f.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 36 KB
12 KB 46ms
45ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/9699-4a655f33df94a431ab5f.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce8178eb9e93bffce9bd40c17d020c1b5c87c5e89fab86c07e8a90aa0e5f0467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150908
etag: W/"02d8b4c1e83cd535a71bcb5e0e46478f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: p7ARlapgzvB7l5bFzWY1Y-VJMR1xYTsSwt-VLPjwYSaKSdRq2h1wRQ==

GET
H2 200 3698.166317c114bd767be62a.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 7 KB
3 KB 46ms
46ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/3698.166317c114bd767be62a.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af5e162178e2ab0078edf40f40aea0f71403ceeba321322ca7f36d02385da8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150908
etag: W/"07ac4e1e354c6dffce1685a49f6c19bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: JKdm5NEXgBsmu3P93wv7PFa_yYOdlC_Zd_VnICpag4MENOWD_SgQAA==

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/ 106 KB
20 KB 49ms
49ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/OtAutoBlock.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43646ec69078527e32f9cff44ee1e8eab7649b0bdab1af708045cba619649f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: K+38+PntM5B/kZGFYl2wZw==
age: 2236
vary: Accept-Encoding
content-length: 19947
x-ms-lease-status: unlocked
last-modified: Mon, 23 May 2022 22:54:26 GMT
server: cloudflare
etag: 0x8DA3D0F304029A1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 33c26d51-401e-0073-1163-70a825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f6052b9c29bfb-FRA
expires: Wed, 03 Aug 2022 17:24:54 GMT

GET
H/1.1 200
OK 730474012 Show response
player.vimeo.com/video/ Frame ED10 16 KB
9 KB 307ms
165ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c157f4e4be24b91770e1ec9af1ceaafcf7aeda021e927dd3a7d15e9258704a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 734f6053ec549bb3-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Aug 2022 13:24:55 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-fra19142-FRA
X-Timer: S1659533095.042628,VS0,VE111
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
expires: Wed, 03 Aug 2022 13:28:47 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy4
x-bapp-server: player-788b79d964-cf876
x-content-type-options: nosniff
x-host: player-788b79d964-cf876
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-3
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 DHSG_HPDesktop_U_VID_3600x1800_220707.00_00_00_00.Still001.jpg
images.ctfassets.net/5j6wpslh72e4/7FvS7U40lotw9lN5iarCfH/26296af2bb5f2e1c4567c938782fa390/ 193 KB
194 KB 42ms
42ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/7FvS7U40lotw9lN5iarCfH/26296af2bb5f2e1c4567c938782fa390/DHSG_HPDesktop_U_VID_3600x1800_220707.00_00_00_00.Still001.jpg?fl=progressive&fm=jpg&q=90&w=1440
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 78739a534a3eeabbe7720b946d992b020b2c77e72dcbeee3dba1e1305f7be938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 06:34:03 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 16:52:56 GMT
server: Contentful Images API
age: 24651
etag: "bbb3fb748da62d24e35f1375bf669343"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 197654
x-amz-cf-id: MPOaXoUwspVm96J6mgPxis6xZhM0ugraaGKgijwyuJEMkupg8_fhtg==

GET
H2 200 HPCAROUSEL_RoyalBlue-3.jpg
images.ctfassets.net/5j6wpslh72e4/54aGtBZEdQ8y3sYdcFWFbp/89b6fb0febfa1f84ddfc0672fa691f63/ 72 KB
72 KB 63ms
63ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/54aGtBZEdQ8y3sYdcFWFbp/89b6fb0febfa1f84ddfc0672fa691f63/HPCAROUSEL_RoyalBlue-3.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 898b2c3c30868df5f1a15c9b698a6242ee953df448380780ecab9e6bb93b3ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:24:11 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jul 2022 07:24:16 GMT
server: Contentful Images API
age: 28843
etag: "0230633ff118016865256b37b88590e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 73717
x-amz-cf-id: 4k1SlwW9fHOk9ogPd_98_o0AwTAItevWzZFXjir5ELGiVf0aDsWpVQ==

GET
H2 200 HPCAROUSEL_BURGUNDY.jpg
images.ctfassets.net/5j6wpslh72e4/1T8Gok72AWRVsb2EYU3rHe/66c1b4bda5792a8509fa044b4360d68e/ 16 KB
17 KB 60ms
60ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/1T8Gok72AWRVsb2EYU3rHe/66c1b4bda5792a8509fa044b4360d68e/HPCAROUSEL_BURGUNDY.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3c66fb97274d680909c1f95235c01f5fe420499610c70477adbf0eb23db7ebbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 01:34:41 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jul 2022 08:27:39 GMT
server: Contentful Images API
age: 42613
etag: "0b1fa8c184a7f1ac92f052e94a7505f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 16765
x-amz-cf-id: QB9Bv4e2GbIGit4WCUYMaq7QVsQNkV0hdWQ3kAaYVq_PTVXyb-Fw2Q==

GET
H2 200 8-2_Launch_CatarinaPetite_W_HPModule_FULL_WIDTH_desktop_v2.jpg
images.ctfassets.net/5j6wpslh72e4/1bdbC6i1a5HsfjHSIWV2RA/ffbb0285cc0ecb2c54fdb835e268b122/ 110 KB
110 KB 74ms
73ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/1bdbC6i1a5HsfjHSIWV2RA/ffbb0285cc0ecb2c54fdb835e268b122/8-2_Launch_CatarinaPetite_W_HPModule_FULL_WIDTH_desktop_v2.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7e606e98d582ed3560e31fdf939efdb3ff2ea30046a0c00fd5a34105acbdff93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 00:35:48 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 17:15:53 GMT
server: Contentful Images API
age: 46146
etag: "a14f395a383343370f7c17164f80e16b"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 112580
x-amz-cf-id: oD-y-m4wevO2zEbuMGThAvV7QdqCyfJpWiIi2cPB4WXX-NU0PFPvbQ==

GET
H2 200 20220523_Content_Core_FindYourself_Homepage_Module_Desktop_U__1_.jpg
images.ctfassets.net/5j6wpslh72e4/1cDO3JHaOTKMP8qUslFNcB/503ca02aec2c5559698fa7f4245ecfd6/ 333 KB
334 KB 76ms
76ms Image
image/jpeg 2600:9000:223e:b000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/1cDO3JHaOTKMP8qUslFNcB/503ca02aec2c5559698fa7f4245ecfd6/20220523_Content_Core_FindYourself_Homepage_Module_Desktop_U__1_.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f1bc0205616879d438a9c5c14eef551352f001dce2ec257e3443f96d4d622c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 06:23:49 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jul 2022 06:35:45 GMT
server: Contentful Images API
age: 25265
etag: "49962c3502eea207e66112e1a06d4382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
content-length: 341209
x-amz-cf-id: B8mKqD_b1aXNdq4g99_oiT5PRWwg-7lWtH0NTF93Fe4USYEp6_NuWg==

GET
H2 200 8671-19dd63b47f9ea92b050b.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
6 KB 52ms
47ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/8671-19dd63b47f9ea92b050b.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:36 GMT
server: AmazonS3
age: 150911
etag: W/"b530436bb74cc5945c95dce1a3e57863"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: gXrYbA2VsOR5Frb9vFmkv5mgCcjQz5lquClNcpJqndHIsya9K8y44g==

GET
H2 200 8402-9e9027b8fcd5e53c9234.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
14 KB 51ms
47ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/8402-9e9027b8fcd5e53c9234.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:55 GMT
server: AmazonS3
age: 150911
etag: W/"f1824e3169af6246a5e1660c3da0cbb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: Yjg54qBpCJoIKszOGbjeYhk37WhSbTivx_E4iiblN0k0zaABzIjNvQ==

GET
H2 200 5491-3ce3312ee466d55d366d.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
3 KB 51ms
47ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5491-3ce3312ee466d55d366d.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:54 GMT
server: AmazonS3
age: 150911
etag: W/"b5a79ddd4d5f5c7c319227478a47310d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: nUitXXRRhTobl0KSjrqx012BDlvrzxYaReDz-tcfvIFenl3WDsnAYQ==

GET
H2 200 354-3cdc56cf3526973cc893.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
10 KB 52ms
48ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/354-3cdc56cf3526973cc893.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:56 GMT
server: AmazonS3
age: 150911
etag: W/"ea794b309ae862b9ca0edf7d5e96073b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: _mQ8Zyw1sVJ2q-FQvhod_HjA1k6ak18-LUbfTUMut1Z2cBiny1uZNw==

GET
H2 200 4695-0582cc9e3bcab971520b.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
8 KB 51ms
47ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/4695-0582cc9e3bcab971520b.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:36 GMT
server: AmazonS3
age: 150911
etag: W/"e155d913648a023fd1a69b337bb398b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: gllCOK0oUzetor9cbyJKWBMYgTA9ZgY54mj4JT52uejKcogxhMoxNQ==

GET
H2 200 9227-a1be738dbfdfb657a5e8.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
5 KB 52ms
49ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/9227-a1be738dbfdfb657a5e8.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:55 GMT
server: AmazonS3
age: 150911
etag: W/"e87b88cd23c59dfafc486daf54ef8933"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: siRktHx8_RzFbWc9VDkwBa-TZc7OwKrlyKOU0pIFNw1wdDmmeTBS0g==

GET
H2 200 9448-c828eec1ea6f1e5a2138.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
5 KB 52ms
49ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/9448-c828eec1ea6f1e5a2138.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:56 GMT
server: AmazonS3
age: 150911
etag: W/"70f1ed887871923a2cdc02e791edb2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: e8jO_cxv5q2I6vagErK92Hxou4tOVNvjxfEPgwe2lcnibU5w_cXbpQ==

GET
H2 200 4214-335ebf7a2cb7f3139ff1.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
6 KB 52ms
49ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/4214-335ebf7a2cb7f3139ff1.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:55 GMT
server: AmazonS3
age: 150911
etag: W/"fce09273cb48a662e16e29078e83f172"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: -FjUcAZ057-9a_ai9dd-Wvk4Xq3Ie0e_NuXUJTG8B6yXoUIesfa24w==

GET
H2 200 1196-e1112b0bde7a64e28eda.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
15 KB 52ms
49ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/1196-e1112b0bde7a64e28eda.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150911
etag: W/"51522ebf898c74d41092106bdb9dd261"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: DQcC-ebewomripVcPjUAppoR1ROoKQc6OPd5kCB0CJvO_4VmzHBLuQ==

GET
H2 200 %5Bhandle%5D-1dcddf4b2544562c9ce6.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/pages/ 0
2 KB 50ms
48ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/pages/%5Bhandle%5D-1dcddf4b2544562c9ce6.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:45 GMT
server: AmazonS3
age: 150909
etag: W/"68ef1cc17341c9095287ba0baced5fc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: WWFV7UyNm4qKqpZRI0_Blwc_y-AsDuZopA4ECjb2_jtAi-1QV65K7w==

GET
H2 200 204-04392468aa74286fdd7a.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
5 KB 92ms
90ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/204-04392468aa74286fdd7a.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:56 GMT
server: AmazonS3
age: 150909
etag: W/"428143f2b037a0831e0513dfa39442df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: pn82pZUWsFwqn3LB3eGvAQvnpQjHpfNOoNwWzVjH0VDfc6MRuL-QTA==

GET
H2 200 5455-97acdb0c9f3d6755a1a2.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
6 KB 92ms
90ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5455-97acdb0c9f3d6755a1a2.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150909
etag: W/"6b095c14680599cc2b6ad5d68bac4738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: r8jbanxOCjQEIaVrZOG7xh-EHqr8F_RI8FnxG2nyolCQUXBSE72jqQ==

GET
H2 200 5501-8039781faf9e848651e3.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
19 KB 94ms
92ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5501-8039781faf9e848651e3.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150909
etag: W/"ee8762e2b0713db7d384a5e32d622345"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: uhVBEu8Ap1HvggF-Heq-qznf3nKC1XBMwWOmacFUQNP8nUBrRBmcpQ==

GET
H2 200 5979-250d7642a29a46e853d6.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 0
9 KB 93ms
91ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5979-250d7642a29a46e853d6.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150909
etag: W/"2df2e2387621b7cf769fe3e521618b01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: Q5NIDMNbYKPC8Btc4OiVyxL9UwsIt6CFWKxKqx-czQVv6_D22V0OgQ==

GET
H2 200 %5Bhandle%5D-73d4b114a1c9c8512c19.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/collections/ 0
3 KB 93ms
92ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/collections/%5Bhandle%5D-73d4b114a1c9c8512c19.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:45 GMT
server: AmazonS3
age: 150909
etag: W/"af1ace60749947f6a86954b842632483"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: t-ViA988_RBmaCfspv8a1qJjF9uMEpzz1wlr1-fgc-aXvNQkGG-qiw==

GET
H2 200 index-dd4704b743d5817719a4.js
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/ 0
2 KB 74ms
74ms Other
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/index-dd4704b743d5817719a4.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:42 GMT
server: AmazonS3
age: 150911
etag: W/"c9c7fee8bd9c4e42ec9a1a5f01c14e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 6tYfkrPmbp9ouPKsrnaisNRSZFSNfUrUAxr57B4funvRznRlQyPPAw==

GET
H2 200 set
utils.global-e.com/ 35 B
177 B 190ms
60ms Image
image/gif 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utils.global-e.com/set?t=pv&sid=357089914.211564646.1021&p=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ti=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20&%20Apparel=&co=DE&e=local&hc=0&log=false&m=1021&cdu=https://webservices.global-e.com/&f=gleTags.handlePixelResponse&dr=https%3A%2F%2Fmkto-sj300004.com%2F
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cloud-trace-context: 54d9857639493d2d6763ac7c4267a370
server: Google Frontend
x-powered-by: Express
date: Wed, 03 Aug 2022 13:24:55 GMT
content-length: 35
content-type: image/gif

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/c7f07979-d61e-4331-845e-386911a07c22/ 121 KB
23 KB 49ms
49ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/c7f07979-d61e-4331-845e-386911a07c22/en.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fe4c21a4779e7fd096828701856f6e97aea763ef7419f2d037c0014135743e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cjSMW9AqSQWJASCSOFdCJQ==
age: 4443
vary: Accept-Encoding
content-length: 23463
x-ms-lease-status: unlocked
last-modified: Mon, 23 May 2022 22:54:30 GMT
server: cloudflare
etag: 0x8DA3D0F3262BD0D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e970af8f-b01e-0140-13f8-6eb75d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f60543d7f9152-FRA
expires: Wed, 03 Aug 2022 17:24:55 GMT

GET
H2 200 changeshippingandcurrency Show response
webservices.global-e.com/merchant/ 31 KB
8 KB 156ms
97ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/changeshippingandcurrency?autoshow=false&merchantid=1021&country=DE&culture=de&currency=EUR&v=1.0&environment=live&loadSwitcherData=false
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f73a0f0f25ec0b636c5fbe33e1f888633d999188ce4c7da412c9aa153769867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
edge-cache-tag: switcher_1021,popups_1021
content-length: 8426
last-modified: Wed, 03 Aug 2022 12:24:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=86400
accept-ranges: bytes
cf-ray: 734f6054db30917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language

GET
H2 200 welcome Show response
webservices.global-e.com/merchant/script/ 14 KB
4 KB 118ms
59ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/script/welcome?merchantid=1021&country=DE&culture=de&currency=EUR&v=1.0&environment=live&ismobile=false&loadSwitcherData=false
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e96a44c8bd377acf7abbd8e2ddcc4d2bdd2c6fe33760eff391187690efbd1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
edge-cache-tag: welcome_1021,popups_1021
content-length: 4385
last-modified: Wed, 03 Aug 2022 13:10:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=86400
accept-ranges: bytes
cf-ray: 734f6054db2d917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language

GET
H2 200 de.png
gepi.global-e.com/content/images/flags/round/ 548 B
718 B 96ms
95ms Image
image/png 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gepi.global-e.com/content/images/flags/round/de.png
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00ba1b348c364430239c5ef0937969723af68094acb5115d3ac57e0c95769877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
cf-cache-status: HIT
last-modified: Sun, 31 Jul 2022 16:25:26 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "01ffd23faa4d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f60548a9b917a-FRA
content-length: 548
expires: Wed, 03 Aug 2022 13:29:55 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 10 KB
3 KB 43ms
43ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otFloatingRoundedCorner.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fad8eccf058216f2489b00b6317daded6946aaed503d2795e65a7a2768e696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sc7SVcBhzQIEKZGwT+x78A==
age: 885
vary: Accept-Encoding
content-length: 2565
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:27 GMT
server: cloudflare
etag: 0x8DA3822B0D87F3C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9ba47066-c01e-0026-231d-6a4352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f6054de6f9152-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/ 53 KB
12 KB 43ms
43ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcCenter.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NS4/Ql3sVfXAVIyb20II4w==
age: 885
vary: Accept-Encoding
content-length: 12384
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:27 GMT
server: cloudflare
etag: 0x8DA3822B13BA01A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7099288f-501e-0001-5614-6ad91b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 734f6054ee709152-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 21 KB
4 KB 47ms
47ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 885
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a3f46c28-901e-0094-161d-6ab828000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 734f6054ee719152-FRA

GET
H2 200 %5Bhandle%5D-1dcddf4b2544562c9ce6.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/pages/ 3 KB
2 KB 48ms
48ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/pages/%5Bhandle%5D-1dcddf4b2544562c9ce6.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd7b071036ce7ea8bc09cf31b37ae8317ca57b598aaefd44663fc8d6c332a9ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:45 GMT
server: AmazonS3
age: 150909
etag: W/"68ef1cc17341c9095287ba0baced5fc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: HOSdH_PdwsJAflCMvrQgsEEreNHpJ9QE0DZxhpNdgaMKZxHWCmuyjw==

GET
H2 200 204-04392468aa74286fdd7a.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 12 KB
5 KB 46ms
46ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/204-04392468aa74286fdd7a.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbb57fd2543a9ddc252d8d6b174e13dc7a0baafc1a5e1509af83fdb9643fcc46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:56 GMT
server: AmazonS3
age: 150909
etag: W/"428143f2b037a0831e0513dfa39442df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: y0C57rsJNQCujFS_2xcnBYHK2EG9i0g6IznVj5im4aS_6YXANzO9Nw==

GET
H2 200 5455-97acdb0c9f3d6755a1a2.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 13 KB
6 KB 47ms
47ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5455-97acdb0c9f3d6755a1a2.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c83f59f564bf2fa7164a6ec5091cd02adf45a4a17322ecf7da7c1bf9ca50622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150909
etag: W/"6b095c14680599cc2b6ad5d68bac4738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: nWqEw4iznmAps1BRsMs1DHIXCtRs-Tsg8ncf2_Vy9o9aiV7yGLRDow==

GET
H2 200 5501-8039781faf9e848651e3.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 72 KB
19 KB 47ms
46ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5501-8039781faf9e848651e3.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1a214edaba6f3f6855e54ea1d3be4f389f5712522d38a504361109b5ad93eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:53 GMT
server: AmazonS3
age: 150909
etag: W/"ee8762e2b0713db7d384a5e32d622345"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: bzXSAX6PgkflpW6qtguV95an-kkfokL5z5PBLn71zxfdJ-ajiKmGZQ==

GET
H2 200 5979-250d7642a29a46e853d6.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/ 27 KB
9 KB 48ms
47ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/5979-250d7642a29a46e853d6.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da87d482f0069951e5c4e3474dac1da4b4c28b1344d14e2fa76c05ae67af93f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:28 GMT
server: AmazonS3
age: 150909
etag: W/"2df2e2387621b7cf769fe3e521618b01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: tRY4UZhRKFX-Tka8jveCAPO9Rg5AtCjEnOFZ2oMazMI0qDvIGO8Pww==

GET
H2 200 %5Bhandle%5D-73d4b114a1c9c8512c19.js Show response
magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/collections/ 7 KB
3 KB 66ms
65ms Script
application/javascript 2600:9000:211a:9000:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/collections/%5Bhandle%5D-73d4b114a1c9c8512c19.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ebdb6bcff54c762653505e961c8ebf6f6f44a122babae718cc92dcca2a2e0b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:29:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:32:45 GMT
server: AmazonS3
age: 150909
etag: W/"af1ace60749947f6a86954b842632483"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: NYc1dfkzgtvQ2ywFdZT0x_lnpeEpHlzjqfoWiD3pR77u6jBreoSyDg==

POST
H/1.1 204
No Content _csp
player.vimeo.com/ Frame ED10 0
1 KB 174ms
174ms Other
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/_csp

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Wed, 03 Aug 2022 13:24:55 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
X-Cache: MISS
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
x-host: player-788b79d964-n4x27
Connection: keep-alive
Vary: Accept-Encoding
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19168-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1659533095.214113,VS0,VE119
x-backend-proxy: playproxy2
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=UTF-8
expires: Fri, 15 Dec 1985 19:30:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-788b79d964-n4x27
content-security-policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Accept-Ranges: bytes
CF-RAY: 734f6054feaa9bb3-FRA
X-Cache-Hits: 0

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/4.7.4/js/ Frame ED10 881 KB
207 KB 219ms
46ms Script
application/javascript 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48ef8b994ba24e484b6280283fc094f455d8d936a5f581493d0711c85de080fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 164869
x-served-by: cache-iad-kjyo7100107-IAD, cache-vie6375-VIE
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1659533095.378365,VS0,VE0
content-length: 211655
x-cache-hits: 1, 1960

GET
H2 200 player.css
f.vimeocdn.com/p/4.7.4/css/ Frame ED10 184 KB
19 KB 268ms
95ms Stylesheet
text/css 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.7.4/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5279dd72ab09eb58633466980fe30bf06cbf4204b4b7a1c1a93c1ec06fc44ac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 164870
x-served-by: cache-iad-kiad7000091-IAD, cache-vie6375-VIE
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=1209600
accept-ranges: bytes
x-timer: S1659533095.378381,VS0,VE0
content-length: 19365
x-cache-hits: 1, 31605

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame ED10 2 KB
1 KB 267ms
95ms Script
application/javascript 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 varnish, 1.1 varnish
age: 1109256
x-timer: S1659533095.378356,VS0,VE0
x-served-by: cache-iad-kjyo7100121-IAD, cache-vie6375-VIE
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 1, 103542

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 45ms
45ms Image
image/svg+xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LpuayL42jB78xRllx0vkOw==
age: 3299
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 02:35:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3bd3fbe8-e01e-0117-04e6-a65ed0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 734f60558e559bfb-FRA

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame ED10 0
993 B 260ms
174ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:55 GMT
Via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
Vary: User-Agent
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kjyo7100027-IAD, cache-hhn4050-HHN
x-vimeo-device: d
Server: cloudflare
X-Timer: S1659533096.575151,VS0,VE122
x-frame-options: sameorigin
x-backend-proxy: webproxy1
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Wed, 03 Aug 2022 01:24:55 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-687b7b5cc-mmkjw
x-ua-compatible: IE=edge
Accept-Ranges: bytes
CF-RAY: 734f605748ab9220-FRA
X-Cache-Hits: 0, 0

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
361 B 495ms
125ms XHR
text/plain 54.210.202.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.202.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-202-232.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Aug 2022 13:24:55 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.wearfigs.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 9dc853b5-421c-4b38-bd71-3ab48ed288df

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame ED10 0
142 B 219ms
137ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1470060496-ed2b97e015a5e8ac95af20a46a050f11c765784eb7f0de663c7c94eb7add93ed-d
i.vimeocdn.com/video/ Frame ED10 58 KB
59 KB 225ms
219ms Image
image/avif 199.232.18.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1470060496-ed2b97e015a5e8ac95af20a46a050f11c765784eb7f0de663c7c94eb7add93ed-d?mw=2200&mh=1100
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/730474012?autoplay=true&loop=1&title=0&byline=0&portrait=0&controls=0&muted=1&autopause=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.18.109 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a69d9696c73213337b5078e7796f6eb3727270e5cd371d87e7c68bb4306c3b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 82441
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
access-control-max-age: 86400
x-backend-server: varnish
content-length: 59659
viewmaster-server: viewmaster-us-central1-m8tf
x-served-by: cache-dfw-kdfw8210096-DFW, cache-vie6375-VIE
x-timer: S1659533096.616366,VS0,VE172
etag: 27df185ad9d1ef330a326bdb73df61ee
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame ED10 0
40 B 212ms
138ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame ED10 0
40 B 189ms
140ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame ED10 0
162 B 248ms
136ms Ping
text/html 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822... Frame ED10 15 KB
4 KB 258ms
38ms XHR
application/json 2a02:26f0:3500:6::17d8:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822713d/sep/video/d5415d01,644aee50,bf472d14,98fb745c,32be1971,6ddec520/audio/8b903077,908b4f0f,7101bd90/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:6::17d8:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7a59e69c001589474efc4d7267cf3d65a42fd47bba501d1c32f339777f707caa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1659031200
timing-allow-origin: *
Connection: keep-alive
Content-Length: 3479
AK-REFERENCE-ID: 0.ab6f1002.1659533095.37e94e
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=31035475
Akamai-Edge-IP: 2a02:26f0:3500:6::17d8:4dab
Content-Type: application/json
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
92 KB 164ms
80ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLWDV6S&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2a777018a5c905953f0339556ea34843c2c4f898cea56e0c1d2c774db50a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93865
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Aug 2022 13:24:55 GMT

GET
H2 200 freeShippingBanner Show response
webservices.global-e.com/merchant/ 1 KB
976 B 104ms
103ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/freeShippingBanner?merchantId=1021&country=DE&currency=EUR&culture=de&cb=1659533096
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 831c7e20e2d97601f9d458ebd7d5b9361132a52c80c2f265f9dfec3ce3330ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
cf-cache-status: MISS
edge-cache-tag: free-shipping-banner,free-shipping-banner-1021
cache-tag: free-shipping-banner,free-shipping-banner-1021
content-length: 771
last-modified: Wed, 03 Aug 2022 13:24:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 734f60591a85917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:44:55 GMT

GET
H2 200 set
utils.global-e.com/ 35 B
118 B 59ms
59ms Image
image/gif 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utils.global-e.com/set?t=pv&sid=357089914.211564646.1021&p=https%3A%2F%2Fwebservices.global-e.com%2Fmerchant%2Fscript%2Fwelcome%3Fmerchantid%3D1021%26country%3DDE%26culture%3Dde%26currency%3DEUR%26v%3D1.0%26environment%3Dlive%26ismobile%3Dfalse%26loadSwitcherData%3Dfalse&ti=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20&%20Apparel=&co=DE&e=local&hc=0&log=false&m=1021&cdu=https://webservices.global-e.com/&f=gleTags.handlePixelResponse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cloud-trace-context: 7d93f56a6896cd2ae6da4f1f5242f277
server: Google Frontend
x-powered-by: Express
date: Wed, 03 Aug 2022 13:24:55 GMT
content-length: 35
content-type: image/gif

GET
H2 200 DE Show response
webservices.global-e.com/shared/prefetcher/1021/ Frame 0B8E 1 KB
671 B 51ms
50ms Document
text/html 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 204f0fbfac3802a2f23157962bfb0c05a44769ad06688fe66ea8801756cd3403

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=300
cf-cache-status: HIT
cf-ray: 734f60594ad0917a-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 13:24:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 03 Aug 2022 13:29:55 GMT
last-modified: Wed, 03 Aug 2022 12:24:01 GMT
server: cloudflare
vary: Accept-Encoding

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame ED10 0
11 B 216ms
138ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 8b903077.mp4 Show response
134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822... Frame ED10 1 KB
2 KB 38ms
38ms XHR
video/mp4 2a02:26f0:3500:6::17d8:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822713d/parcel/audio/8b903077.mp4?r=dXM%3D&range=891-1960
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:6::17d8:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 50256f4c4ea9b31ab509f36ad16d820b1e59b1e88d474801a038203a9bc6704f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:55 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1658192400
Connection: keep-alive
Content-Length: 1070
AK-REFERENCE-ID: 0.ab6f1002.1659533095.37e94f
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Fri, 15 Jul 2022 21:58:59 GMT
Server: parcel
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=30196149
Akamai-Edge-IP: 2a02:26f0:3500:6::17d8:4dab
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Wed, 19 Jul 2023 01:14:04 GMT

GET
H2 200 prefetcher.js Show response
webservices.global-e.com/mappedBundles/ Frame 0B8E 96 KB
34 KB 51ms
51ms Script
application/javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77d1987a9c9c59d649802494573b24237d30268bc66cdca6825ecab5c301516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 34375
last-modified: Mon, 01 Aug 2022 11:53:58 GMT
server: cloudflare
etag: "04fff619da5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f60599b6b917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:55 GMT

GET
H/1.1 200
OK 98fb745c.mp4 Show response
134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822... Frame ED10 248 KB
249 KB 41ms
41ms XHR
video/mp4 2a02:26f0:3500:6::17d8:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822713d/parcel/video/98fb745c.mp4?r=dXM%3D&range=890-254865
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:6::17d8:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: c0406ce23449b57d9354be1cbe46972e7b466f27e08fb58b165a8bbfbc7c3b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:55 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1658160000
Connection: keep-alive
Content-Length: 253976
AK-REFERENCE-ID: 0.ab6f1002.1659533095.37e955
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Fri, 15 Jul 2022 21:59:28 GMT
Server: parcel
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=30166233
Akamai-Edge-IP: 2a02:26f0:3500:6::17d8:4dab
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Tue, 18 Jul 2023 16:55:28 GMT

GET
H2 200 set
utils.global-e.com/ 35 B
117 B 69ms
69ms Image
image/gif 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utils.global-e.com/set?t=pv&sid=357089914.211564646.1021&p=freeShippingBannerShowed%3Fmerchantid%3D1021%26countryid%3D69%26currencyid%3DEUR&ti=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20&%20Apparel=&co=DE&e=local&hc=0&log=false&m=1021&cdu=https://webservices.global-e.com/&f=gleTags.handlePixelResponse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-cloud-trace-context: a7d28b712b9392d375d6a33d1a3581a4
server: Google Frontend
x-powered-by: Express
date: Wed, 03 Aug 2022 13:24:55 GMT
content-length: 35
content-type: image/gif

GET
H2 200 PrefetcherProcess Show response
webservices.global-e.com/shared/ Frame 0B8E 1 KB
524 B 54ms
54ms XHR
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/shared/PrefetcherProcess?cb=637948461885102575&mid=1021&countryISO=DE
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2f367743680779134db33905dae9e5b3f037e2f799da6dbd4980592bdfa647

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 390
last-modified: Wed, 03 Aug 2022 12:24:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a0c22917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 checkoutv2_top.js Show response
webservices.global-e.com/mappedBundles/ Frame 0B8E 424 KB
120 KB 78ms
78ms XHR
application/javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/mappedBundles/checkoutv2_top.js?v=20220801115358
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1681121847c661677e44cb69bbce869b7b62196373d5396b607a069ee7f9f1

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 122226
last-modified: Mon, 01 Aug 2022 11:53:58 GMT
server: cloudflare
etag: "04fff619da5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a6cb3917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 checkoutv2_bottom.js Show response
webservices.global-e.com/mappedBundles/ Frame 0B8E 357 KB
96 KB 71ms
70ms XHR
application/javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/mappedBundles/checkoutv2_bottom.js?v=20220801115358
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e8b92ac72d626b7c18e665c95c719654329266ee6f34d6d6c945ae1adc07c7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 97669
last-modified: Mon, 01 Aug 2022 11:53:58 GMT
server: cloudflare
etag: "04fff619da5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a6cb4917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 secured.js Show response
webservices.global-e.com/mappedBundles/ Frame 0B8E 303 KB
93 KB 92ms
92ms XHR
application/javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/mappedBundles/secured.js?v=20220801115358
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec131015f3f3076aa102e14b1dea629876032b1ce7227c64771452ead5bf9cea

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 95169
last-modified: Mon, 01 Aug 2022 11:53:58 GMT
server: cloudflare
etag: "04fff619da5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a6cb5917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 content_bootstrap_cssRtl.css
webservices.global-e.com/mappedBundles/ Frame 0B8E 334 KB
73 KB 60ms
59ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/mappedBundles/content_bootstrap_cssRtl.css?v=20220801115358
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a80e453b27e176f388521a72327207ab12a58f53dd32c033592b4a38909b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 74775
last-modified: Mon, 01 Aug 2022 11:53:58 GMT
server: cloudflare
etag: "04fff619da5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a6cbd917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 content_bootstrap_css.css
webservices.global-e.com/mappedBundles/ Frame 0B8E 217 KB
53 KB 103ms
102ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/mappedBundles/content_bootstrap_css.css?v=20220801115358
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d009529a165927702561721509cfa0b3a2df118568438eef25db04afa18102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: HIT
content-length: 54249
last-modified: Mon, 01 Aug 2022 11:53:58 GMT
server: cloudflare
etag: "04fff619da5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a6cbf917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 CheckoutSkin
webservices.global-e.com/Merchant/Script/ Frame 0B8E 21 KB
5 KB 153ms
152ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/Merchant/Script/CheckoutSkin?merchantId=1021&isTemp=False
Requested by: Host: webservices.global-e.com
URL: https://webservices.global-e.com/mappedBundles/prefetcher.js?v=20220801115358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9e4e4bc99c85e24cf16c33b18db6eb0a26f1df7818782bf3e5a30cdeef19e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ge-debug: https://webservices.global-e.com/merchant/script/checkoutskin?merchantid=1021&istemp=false&qt=1659533096112.3318
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
cf-cache-status: MISS
edge-cache-tag: CheckoutSkin_1021,CheckoutSkins
last-modified: Wed, 03 Aug 2022 13:24:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 734f605a6cc1917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 13:29:56 GMT

GET
H2 200 loader4.gif
webservices.global-e.com/content/images/ Frame 0B8E 11 KB
11 KB 92ms
92ms Image
image/gif 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservices.global-e.com/content/images/loader4.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25a8dd378bcc8a65c2110b29dc8b4c9baa2f828869ffb243a56243bb36a16d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
cf-cache-status: HIT
content-length: 11441
last-modified: Mon, 01 Aug 2022 11:42:30 GMT
server: cloudflare
etag: "0d7eac79ba5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 734f605acd5b917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 14:24:56 GMT

GET
H2 200 horizontal_loader.gif
webservices.global-e.com/Content/Images/ Frame 0B8E 10 KB
10 KB 57ms
57ms Image
image/gif 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webservices.global-e.com/Content/Images/horizontal_loader.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5291ed540bc2d9854e37745efaf4d12545525947bc1134574bc16403b9880ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/shared/prefetcher/1021/DE?cb=1659533096
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
cf-cache-status: HIT
content-length: 9931
last-modified: Mon, 01 Aug 2022 11:42:30 GMT
server: cloudflare
etag: "0d7eac79ba5d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 734f605add7b917a-FRA
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Wed, 03 Aug 2022 14:24:56 GMT

GET
H2 200 spritesheet.png
s3.global-e.com/Images/Sprites/ Frame 0B8E 9 KB
9 KB 106ms
55ms Image
image/png 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.global-e.com/Images/Sprites/spritesheet.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be9b9294d3c54fe68489ff56b8291523368d14c74a94cae8b00fde929103887f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
cf-cache-status: HIT
x-amz-request-id: ZHT3ED6H81MJQM1V
x-amz-meta-cb-modifiedtime: Mon, 18 Jul 2022 12:08:04 GMT
cf-ray: 734f605abd3b917a-FRA
x-amz-replication-status: COMPLETED
content-length: 9300
x-amz-id-2: e8c+Kibkspd1rA5nbOTsG7yIWxaHWkr/Q8od2vcqaqs6s80QZGG+8cNGm43k86fgY45MWeVbV2k=
last-modified: Tue, 19 Jul 2022 06:27:11 GMT
server: cloudflare
etag: "8883d1612b0d6abde954dc6b2e64ee0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: O_VZqNX5ULVuNi6rGVzzif8RAm9bttvD
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/png
expires: Wed, 03 Aug 2022 13:54:56 GMT

GET
H2 200 secure_spritesheet.png
s3.global-e.com/Images/Sprites/ Frame 0B8E 6 KB
6 KB 106ms
56ms Image
image/png 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.global-e.com/Images/Sprites/secure_spritesheet.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358dd21108b997a96ebab0ff7ca3e08ac67aacbcde6947e02252e9d12815f6c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
cf-cache-status: HIT
x-amz-request-id: ZHTCK53JX5A0AXZV
x-amz-meta-cb-modifiedtime: Mon, 18 Jul 2022 12:08:20 GMT
cf-ray: 734f605abd3f917a-FRA
x-amz-replication-status: COMPLETED
content-length: 6089
x-amz-id-2: 9X3/1Jgh1NQEhU8a7fWgwa6jVRu3XMLqjWbyXle1kAbFNAHYf1Y39VqBNlqvNhMWCEzmuPN0cp8=
last-modified: Tue, 19 Jul 2022 06:27:13 GMT
server: cloudflare
etag: "e78e034dd4b284ae601e95878e554091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: C1m1LkRLVnyXajEmeHwcEup6_J6e7M2p
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/png
expires: Wed, 03 Aug 2022 13:54:56 GMT

GET
H2 200 sprite_DE.png
s3.global-e.com/Images/Sprites/ Frame 0B8E 7 KB
7 KB 141ms
91ms Image
image/png 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.global-e.com/Images/Sprites/sprite_DE.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc75f862038e8220582bfa3ded1fd31bbec487bd2973718b79702e77da6fe5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webservices.global-e.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
cf-cache-status: HIT
x-amz-request-id: GBHA85MCPBMPXKTD
x-amz-meta-cb-modifiedtime: Wed, 15 Jun 2016 15:28:12 GMT
cf-ray: 734f605abd3e917a-FRA
content-length: 7024
x-amz-id-2: vfXaS+C63YMrvJZ8GBqvOTnO/WM3bjuyOYIM1mxSRg9hl1Aq/EwsapEgW9oWolqradm4sz33m8o=
last-modified: Thu, 16 Jun 2016 07:29:36 GMT
server: cloudflare
etag: "76c35f1c9bb330daef29d07d13bf4e35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: image/png
expires: Wed, 03 Aug 2022 13:54:56 GMT

GET
H/1.1 200
OK segment-1.m4s Show response
134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822... Frame ED10 7 MB
7 MB 40ms
40ms XHR
video/mp4 2a02:26f0:3500:6::17d8:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822713d/sep/video/6ddec520/chop/segment-1.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:6::17d8:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 78d055d34af43c27b5fcfe63e46cf73c8b58f7783415c3ba088e4a4d19e4901e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:56 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1658163600
Connection: keep-alive
Content-Length: 7440386
AK-REFERENCE-ID: 0.ab6f1002.1659533096.37e95e
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=30166525
Akamai-Edge-IP: 2a02:26f0:3500:6::17d8:4dab
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 forge.min.js Show response
unpkg.com/node-forge@0.7.0/dist/ 266 KB
69 KB 145ms
54ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/node-forge@0.7.0/dist/forge.min.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16435791
fly-request-id: 01FT83PB4PPT9JZSEKZDX10P9V
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2017 22:37:03 GMT
server: cloudflare
etag: W/"429bd-Ikb3wlLVm2wlvXrmcm23V6AN+Rc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 734f605b3c3c9165-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 652ms
470ms Script
application/javascript 2a02:26f0:dc:18a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:18a::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "2dda33348480d93c64a825f2616f03ce"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 135ms
51ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:24:56 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 129ms
54ms Script
application/javascript 18.64.78.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.78.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-78-252.txl50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: TXL50-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7821
via: 1.1 7da1d60a481ae3940f6605e4b4cab476.cloudfront.net (CloudFront)
x-amz-cf-id: 9k2j4NJ-aZacVhuVn7BlUfYjgas9ovtcBzVBoCAAV45gbREpEn8w2A==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 200ms
48ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
server: nginx
etag: W/"62bc0403-a792"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:24:56 GMT

GET
H/1.1 200
OK friendbuy.min.js Show response
djnf6e5yyirys.cloudfront.net/js/ 121 KB
42 KB 163ms
57ms Script
application/javascript 18.66.17.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-76.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e26bddfe28fe2e8e28c5b25968decb689ebac4300ee117b4c5c472a0600cd343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: eATjcjBrymkaCY25fDl0wDYs2YHXtSAL
Content-Encoding: gzip
ETag: W/"6d60ce692f3c7b9f4a8baad4b84d05a7"
Age: 1400
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 20:51:22 GMT
Server: AmazonS3
Date: Wed, 03 Aug 2022 13:01:37 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
Cache-Control: public, max-age=180
X-Amz-Cf-Pop: VIE50-P1
X-Amz-Cf-Id: yAZ4_daUppYwRe3aUoWu4zRvCRcJS6qDtY3Sjvt-h1FszCqa4WvOPg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 161 KB
45 KB 284ms
132ms Script
application/javascript 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: acb78805ddf40c2613423953cbb004d2f64ec5634b1019793c01f3c66c274a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 24762426.7ba8dae
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 92,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=6, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202208031324569153EAD562E0B4136695
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.68
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1ca0007f8a01dd5a209960cd72c20119d9b2b769eeeb4da828a39085927882e910790608f0a07a0e69ddfbb5546bfe34bf14a7e8e39be7f9c973153d6700f2f2ce
expires: Wed, 03 Aug 2022 13:24:56 GMT

GET
H/1.1 200
OK wxyz.rb.js Show response
rbqnb9ch.wearfigs.com/assets/ 46 KB
10 KB 380ms
113ms Script
application/javascript 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbqnb9ch.wearfigs.com/assets/wxyz.rb.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 1f28b04cf2360fc33f5726edbc08c22d98201fe6c59e1e5e44e4e626ae0fb8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:56 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 heap-4169410828.js Show response
cdn.heapanalytics.com/js/ 133 KB
49 KB 134ms
44ms Script
application/javascript 13.32.27.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-4169410828.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-35.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e238b4270d9c26b9c3220a3a3413fae8a1e6a0f3e35e90b0e53e9016409b6d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:23:09 GMT
content-encoding: gzip
server: nginx
age: 107
etag: W/"21469-Lw+cdqHHnKEl9osTQJuCUA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: PWkP3Rm1fq2j9uPp8xQ2vP66GYPwX4gw1eHIdcAtuUsWrOXe5DHQJw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1139
date: Wed, 03 Aug 2022 13:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 15:05:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 151ms
58ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74F8B2A1DF1F465CBFF640C12F6996CC Ref B: FRA31EDGE0614 Ref C: 2022-08-03T13:24:56Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 03 Aug 2022 13:24:56 GMT
accept-ranges: bytes
content-length: 11376

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 142ms
43ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
server: snooserv
etag: "95212d33cfff78ad59f5af5b20c48c53"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges: bytes
content-encoding: gzip
content-length: 7722

GET
H2 200 43119890.js Show response
container.pepperjam.com/ 8 KB
9 KB 195ms
42ms Script
application/x-javascript 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://container.pepperjam.com/43119890.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ndNxmq3ad0rxrMQ2ENUCzvXNi837Zedq
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 18:03:58 GMT
server: AmazonS3
age: 665
etag: "cda0a8b1fb96cd23c5b8431794f284c4"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=900
date: Wed, 03 Aug 2022 13:13:55 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8688
x-amz-cf-id: KP9AXmeJAxC3KJiL1eJRtOsA3CYtbsb-K24YOWpKrZq03G-nA6-hiA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 136ms
60ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HSQT51TL60&l=dataLayer&cx=c

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd315bb9d37df4e19ed637fa1ee24583e336d3110ee3398fb5ebdd2ddd8c71f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72359
x-xss-protection: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 129ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26222
x-xss-protection: 0
pragma: public
x-fb-debug: yaU9N9KqocublUZ3dlEkWRuXQEva95Cd+AAIOE3mjlJZ/m97NAdW/apMDXkwpmPgdZu0VZfVNeX2RJHldfRvSQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1435364.js Show response
static.hotjar.com/c/ 5 KB
3 KB 137ms
40ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1435364.js?sv=6

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-123.fra56.r.cloudfront.net

Software

Resource Hash

b750252fca5b45a81bec533a491ec39a7085265f697766d97294cefd94f188a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/508c680861a9d817565c6756cf12976c
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JHU1CHfcDMqjTz7tzPngzz1Dcq7M10C2Dfvb3jPGcXL8ol8dDumj6A==

GET
H2 200 6f0e2a53-075f-4449-a4f8-cf34aa283652-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 7 KB
7 KB 137ms
40ms Script
application/javascript 2600:9000:206f:7e00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/6f0e2a53-075f-4449-a4f8-cf34aa283652-latest.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7e00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 371c7619c36e1e1364329d7da03b78f25f7de9d24a843c54323e87f3311a8d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: x9jcHduyC8S_pEdKdOB06KLjQp.UFsYl
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 19:41:33 GMT
server: AmazonS3
age: 39875
etag: "c9c650ea6a1bd82179d264b9c5caadf4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 03 Aug 2022 02:20:22 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6952
x-amz-cf-id: dltvsbsdhJMj0fkklHGh21tVLhqYBxH7qF8qoTaYjmLVsZ1QrecD6g==

GET
H2 200 a-04bo.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 129ms
38ms Script
application/javascript 2600:9000:2057:a000:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04bo.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a000:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e24b0916e4b8893e7b89ceabb664ab2e6031375622958da4add8ed8412c931c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 01:25:10 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
age: 43186
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: J0WDELnaJy2ux82WT0cRUdsRXzn2_OVbqk7nZbmR23_JWHEcpgZnjQ==

GET
H2 200 affirm.js Show response
cdn1.affirm.com/js/v2/ 429 KB
91 KB 121ms
37ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/js/v2/affirm.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f023b9c97cf8462f3f46e83d1097eee7f2d9d0c35efbf99fe6d51d54af3f8dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 1247
x-cache: HIT, HIT
x-envoy-upstream-service-time: 449
x-affirm-cache-status: STALE
content-length: 92546
x-served-by: cache-iad-kiad7000030-IAD, cache-hhn4054-HHN
access-control-allow-origin: *
x-affirm-request-id: 9614234a-7db0-4549-c55e-7089d3e6768f
last-modified: Tue, 19 Jul 2022 20:59:34 GMT
server: istio-envoy
etag: W/"56a1dbb3367b8ddb6d30c622ef60c0b6"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=259200, public
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin, <https://cdn1.affirm.com>; rel=preconnect, <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin, <https://cdn-assets.affirm.com>; rel=preconnect, <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin, <https://cdnjs.cloudflare.com>; rel=preconnect
x-cache-hits: 1, 67

GET
H2 200 dtag.js Show response
cdn.attn.tv/wearfigs/ 7 KB
3 KB 1413ms
1320ms Script
text/javascript 2600:9000:223c:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/wearfigs/dtag.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0d5c5a299fed7cd20547157226affe7f324eadd98653d59cbb1782087ae98dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ORz1nBDrNDr_W6fRuQOmtFSXlJCkLpwj
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 17:23:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"b81c6759a3ecfb125d8c827efd700a12"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control: public, max-age=120
date: Wed, 03 Aug 2022 13:24:58 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: 5ApvoZe61CtI6gvJhPR57wk7ajJY43a-1gLwzzpW2YfN0PIrriUszA==

GET
H2 200 init-1242fbdx1278dia53814.js Show response
api.fouanalytics.com/api/ 470 B
953 B 310ms
220ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1242fbdx1278dia53814.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0852ef45093e3cdb7ee1d7402d2177c0a14b92c4f1b547e3322134f03979f4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCBPELmRinpzGV80iiRGnq7R6f0cYojBAxnann7E1pJxioU%2FvsyR1OXM7nWfsWr%2BIQOJc%2Fi6Q6SNHrqqbpZSt%2Btq2Nh23kr%2B8pgohJ6gJg8L3640BLeBbo8Y9GJI5uVa2BN6dJMDpLmPqSLBRU4859amGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 734f605d5e925c62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 403 1535.js
cdn.pbbl.co/r/ 0
0 189ms
37ms Script
text/html 18.66.122.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1535.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-27.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 shopify-1398942 Show response
connect.nosto.com/include/ 175 KB
46 KB 165ms
45ms Script
application/javascript 2600:9000:2490:ae00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/include/shopify-1398942

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ae00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b7a7cc486468ef7919d4778d298343f7e48c7749f2aa4929a2a03a0e4095b5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: c75b1f49-f311-4876-b632-4a39a9a609d5
server: nginx
etag: W/"b7a7cc486468ef7919d4778d298343f7e48c7749f2aa4929a2a03a0e4095b5b9"
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: BXLgPm4gCix8OjQWOo0gP_svlvn4nqc1M5N8BJ0jodshOjqe-fFmJA==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1100083/ 57 KB
18 KB 142ms
54ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1100083/tfa.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 122a7ac3587a42480f035280cd321cf5c7745b7ea6c9ad94f0fab096c0af37d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: GL8x9Pjx7Oc9CGlLV09IwNoLIoeCDX.9
content-encoding: gzip
etag: "48bf25032be38577ec70dcf5c63c88d1"
age: 131
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 17853
x-amz-id-2: zfVD0gQMBeRnZ74FSYXiyDXyMnHAOg1knLNPo+MTaPDrptr/cZFdE1/p5OhTu6ce8QnBckMcowY=
x-served-by: cache-hhn4021-HHN
last-modified: Sun, 31 Jul 2022 11:10:42 GMT
server: AmazonS3
x-timer: S1659533097.571075,VS0,VE1
date: Wed, 03 Aug 2022 13:24:56 GMT
vary: Accept-Encoding
x-amz-request-id: WADS18R1RM6TXCT2
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 42
x-cache-hits: 1

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 156ms
38ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:29:59 GMT
content-encoding: gzip
age: 3297
x-guploader-uploadid: ADPycduoDiy2MHV6ZGrTCHF_BliJQEBkHptrs7TtiRklWlxOPFRjqJ-Dv6lGoOVTLu4AFI9rHbK12BgIv4oX-ohuJ3vUbw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 03 Aug 2022 13:29:59 GMT

GET
H2 200 t.png
pix.pub/ 68 B
411 B 127ms
37ms Image
image/png 108.138.7.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.pub/t.png?&t=1659533096126&l=tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc&u3=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Aug 2022 19:47:34 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
server: AmazonS3
age: 63443
etag: "8e31b8b47c618ed73e5b31011d1de037"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 68
x-amz-cf-id: jXMNaZjWdDgi8iwE1f97LYfGg3umRB_i6FWxU3HsAQRftN2gKYQz9g==

GET
H2

200

pixel.png
pixel.tvsciapi.com/static/attributionengine/images/
Redirect Chain

https://pixel.tvsciapi.com/pixel?l=tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc&gtmcb=650560403
https://pixel.tapad.com/idsync/ex/receive?partner_id=3280&partner_device_id=tvs-55441270-3871-4862-b8fd-d6d9662ecf32&partner_url=https://pixel.tvsciapi.com/tapadcallback/tvscientific-pix-o-210a425d...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3280&partner_device_id=tvs-55441270-3871-4862-b8fd-d6d9662ecf32&partner_url=https://pixel.tvsciapi.com/tapadcallback/tvscientific-pix-o-21...
https://pixel.tvsciapi.com/tapadcallback/tvscientific-pix-o-210a425d-14af-44b5-b992-b9f64220b3cc/?id=365b7151-d305-4c12-9492-5599deb432f5
https://pixel.tvsciapi.com/static/attributionengine/images/pixel.png

120 B
327 B

202ms
201ms

Image
image/png

54.191.207.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.tvsciapi.com/static/attributionengine/images/pixel.png
Protocol: H2
Server: 54.191.207.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-207-134.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
last-modified: Thu, 25 Feb 2021 18:39:42 GMT
server: nginx/1.20.0
etag: "1614278382.0204656-120-3134921490"
content-type: image/png
cache-control: public, max-age=43200
content-length: 120
expires: Thu, 04 Aug 2022 01:24:57 GMT

Redirect headers

location: https://pixel.tvsciapi.com/static/attributionengine/images/pixel.png
date: Wed, 03 Aug 2022 13:24:57 GMT
server: nginx/1.20.0
content-length: 343
content-type: text/html; charset=utf-8

GET
H2 200 widget.js Show response
widget.privy.com/assets/ 319 KB
97 KB 139ms
52ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.privy.com/assets/widget.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d4084fb33d37159b32d247eb5a597a851634e696eed4f10c7bb0bf0396166eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
via: 1.1 vegur, 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 1757
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 23:54:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-pop: FRA56-C1
cf-ray: 734f605e2fe9bb3d-FRA
x-amz-cf-id: sNXzKTVHb7U22ar6b2oy4ZU-8HKT16LJpkJN5xtqxDkRV9npQ8LdZw==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 107ms
68ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-HSQT51TL60&l=dataLayer&cx=c

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb736a59890c6bc135b864b94070335dccd53b6a0e57c7b48d599e1a810338d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72465
x-xss-protection: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
481 B 233ms
47ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=cfc785d1-a6c1-4b34-bdee-2b6334c192e8

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d6d7bbb3daaa9ea83598e7e85f133fd348de6a964dbdd88c0992ed04d4257c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wearfigs.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
164 B 234ms
48ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cfc785d1-a6c1-4b34-bdee-2b6334c192e8&tld=com

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

aa091214b3fb4b3a2acbfa8ca7938b295d6023fdf87367acff81748f0b2a518f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wearfigs.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame EE3F 0
294 B 209ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cfc785d1-a6c1-4b34-bdee-2b6334c192e8&_scsid=f15c22d3-4469-4224-a342-e7318142fd13&_sclid=3e347e5f-cf79-46f6-8675-499d076277a6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 03 Aug 2022 13:24:56 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/ 3 KB
2 KB 132ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/?random=1659533096271&cv=9&fst=1659533096271&num=1&label=TyMaCLic5vIBEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5262f5aa9d7b47c385d408f33c5313696ad3aece82a576e65eb18caee1f47cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/ 3 KB
1 KB 123ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/?random=1659533096273&cv=9&fst=1659533096273&num=1&label=pBt0CK7t-PIBELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44546ee81f3c6ab536ce28d03586eefce10ca69b22ba23ba318a5b47b514f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/ 3 KB
1 KB 120ms
55ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/?random=1659533096274&cv=9&fst=1659533096274&num=1&label=CJFiCLnb6PIBEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a9b37e64361e7b7fa2d828d4443d9a95a1d4b78316487433f1aa6cb0b76ca9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/ 3 KB
1 KB 110ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/?random=1659533096275&cv=9&fst=1659533096275&num=1&label=6uaLCL3u6PIBEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c7d083ec5d447b7f8cec01550320dcf74794702f2cd617a489acfd1e99a8341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/984949555/ 2 KB
1 KB 162ms
75ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/984949555/?random=1659533096275&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

376420aca93c5d7acef9245e8862461bcbe2cf4b3c97a1bedf7560f3d2ead303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1467
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/655922783/ 2 KB
1 KB 153ms
68ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/655922783/?random=1659533096278&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5afde67cc01017b552b99c4a8a8dc9aeb9670d6fcd02db36ea3bba681a39298e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1463
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/671967648/ 2 KB
1 KB 159ms
75ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/671967648/?random=1659533096281&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5fcfccefd969cc7a2cd9c0d2f8d25ef0d66526d7f648b79595f7a36b981cef8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1465
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/615428503/ 2 KB
1 KB 154ms
72ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/615428503/?random=1659533096282&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

188cc1e1264e9abb963aeaabdc479651858f7a35ca8a785771933312a294824b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1464
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/984949555/ 2 KB
1 KB 157ms
76ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/984949555/?random=1659533096283&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

db8c9610fc1862827debb5271e9260b278677aa472487a3febcc3d2d16fdb005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1467
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/655922783/ 2 KB
1 KB 151ms
71ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/655922783/?random=1659533096285&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d325596aada7661275ff41f7fc83a0f9eb51d399b220d45f9702998436b8512d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1463
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/671967648/ 2 KB
1 KB 154ms
76ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/671967648/?random=1659533096286&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

37fda353bad7760e3c0332b566592ea0b7e3ac995dd8f9198d3c49087570107f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1462
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/615428503/ 2 KB
1 KB 146ms
69ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/615428503/?random=1659533096287&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

28ab678228cedd73532dcd1bcbba2544c331101118a00559194b548516df8074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 156ms
44ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1250985578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&dr=https%3A%2F%2Fmkto-sj300004.com%2F&ul=en-us&de=UTF-8&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1746132234&gjid=1190624968&cid=1493098592.1659533096&tid=UA-42322832-1&_gid=656714981.1659533096&_r=1&gtm=2wg811NLWDV6S&z=1479652732

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
193 B 148ms
48ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=cfc785d1-a6c1-4b34-bdee-2b6334c192e8

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d6d7bbb3daaa9ea83598e7e85f133fd348de6a964dbdd88c0992ed04d4257c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wearfigs.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
164 B 148ms
47ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cfc785d1-a6c1-4b34-bdee-2b6334c192e8&tld=com

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

aa091214b3fb4b3a2acbfa8ca7938b295d6023fdf87367acff81748f0b2a518f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wearfigs.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

POST
H2 200 p Show response
tr.snapchat.com/ Frame 75C6 68 B
275 B 99ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wearfigs.com
Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://www.wearfigs.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Wed, 03 Aug 2022 13:24:56 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p Show response
tr.snapchat.com/ Frame E566 68 B
313 B 70ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wearfigs.com
Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://www.wearfigs.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Wed, 03 Aug 2022 13:24:56 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 425ms
128ms Image
image/gif 54.210.205.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=5201719033691813&v=8610147006238249&s=6308339568508007&b=web&tv=4.0&z=0&h=%2F&q=%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&d=www.wearfigs.com&t=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&r=https%3A%2F%2Fmkto-sj300004.com%2F&us=delighted&um=email&uc=customer-profile-figs&ua=evergreen&ts=1659533096390&st=1659533096406

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.205.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-205-155.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 338ms
129ms Image
image/gif 54.210.205.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=5201719033691813&v=8610147006238249&s=6308339568508007&b=web&tv=4.0&sp=z&sp=0&sp=r&sp=https%3A%2F%2Fmkto-sj300004.com%2F&sp=us&sp=delighted&sp=um&sp=email&sp=uc&sp=customer-profile-figs&sp=ua&sp=evergreen&sp=ts&sp=1659533096390&sp=d&sp=www.wearfigs.com&sp=h&sp=%2F&sp=t&sp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&sp=q&sp=%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&pp=d&pp=www.wearfigs.com&pp=q&pp=%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&pp=h&pp=%2F&pp=t&pp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&pp=ts&pp=1659533096390&id0=4807767275309081&t0=Marketing_AllPages_View_PageView&ts0=1659533096345&id1=790385866989711&t1=Marketing_Homepage_View_PageView&ts1=1659533096345&st=1659533096407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.205.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-205-155.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 129ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HSQT51TL60&gtm=2oe811&_p=1250985578&_z=ccd.v9B&_gaz=1&cid=1493098592.1659533096&ul=en-us&sr=1600x1200&_s=1&sid=1659533096&sct=1&seg=0&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&dr=https%3A%2F%2Fmkto-sj300004.com%2F&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&en=page_view&_fv=1&_ss=2&ep.tag_name=GA4%20-%20Page%20View
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HSQT51TL60&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 142ms
47ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HSQT51TL60&cid=1493098592.1659533096&gtm=2oe811&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HSQT51TL60&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
63ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HSQT51TL60&cid=1493098592.1659533096&gtm=2oe811&aip=1&z=1502872840

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FB48 15 KB
6 KB 140ms
47ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.wearfigs.com&origin=onetag

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 13:24:56 GMT
server-processing-duration-in-ticks: 2048
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 487ms
398ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1659533096504&id=t2_oojec&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=c399c15e-86a6-4201-95ee-bee5f49716b4&aaid=&em=0000000000000000000000000000000000000000000000000000000000000000&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 146ms
46ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42322832-1&cid=1493098592.1659533096&jid=1746132234&gjid=1190624968&_gid=656714981.1659533096&_u=YEBAAEAAAAAAAC~&z=20771680

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Aug 2022 13:24:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 134ms
134ms Script
application/javascript 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 24762dca.7ba944f
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 97,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022080313245665537B4AB31C5D12C69D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.105.68
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1ca0007f8a01dd5a209960cd72c20119d99a6987a6827bda7b7af7b87461dc6135bd60d1f81f77589679bfd2c333db355d19c56875028ac709e0ff391a08f019fa
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 222ms
221ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7e4c571.7ba94d2
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 183,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=96, inner; dur=67
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456B4151CC6F9792815627D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,23.220.105.85
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c4a315fff2e516d65ffec9f0932a3a74949c502fd26d0be506c43df9c3f3fa0d0c8c7d76f8222da89565ac160af0a9d2a4863c6c103c7e0b45b73fece6b8bc26e
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 160ms
159ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 741b97b.7ba94ff
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 114,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=27, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456A923501E17435914ACC0
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.105.86
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1cafa752479c6dd45e17aece60f6caa04e76bb23b8c583f8081052f3c4bab2dd5df23a30253859537c48dd30e44cf781d0047812b7a7630e64685e831b15ee550b
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
691 B 358ms
357ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 24762f94.7ba954b
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 295,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=206, inner; dur=201
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202208031324569153EAD562E0B4136711
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 206,23.220.105.68
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1ca0007f8a01dd5a209960cd72c20119d9b2b55778240cc0cf1ffda819810fe1233d604555c11847271987dfa5c1780d21606857b5eb96c98e00d4da2bf8f70d19
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
548 B 172ms
171ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022080313245667DE496D9359CB108491
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524875f3d0036136d723623c80ebea1b30d320af0bb55cdfc84cff3cd984555b5221f78b1df9b2abfb6568faef24d218e35
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=106
x-akamai-request-id: 7ba9565
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
546 B 180ms
179ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220803132456640278B771330412D41C
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524a48fbeeb21bdeb5e734e1336e4ccb99e390ac5183c74474aba8975eb9fac2660071a693c5f2f3b3600cb734a4a7d7d73
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=113
x-akamai-request-id: 7ba956c
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
548 B 201ms
201ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220803132456E11A12BA95D733134DF3
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 133,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e52431513d1a7bc828f5d771413859e860d6fc8a02a5c46874ae5431b0038ce50c2bcef02e2a9471ef288631f7929e4c4a2e
server-timing: inner; dur=40, cdn-cache; desc=MISS, edge; dur=0, origin; dur=133
x-akamai-request-id: 7ba9575
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 868 B
1 KB 167ms
167ms Script
application/javascript 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3D48FATO1NMNN16JA80&hostname=www.wearfigs.com
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8400ca58eb1c38bbd46992209a84ff39f68649cbcdd404521c423cdac8129bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-akamai-request-id: 8f67eee.7ba9588
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 96,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=3
content-length: 346
pragma: no-cache
server: nginx
x-tt-logid: 202208031324569CB72E846842A410036D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.105.69
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c29466a52c78d9178a2b693901e088519fb5bbdd661ee68ad7206a111c4cca58e4d845a970838cadcec107717cc7b009e44b23093aa536fb61d13963d42dbacfe
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
690 B 174ms
174ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b8fee3c.7ba958c
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-46-238-141.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 103,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=16, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456C3C1C1B992AFBB0E74E6
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.46.238.141
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c57b6907a95e368ffa60ab1dc98df3e7140f8ca2dd75cde618fb8f79b53d2f714a670934f2003631727dc6dd3fe347d69831d538ceabd33d75c2e096047c4c081
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
546 B 170ms
170ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208031324565CA09EE754EB5C12C118
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524d839c7d436ce6114d3115cda207a800dfb9a571b590bbee56d5afffafd898089839db28a3151a40477fb7648c1f96fe9
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
x-akamai-request-id: 7ba9595
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 175ms
174ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7e4d8e7.7ba95a2
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 104,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=17, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456C385E231F633ED0DB84A
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.220.105.85
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c4a315fff2e516d65ffec9f0932a3a749c0810574b41acdd52c9a5d6ebe27c4c57a2a2bdfefe9c5889fc423fdfe7b407bfc7aa1fe9027ca5745ed8ad66ee1c6b7
expires: Wed, 03 Aug 2022 13:24:56 GMT

GET
H2 204 4051636.js Show response
bat.bing.com/p/action/ 0
118 B 374ms
373ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4051636.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2068F5686924A5C9C90FE17E2698D09 Ref B: FRA31EDGE0614 Ref C: 2022-08-03T13:24:56Z
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache: CONFIG_NOCACHE

GET
H3 200 1411344802476211 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 181ms
141ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1411344802476211?v=2.9.70&r=stable

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc3546e455e565a75e16afc3f7f04361b16e58cbe3f784344fb5edba3f66911c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Bv6EIkD5Z435Cdlp8MX9Wta6ewewXdGsBxpEvXenk0pIYfAChpe4SGeFduVQNzOkIBFm/1+UaN1spFhhsHPNuQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659533096837
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 8b903077.mp4 Show response
134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822... Frame ED10 2 KB
3 KB 38ms
38ms XHR
video/mp4 2a02:26f0:3500:6::17d8:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822713d/parcel/audio/8b903077.mp4?r=dXM%3D&range=1961-4316
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:6::17d8:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 3a73b5756c951af9742c7c11e2536820a201abbd3d51104f049af53ad8e01434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:56 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1658192400
Connection: keep-alive
Content-Length: 2356
AK-REFERENCE-ID: 0.ab6f1002.1659533096.37e98c
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Fri, 15 Jul 2022 21:58:59 GMT
Server: parcel
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=30196160
Akamai-Edge-IP: 2a02:26f0:3500:6::17d8:4dab
Accept-Ranges: bytes
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Wed, 19 Jul 2023 01:14:16 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 338ms
129ms Image
image/gif 54.210.205.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=5201719033691813&v=8610147006238249&s=6308339568508007&b=web&tv=4.0&sp=z&sp=0&sp=r&sp=https%3A%2F%2Fmkto-sj300004.com%2F&sp=us&sp=delighted&sp=um&sp=email&sp=uc&sp=customer-profile-figs&sp=ua&sp=evergreen&sp=ts&sp=1659533096390&sp=d&sp=www.wearfigs.com&sp=h&sp=%2F&sp=t&sp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&sp=q&sp=%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&pp=d&pp=www.wearfigs.com&pp=q&pp=%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&pp=h&pp=%2F&pp=t&pp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&pp=ts&pp=1659533096390&id0=3616601496888183&k0=Load%20Time&k0=2.301&t0=Page%20Load&ts0=1659533096684&st=1659533096684

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.205.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-205-155.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 modules.5d050be37fa3fcc28f90.js Show response
script.hotjar.com/ 248 KB
64 KB 124ms
42ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5d050be37fa3fcc28f90.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

9594ff4a7989d3edaad4239be043a1dec33d992b4e547cdeec5041e894548041

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 11:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6350
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64718
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 11:38:57 GMT
etag: "e1db1e6d1bcb7ee08b73da806fd913ab"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TyHuZMt8cWbCHXmN4Zc0iffkeXiW8oHUQgOZO0pZPr9imS-Jnm3g9Q==

GET
H3

200

/
www.google.de/pagead/1p-conversion/655922783/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

167ms
87ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrzaF56X1gbE0bCoCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHfhXByAnpcm9V-wfMU0rFv-9wNq0siTEYw&random=3408216409&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/655922783/?random=519450425&cv=9&fst=1659533096278&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrzaF56X1gbE0bCoCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHfhXByAnpcm9V-wfMU0rFv-9wNq0siTEYw&random=3408216409&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/615428503/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

173ms
94ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvDsF6PGxgL4-ruQDA&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHSPGwQ4rrnEhgUMs5lQo2yPYHZGnUydU3w&random=3386617410&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/615428503/?random=1015155051&cv=9&fst=1659533096287&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvDsF6PGxgL4-ruQDA&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHSPGwQ4rrnEhgUMs5lQo2yPYHZGnUydU3w&random=3386617410&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/655922783/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

137ms
57ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYoPoF4Ow1gbyxJTIBQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHdjPEC4J6WKDkwFJzzAtXUl22uZstYTRAQ&random=605012482&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/655922783/?random=1800322729&cv=9&fst=1659533096285&num=1&value=0&label=WlwoCPzh7sMDEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYoPoF4Ow1gbyxJTIBQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHdjPEC4J6WKDkwFJzzAtXUl22uZstYTRAQ&random=605012482&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/615428503/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
https://www.google.com/pagead/1p-conversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
https://www.google.de/pagead/1p-conversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...

42 B
64 B

135ms
56ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYtPeF5fO1garvq-oCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHZ-Cmj6RwFq0MJGtKdmv06TzkyhP3lYLgQ&random=312637878&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/615428503/?random=36217141&cv=9&fst=1659533096282&num=1&value=0&label=UX-pCKSn88MDEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYtPeF5fO1garvq-oCQ&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHZ-Cmj6RwFq0MJGtKdmv06TzkyhP3lYLgQ&random=312637878&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/671967648/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

139ms
60ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvXaF_W_mLAPr8-EyA0&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHRejpuTa-DLrrVhiQq0CBPsPAufGqaMELg&random=244938892&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/671967648/?random=300313046&cv=9&fst=1659533096281&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYvXaF_W_mLAPr8-EyA0&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHRejpuTa-DLrrVhiQq0CBPsPAufGqaMELg&random=244938892&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/984949555/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

136ms
55ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYuTYF8L5xwKb7p64Aw&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHYYUIu4TAVDUl7QCuSkNu7dB9HGGLhJiPQ&random=2570388676&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/984949555/?random=924847495&cv=9&fst=1659533096275&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYuTYF8L5xwKb7p64Aw&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHYYUIu4TAVDUl7QCuSkNu7dB9HGGLhJiPQ&random=2570388676&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/671967648/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

131ms
54ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYsXqF8uT1wbI_oewDg&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHXSoAf2-cE6gHFCO2DYtUr6zoTCprdWcxw&random=3334916676&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/671967648/?random=839533731&cv=9&fst=1659533096286&num=1&value=0&label=ydwXCLny7sMDEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYsXqF8uT1wbI_oewDg&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHXSoAf2-cE6gHFCO2DYtUr6zoTCprdWcxw&random=3334916676&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/984949555/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

55ms
54ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrbgF5GsmLAP1d6Y4Ac&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHbVhxAp3v0OfY13-YteyCbder-VxRtkWeQ&random=2936740915&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/984949555/?random=1411007652&cv=9&fst=1659533096283&num=1&value=0&label=FZAXCPTEmsIDELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&auid=2061988733.1659533096&em=tv.1~em.e0&ec_mode=m&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KHfqYrbgF5GsmLAP1d6Y4Ac&eitems=ChAI8LmolwYQ1pXzmOS2wMwwEh0AaiWGHbVhxAp3v0OfY13-YteyCbder-VxRtkWeQ&random=2936740915&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 155ms
67ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42322832-1&cid=1493098592.1659533096&jid=1746132234&_u=YEBAAEAAAAAAAC~&z=368918436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 131ms
65ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42322832-1&cid=1493098592.1659533096&jid=1746132234&_u=YEBAAEAAAAAAAC~&z=368918436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 161ms
38ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Content-Encoding: gzip
Age: 26931
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21977-LGA, cache-hhn4066-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1659533097.020012,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 7997

GET
H2 200 6f0e2a53-075f-4449-a4f8-cf34aa283652-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 12 KB
12 KB 43ms
42ms Script
application/javascript 2600:9000:206f:7e00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/6f0e2a53-075f-4449-a4f8-cf34aa283652-additional-latest.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7e00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba155a283d4b5de5b24513b6d588c7c9916927bf9c4ca11619ab754a96dc56e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: SAlzB.RSySV3jaXbHL_hWD2wIO__yLTK
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 23:25:58 GMT
server: AmazonS3
age: 24247
etag: "0684e5b26af35c3574fa65a19a76b64f"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 03 Aug 2022 06:40:50 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 12276
x-amz-cf-id: m55o7hGfTWYSh3EuYlSO46pM-YZLTEGtRSajvaZPzmh_AiEwlr1Mfw==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 41ms
41ms Script
application/javascript 2600:9000:206f:7e00:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7e00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e4516e3afa1170bf934a7882bf09eacf63d4600ea4b2609724c6cfa49333472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: nxP954O2qyuHFEWoPjj05B2blGcZvYQN
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 19:33:58 GMT
server: AmazonS3
age: 30230
etag: "2fd76c8e88356206a1c7a31860e7fe72"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
date: Wed, 03 Aug 2022 05:01:12 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10025
x-amz-cf-id: xNR2vlsZxBQFGW59sNBIXpVCa-QUXuZ8yvswCSqnrYRMfG_YZ8-j2Q==

GET
H/1.1 200
OK integrations Show response
rbqnb9ch.wearfigs.com/ 59 B
261 B 111ms
110ms Script
text/javascript 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbqnb9ch.wearfigs.com/integrations?source=figs
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: b80124e7faec12ac1bcf0e37475f41ed3364c5e467e81ce723daacacd3179d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:56 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
674 B 251ms
146ms Script
text/javascript 104.21.58.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17acd344e7220b3482ac4f1b761aee821e70fc75cb4828fa7921362c5dc65c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrJmWeYWkDIDhkroAkG%2BW5rU2%2BxI3krwu%2FoUnnwyhG40IpSUQEWxgmQ%2BvtwSZFTIhAZj8yr90tbSjOpGyGPWztbWD6zylqEw1mRJeIog1qsde5eLhiXNPA%2BmzV0bdZhHTBUi"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 734f60605e4b75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK site-12d76507-www.wearfigs.com.json Show response
cdn1.friendbuy.com/widgets/configs/ 32 KB
5 KB 198ms
40ms XHR
application/json 99.86.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.friendbuy.com/widgets/configs/site-12d76507-www.wearfigs.com.json
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-16.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9d5f0f66f59b506997b38ebbfdaf51d34770ce0c933855a48011ec74ea183d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: bIZoK.fCT0fCgvoyHMjbSIYledcbVhrR
Content-Encoding: gzip
ETag: W/"240c36997c0d219c42ed994fe507f1aa"
Age: 85
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 26 Apr 2022 20:06:18 GMT
Server: AmazonS3
Date: Wed, 03 Aug 2022 13:24:56 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
Cache-Control: max-age=180
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: QvlL_WIPP4cPd-V9agV4WTA4mZkWTZSFBMqAgpRxygi3x6iG8fi_5Q==
Expires: Fri, 23 Apr 2032 20:06:17 UTC

GET
H/1.1 200
OK site-12d76507-www.wearfigs.com.json Show response
cdn1.friendbuy.com/widgets/configs/ 32 KB
5 KB 198ms
37ms XHR
application/json 99.86.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.friendbuy.com/widgets/configs/site-12d76507-www.wearfigs.com.json
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-16.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9d5f0f66f59b506997b38ebbfdaf51d34770ce0c933855a48011ec74ea183d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: bIZoK.fCT0fCgvoyHMjbSIYledcbVhrR
Content-Encoding: gzip
ETag: W/"240c36997c0d219c42ed994fe507f1aa"
Age: 85
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 26 Apr 2022 20:06:18 GMT
Server: AmazonS3
Date: Wed, 03 Aug 2022 13:24:56 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Cache-Control: max-age=180
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: n5IIL4EXb82L8rCNbGUyrH9toWYsXtpRMr_Fy5RfhqBbrxfXbPhFZA==
Expires: Fri, 23 Apr 2032 20:06:17 UTC

GET
H2 200 json Show response
trc.taboola.com/1100083/trc/3/ 2 KB
1 KB 71ms
56ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1100083/trc/3/json?tim=1659533096730&data=%7B%22id%22%3A333%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1659533096724%2C%22cv%22%3A%2220220731-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%22%2C%22e%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-alexwearfigscom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1659533096729%2C%22ref%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A23%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b52c8c1065cb4cbfbd6541783a7df840ced6dea39be4a79e41a09d131f9eae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: nginx
x-timer: S1659533097.935798,VS0,VE18
x-served-by: cache-hhn4021-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 touch_track Show response
api-cf.affirm.com/api/v2/session/ 46 B
1 KB 277ms
160ms Fetch
application/json 13.32.121.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cf.affirm.com/api/v2/session/touch_track

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-6.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4727fdc99122510a24222101798999b6a28b94a725c962e294276d449858986f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 28
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.wearfigs.com
x-affirm-request-id: 9776f007-3a90-418f-c108-78e9128bd61a
server: istio-envoy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: buaTIWpjRXGC5MWn4yacKiKk2BfVXIjXdiJYcQARrP9hx9GYIQqv1A==

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 22 B
720 B 125ms
38ms Fetch
application/json 99.86.4.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-61.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:20:45 GMT
content-encoding: gzip
vary: Accept-Encoding,cookie,Origin,Origin
age: 251
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 8
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.wearfigs.com
x-affirm-request-id: 8c1f7de6-89ef-45df-c558-081ac852b9eb
server: istio-envoy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: EQwInoLYPP_I-qSk270oAAWv86jw21-58xaWlq_aYROkkZvXhr9RIA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame FB48
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=wearfigs.com&sn=ChromeSyncframe&so=0&topUrl=www.wearfigs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5fYXHHxISUM4VWZuUnZyekZkYUJBRWhkcmxHRzkzYjdIbFBZL05RQW1SenhXbmF6K05POHFTQm9FcnltbXphbTFjaW1pQUxZNTdUWFNiREtQekZHVlc4TTZZdmN6UWY3a3lZSzJuYmtOSWo5c3pxWWFJYVhXM01sQzBSS3...

433 B
635 B

282ms
51ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5fYXHHxISUM4VWZuUnZyekZkYUJBRWhkcmxHRzkzYjdIbFBZL05RQW1SenhXbmF6K05POHFTQm9FcnltbXphbTFjaW1pQUxZNTdUWFNiREtQekZHVlc4TTZZdmN6UWY3a3lZSzJuYmtOSWo5c3pxWWFJYVhXM01sQzBSS3NKM0toQ3dWRlJJcEN0aWx5VlhBL2lIbS93MHdvTjg5VmErNlZVeU43WTB1TzI3REhiMFJEWVlaTmM1UzU3SlIyT002L08vY2xYVm95QmJ3WlkwN0dIWlVwL0Q3QmVpYTB5Uit3R1IyRHlvRXlPRjBKc2pNUUdGZzJveDIwUkd3UE1DTWlvS1FsYW4xUURlT3FJQ29lOGJPUGhDWHdyUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a9fafbf928d890755abe5cfb36150ba8096f4aea080c1ab9ecf1dddf845e319e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5439
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=5fYXHHxISUM4VWZuUnZyekZkYUJBRWhkcmxHRzkzYjdIbFBZL05RQW1SenhXbmF6K05POHFTQm9FcnltbXphbTFjaW1pQUxZNTdUWFNiREtQekZHVlc4TTZZdmN6UWY3a3lZSzJuYmtOSWo5c3pxWWFJYVhXM01sQzBSS3NKM0toQ3dWRlJJcEN0aWx5VlhBL2lIbS93MHdvTjg5VmErNlZVeU43WTB1TzI3REhiMFJEWVlaTmM1UzU3SlIyT002L08vY2xYVm95QmJ3WlkwN0dIWlVwL0Q3QmVpYTB5Uit3R1IyRHlvRXlPRjBKc2pNUUdGZzJveDIwUkd3UE1DTWlvS1FsYW4xUURlT3FJQ29lOGJPUGhDWHdyUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1691
content-length: 541
expires: 0

GET
H3 200 FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
61 KB 86ms
85ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2?v=1608583712

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e477e5b8b86ca6b1358fbeb87736615204866bded195fc73b9f054529910ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10147691
server-timing: imagery;dur=180.809, imageryFetch;dur=180.318
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61980
x-xss-protection: 1; mode=block
x-request-id: 75f328c4-92a5-46e1-a57c-dd7c66435814
timing-allow-origin: *
surrogate-key: segment4-42479 shop-1398942 mime-font/woff2-42479 time-bucket-20220408-42479 5b265d78b8a556f71c1d0891715af62292b263f7136e3dd73d1cace940e9ca66
last-modified: Fri, 08 Apr 2022 02:36:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm7%2B8pRJnTwdVMPAAyWuiJkk%2BYJQNmSL1ZxBL%2BElQI%2FXla%2BxBnrp2Tkk52ecSYSBaA2Jgs98QHy9rJ%2B%2BSQIoh%2B4WUgJcrDhdgt4rPiueRopTUwB58z0uJ7bUL10Jg1o1gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f605efecf9012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2>; rel="canonical"

GET
H3 200 FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
62 KB 46ms
45ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2?v=1608583712

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

374df3dfdc8e680a5b78dbd2317d40fa2b6e4e7021dd2383d72d0441e4d49d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10178271
server-timing: imagery;dur=29.409, imageryFetch;dur=29.020
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62848
x-xss-protection: 1; mode=block
x-request-id: 75923a0a-be4e-450c-aedd-2cb0d3d23fad
timing-allow-origin: *
surrogate-key: segment4-34327 shop-1398942 mime-font/woff2-34327 time-bucket-20220407-34327 7d4cf8e5b8b1c94062d87a102d5380476460daaaa5e27c5ce5db58581e05d80f
last-modified: Thu, 07 Apr 2022 18:07:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVTQ2IOyKukBnwjsmEOklG6iS8XTADGb%2Fj40YnYNNcCpCWZkD73zuEVx0Ca1GjASUThiS7pFhbnsLpWXEHTZsfa26uNzhj9Vv279Y93el6gCQ6vzd6Wo91eyyx%2BWkn4aow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f605efed39012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2>; rel="canonical"

GET
H3 200 FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 59 KB
59 KB 47ms
47ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2?v=1608583712

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c359ca086a363b7c2aedef74522528f2b70f37cec4059e0c3ee9d7b12f9d5609

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10147691
server-timing: imagery;dur=33.794, imageryFetch;dur=33.334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59988
x-xss-protection: 1; mode=block
x-request-id: fc402094-e2d7-45e4-98c9-335164067b24
timing-allow-origin: *
surrogate-key: segment4-57616 shop-1398942 mime-font/woff2-57616 time-bucket-20220408-57616 12a099b7a984f1d4cdfea1f4718d4ee585b722a73d93b91f50fd6fe5097a4eaa
last-modified: Fri, 08 Apr 2022 02:36:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4gvq010NrQ2sgNQ%2FFoSBPmpQvatLr0RAUaVMn3M%2B8LO%2FZUjfBEcu3D9%2FG%2BTcuXcSdSMNESkdRB4H7UjH6rQtFeDynOz9UXZyg2wh7RwrX9h1lhSM0nDAR1V1o4TiFpjXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f605efed59012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2>; rel="canonical"

GET
H3 200 FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
62 KB 80ms
80ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2?v=1608583712

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2207492a2cc099f6c61e6f89b630cb4d3c4b0604ca481a0bb83389d9341ac52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10156394
server-timing: imagery;dur=37.035, imageryFetch;dur=36.666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62948
x-xss-protection: 1; mode=block
x-request-id: 14ef2469-6138-4f31-afec-b97821976180
timing-allow-origin: *
surrogate-key: segment4-929 shop-1398942 mime-font/woff2-929 time-bucket-20220408-929 0b4299c51035ed120195a82445c6ab3226980288d4beb0607486712495c5419d
last-modified: Fri, 08 Apr 2022 00:11:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0cB448DOFRabw5CfxrUV0fu9yg504CujckuGffioV%2BP4UJRLmEFx7gpqzKb%2F07pmPJPUOWjQ5negRCpNZrnDNIRptzMMVxqNN1iU0dR6sfLAr4Av592uLgH85pP%2BFI%2BKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f605efee39012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2>; rel="canonical"

GET
H3 200 FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 57 KB
58 KB 78ms
78ms Font
font/woff2 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2?v=1608583712

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815ff4c9b8b41e38d4db9628ba39f07ca3ce2da7efb4fad31c25ac54160b85db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10147691
server-timing: imagery;dur=73.094, imageryFetch;dur=72.568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58580
x-xss-protection: 1; mode=block
x-request-id: 64450f1f-f9fa-4960-a650-32e82a44c5ce
timing-allow-origin: *
surrogate-key: segment4-46767 shop-1398942 mime-font/woff2-46767 time-bucket-20220408-46767 fb60aac781ebb760c0a12bce3418090685a6b324ae6528730b54c88f492a2296
last-modified: Fri, 08 Apr 2022 02:36:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVC5MswjVOnLYwgJ%2FD9uwIgXoe5hEzK85ISHGVjVybfeWadzsie2BLCnVgdp7yAKpN%2FTxZVqJ8RttE0epZK%2FtmeJ9gt%2BMM6pA7kOkRQDYpSR8POjgdk%2FyPrYtxKn0Ncjyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f605efee59012-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2>; rel="canonical"

GET
H2 200 box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response
vars.hotjar.com/ Frame F342 2 KB
1 KB 120ms
37ms Document
text/html 143.204.215.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-95.fra53.r.cloudfront.net

Software

Resource Hash

3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 171409
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 13:48:07 GMT
etag: "b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-id: paTowRjHXeQlGqOwheYj0UEhIpvJLo3b9XLyQIBn93b1u7h-YaFXiQ==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 204 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 0
18 B 289ms
212ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: f0d31c24ea62868533dde1943299a3e3
function-execution-id: b6l8i8705c4s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 280ms
157ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wearfigs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 13:24:57 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 00a3ssfugqh3
server: Google Frontend
x-cloud-trace-context: 543b771d6aa31637043ee62d810beafb
x-powered-by: Express

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/D07CA17E1806573C54E81EE3/ 120 KB
9 KB 254ms
160ms XHR
application/json 2606:4700:10::ac43:246a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/D07CA17E1806573C54E81EE3/campaigns.json?s=j&l=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&user_uuid=122c33d3-00ca-464c-ac75-46df4c6bdc94&fence=1

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:246a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f69922d70f579ddf91d031b41b3e5e48240d29011e24d8e468d860a3edb8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ipcountry: DE
date: Wed, 03 Aug 2022 13:24:57 GMT
x-ippostalcode
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-request-method: *
content-encoding: gzip
x-xss-protection: 0
x-request-id: b4811ac0-3e27-4199-832e-fd8c579b4d60
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2f69922d70f579ddf91d031b41b3e5e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 vegur
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_
cf-ray: 734f605fef5692b4-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/615428503/ 42 B
108 B 80ms
78ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/615428503/?random=1659533096271&cv=9&fst=1659531600000&num=1&label=TyMaCLic5vIBEJfjuqUC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=469669823&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/615428503/ 42 B
154 B 51ms
49ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/615428503/?random=1659533096271&cv=9&fst=1659531600000&num=1&label=TyMaCLic5vIBEJfjuqUC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=469669823&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/655922783/ 42 B
108 B 80ms
78ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/655922783/?random=1659533096275&cv=9&fst=1659531600000&num=1&label=6uaLCL3u6PIBEN-s4rgC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=1857635457&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/655922783/ 42 B
108 B 55ms
53ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/655922783/?random=1659533096275&cv=9&fst=1659531600000&num=1&label=6uaLCL3u6PIBEN-s4rgC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=1857635457&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/984949555/ 42 B
108 B 80ms
78ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984949555/?random=1659533096273&cv=9&fst=1659531600000&num=1&label=pBt0CK7t-PIBELPG1NUD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=3320971670&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/984949555/ 42 B
108 B 55ms
53ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984949555/?random=1659533096273&cv=9&fst=1659531600000&num=1&label=pBt0CK7t-PIBELPG1NUD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=3320971670&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/671967648/ 42 B
108 B 95ms
94ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/671967648/?random=1659533096274&cv=9&fst=1659531600000&num=1&label=CJFiCLnb6PIBEKDTtcAC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=3423036756&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/671967648/ 42 B
108 B 54ms
54ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/671967648/?random=1659533096274&cv=9&fst=1659531600000&num=1&label=CJFiCLnb6PIBEKDTtcAC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ref=https%3A%2F%2Fmkto-sj300004.com%2F&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=3423036756&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
494 B 125ms
38ms XHR
image/gif 65.9.58.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49NmYwZTJhNTMtMDc1Zi00NDQ5LWE0ZjgtY2YzNGFhMjgzNjUyJnNlc3Npb25JZD05NmU0MGRiYi05MWM5LWY4YmUtMzhmNC1iMzczNzhjNGE2Yjc%3D&date=1659533096844
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-221.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 06:37:30 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 24446
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: DxETm8QG17KO51YCTHrbbQsWJJhSSTkLTj8Alsn_2nMRJGTOcJLBtQ==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
493 B 132ms
39ms XHR
image/gif 2600:9000:214f:f600:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE1JnRva2VuPTZmMGUyYTUzLTA3NWYtNDQ0OS1hNGY4LWNmMzRhYTI4MzY1MiZzZXNzaW9uSWQ9OTZlNDBkYmItOTFjOS1mOGJlLTM4ZjQtYjM3Mzc4YzRhNmI3&date=1659533096844
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:f600:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 03:23:44 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 36073
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: I_Fxcr1fs0NTyfMoRhcUGYCKW8SnGTvZZ0uSPlK7f6dZj7voYW8T2g==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
450 B 127ms
38ms XHR
image/gif 2600:9000:214f:2800:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49NmYwZTJhNTMtMDc1Zi00NDQ5LWE0ZjgtY2YzNGFhMjgzNjUyJnNlc3Npb25JZD05NmU0MGRiYi05MWM5LWY4YmUtMzhmNC1iMzczNzhjNGE2YjcmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0cmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZta3RvLXNqMzAwMDA0LmNvbSUyRiYlMjRjdXJyZW50VXJsPWh0dHBzJTNBJTJGJTJGd3d3LndlYXJmaWdzLmNvbSUyRiUzRnV0bV9zb3VyY2UlM0RkZWxpZ2h0ZWQlMjZ1dG1fbWVkaXVtJTNEZW1haWwlMjZ1dG1fY2FtcGFpZ24lM0RldmVyZ3JlZW4lMjZ1dG1fY29udGVudCUzRGN1c3RvbWVyLXByb2ZpbGUtZmlncyUyNm1rdF90b2slM0RNRGs1TFZOS1RDMHdOVGNBQUFHR0F0Wm9QX0tFMmEyUXJpMFgwUVhESkMwRzZxWmpiLWxyNWFxSW15UmZvd0VLajlkeXE1OFdtM0RiZjllZHJtNGdFYm5MdFFJRTZDQk5ZbzE0OWNZM2lST2xjMHU1Zk1rSUxwUWVfZk12Tmc%3D&date=1659533096847
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2800:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:34:59 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
vary: Origin
age: 17398
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: Hrk3Df1cgiPISMOlHu2rzwtgKCpPTYICe6nBShVZ9e3ZgK41fxgkew==

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl164979812909943&ns=6868&nc=Figs_SV&ncv=68&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl164979812909943&ns=6868&nc=Figs_SV&ncv=68&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
232 B

158ms
157ms

Script
text/html

2606:4700::6812:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl164979812909943&ns=6868&nc=Figs_SV&ncv=68&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Protocol: H2
Server: 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 734f60631d159ba4-FRA
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Wed, 03 Aug 2022 13:24:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl164979812909943&ns=6868&nc=Figs_SV&ncv=68&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 734f6060c9499ba4-FRA

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-972&value=&uncacheplz=7884675744
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-972&value=&uncacheplz=7884675744&_bee_ppp=1

43 B
793 B

55ms
55ms

Image
image/gif

52.31.191.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-972&value=&uncacheplz=7884675744&_bee_ppp=1

Protocol

HTTP/1.1

Server

52.31.191.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-191-2.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-972&value=&uncacheplz=7884675744&_bee_ppp=1
Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=1260751434
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=1260751434&_bee_ppp=1

43 B
793 B

56ms
56ms

Image
image/gif

52.31.191.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=1260751434&_bee_ppp=1

Protocol

HTTP/1.1

Server

52.31.191.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-191-2.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=1260751434&_bee_ppp=1
Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1659533096855&aid=a-04bo&se=e30&duid=c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc&tna=v2.4.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3De...
https://rp4.liadm.com/j?dtstmp=1659533096855&aid=a-04bo&se=e30&duid=c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc&tna=v2.4.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3D...

13 B
551 B

590ms
124ms

XHR
application/json

107.21.19.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1659533096855&aid=a-04bo&se=e30&duid=c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc&tna=v2.4.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&wpn=lc-bundle&refr=https%3A%2F%2Fmkto-sj300004.com%2F&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWFyZmlncy5jb20vIj48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iU2hvcCBGSUdTIGZvciBjb21mb3J0YWJsZSBkZXNpZ25lciBzY3J1YnMgYW5kIG1lZGljYWwgYXBwYXJlbCB0aGF04oCZcyAxMDAlIGF3ZXNvbWUuIFRvbnMgb2YgY29sb3JzIGFuZCBmYXNoaW9uYWJsZSBzdHlsZXMuIEdldCByZWFkeSB0byBsb3ZlIHlvdXIgc2NydWJzISI-PHRpdGxlPkJhY2sgQnV0dG9uPC90aXRsZT48dGl0bGU-U2VhcmNoIEljb248L3RpdGxlPjx0aXRsZT5GaWx0ZXIgSWNvbjwvdGl0bGU-&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTA%3D&n3pc=true

Protocol

Server

107.21.19.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-19-116.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
x-pixel-event-id: eb8a74ee-ed12-4978-8c3e-eca1f6a67fd7
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: bbca0f02e00ce7a7
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Wed, 03 Aug 2022 13:24:57 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1659533096855&aid=a-04bo&se=e30&duid=c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc&tna=v2.4.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&wpn=lc-bundle&refr=https%3A%2F%2Fmkto-sj300004.com%2F&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL3d3dy53ZWFyZmlncy5jb20vIj48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iU2hvcCBGSUdTIGZvciBjb21mb3J0YWJsZSBkZXNpZ25lciBzY3J1YnMgYW5kIG1lZGljYWwgYXBwYXJlbCB0aGF04oCZcyAxMDAlIGF3ZXNvbWUuIFRvbnMgb2YgY29sb3JzIGFuZCBmYXNoaW9uYWJsZSBzdHlsZXMuIEdldCByZWFkeSB0byBsb3ZlIHlvdXIgc2NydWJzISI-PHRpdGxlPkJhY2sgQnV0dG9uPC90aXRsZT48dGl0bGU-U2VhcmNoIEljb248L3RpdGxlPjx0aXRsZT5GaWx0ZXIgSWNvbjwvdGl0bGU-&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTA%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.wearfigs.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 4b3eca39e49854d6
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 main.c99cd143.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 208ms
207ms Script
application/javascript 2a02:26f0:dc:18a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.c99cd143.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:18a::1931 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "a05548af4f747ef476e354fcd30947ce"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18448
access-control-expose-headers: X-CDN

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 145ms
145ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 27c707.7ba9896
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-220-105-87.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 106,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=16, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456416443EFFCD83A0EF10C
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.105.87
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c62673e91a6156fa6c48d04f1ca2102d4251d1d6acc8d5a0a6c937e8374ab520987f2329a23a0e0b142146fc20b9fffd4d1e4d775cecc5ef393718e5918bbb439
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
548 B 151ms
151ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208031324560A5C7BB7159674143892
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524698528f759bf0e7b207cb516c20bb3b7df3477642f65886706430b550cf8ee98b3094d1f338830827c0caee4e04162ed
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=1, origin; dur=113
x-akamai-request-id: 7ba98a4
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
547 B 141ms
141ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208031324564C47F4D06DA9EC10D073
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524d21daa09f302727f2056550840d2a97485a568365449f3caa3bb2f2b97dc857cfc7b3c0017d1fbf0898ddaa20e8d639b
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101
x-akamai-request-id: 7ba98ab
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
691 B 149ms
149ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 17302e50.7ba98b5
date: Wed, 03 Aug 2022 13:24:56 GMT
x-cache-remote: TCP_MISS from a23-46-238-124.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 107,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=13, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456B24B97B9CE3CB9122AEE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.46.238.124
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c8dd4633d5e02ab23f018aa9bfd0d471488c023255a36f612568d17ab22a248490d5c89107a581ab12d32e044372ea700f27678072ea3fe8d7d695ffe7e534c25
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
545 B 144ms
144ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220803132456B84E86D4B66DE8134E43
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524a94635c72e92b6f9414e28afd8ac42dc7aea2b6cf75e1156249b452dbcff14b52e48ae2febafd0c786f54e62863e5f1c
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=99
x-akamai-request-id: 7ba98be
content-length: 0
expires: Wed, 03 Aug 2022 13:24:56 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 172ms
172ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8f682aa.7ba996f
date: Wed, 03 Aug 2022 13:24:57 GMT
x-cache-remote: TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 133,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=114, origin; dur=20, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220803132456F52168032867FA0BD585
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.105.69
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c29466a52c78d9178a2b693901e0885198ed471d32be4c614cca1abf9eae9806712d08b3a0adbe60118566b67f5a3a7a14299d3b057b29efd2bae7c31bdfdaeab
expires: Wed, 03 Aug 2022 13:24:57 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
689 B 149ms
149ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7e4de21.7ba9980
date: Wed, 03 Aug 2022 13:24:57 GMT
x-cache-remote: TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
x-parent-response-time: 106,23.36.161.196
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=19, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022080313245605D3871EC1912112B889
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.105.85
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f12f2240026b1c2fa36e397927ec9c0e1c4a315fff2e516d65ffec9f0932a3a749742cd953846cfe7f006a4ba8b5d7b3d160974b9cc9b86e06b7f43f528440eff05467e88145d46dd4e4c724a3cede39c7
expires: Wed, 03 Aug 2022 13:24:57 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
548 B 172ms
172ms Ping
application/octet-stream 23.36.163.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202208031324564088D08858D3D314808A
x-cache: TCP_MISS from a23-36-161-196.deploy.akamaitechnologies.com (AkamaiGHost/10.9.1-42763970) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 127,23.36.161.196
x-tt-trace-host: 01c92fd83e29c87aedf66fb8e5595922f1bec6675893b312da5dbb8af0c037e524c28bb8c39d0880d0ed831ba9be76f85757dc90f6ea9dc8a56fba78cbb42a6d49b4061d42c9a10dfee6747e1718dd09b7
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=1, origin; dur=126
x-akamai-request-id: 7ba9997
content-length: 0
expires: Wed, 03 Aug 2022 13:24:57 GMT

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 21 B
720 B 37ms
37ms Fetch
application/json 99.86.4.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-61.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8d728ba62f3f7c795e471c6dce9d637ffce93580e4936c3f1b578320242df7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:50:41 GMT
content-encoding: gzip
vary: Accept-Encoding,cookie,Origin,Origin
age: 2055
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 8
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.wearfigs.com
x-affirm-request-id: 383f36db-9c7a-4c8d-ccba-468f1961fa00
server: istio-envoy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: KbsY8fjgUqghiwR18JRYjGFZ2r-wbABiqMZC0pwHUdghfLPnjfkfvg==

OPTIONS
H2 200 track
ws.friendbuy.com/site-12d76507-www.wearfigs.com/ Frame 0
0 667ms
195ms Preflight
text/html 54.215.202.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.202.231 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-202-231.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wearfigs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.wearfigs.com
access-control-max-age: 21600
allow: POST, OPTIONS
content-encoding: gzip
content-length: 20
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 13:24:57 GMT
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
server: nginx
vary: Accept-Encoding

POST
H2 202 track Show response
ws.friendbuy.com/site-12d76507-www.wearfigs.com/ 67 B
578 B 574ms
192ms XHR
application/json 54.215.202.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/track
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.215.202.231 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-215-202-231.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b40291ffe4e9d9bb2e10835df039258c7d2c8e55c8a9987371e667f5c18a0352

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: nginx
access-control-max-age: 21600
access-control-allow-methods: OPTIONS, POST
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 67

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 117ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1411344802476211&ev=PageView&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&rl=https%3A%2F%2Fmkto-sj300004.com%2F&if=false&ts=1659533097012&sw=1600&sh=1200&v=2.9.70&r=stable&ec=0&o=30&fbp=fb.1.1659533097011.1016709680&it=1659533096675&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 03 Aug 2022 13:24:57 GMT

GET
H2 204 1435364 Show response
vc.hotjar.io/sessions/ 0
256 B 155ms
68ms XHR
text/plain 65.9.66.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1435364?s=0.25&r=0.2057745344076778
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-34.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 6MStrqx9uB4d6ogoQTt1WRQ6zheyog3M61ZI7n2o47v3bMjh_-Qyzw==

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame ED10 0
11 B 137ms
136ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:57 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect
tracker.affirm.com/ 14 B
414 B 255ms
130ms Ping
application/octet-stream 13.32.121.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.affirm.com/collect

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-23.fra60.r.cloudfront.net

Software

openresty /

Resource Hash

70f07df8529a5da355e70cb8fd1a2c6cdbe6dec83a5332bfcf06f5a917e6e607

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
x-affirm-request-id: c52f6963-2005-44fc-c49b-fcdcafa0a44d
server: openresty
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-length: 14
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
x-amz-cf-id: ysyo7x324kavvpQnR_5I70BetJEMW33SBRs8j5sOuPuJj98ZPWVBaQ==

GET
H2 200 / Show response
www.affirm.com/apps/toast/ Frame 7AC4 652 B
1 KB 39ms
38ms Document
text/html 99.86.4.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/apps/toast/

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-61.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8768a4170a4710fa38da88574b4315b825a4bba25299dad58fcf248a495c5a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37
cache-control: max-age=300, public, must-revalidate
content-encoding: gzip
content-type: text/html
date: Wed, 03 Aug 2022 13:24:21 GMT
etag: W/"cda9cd494bb94f2f6af3e463c1eacda4"
last-modified: Wed, 09 Feb 2022 01:28:21 GMT
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin <https://cdn1.affirm.com>; rel=preconnect <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin <https://cdn-assets.affirm.com>; rel=preconnect <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin <https://cdnjs.cloudflare.com>; rel=preconnect
server: istio-envoy
strict-transport-security: max-age=86400
vary: Accept-Encoding
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-affirm-cache-status: REVALIDATED
x-affirm-request-id: 30269e13-826c-46e0-c6dc-ea535b35f05c
x-amz-cf-id: A-664Ytr5vEagg9zre4X894tvoqjx9n8Z1giLwYeZ7XfAPnZmX_u-w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 57

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
345 B 145ms
37ms Image
image/gif 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=522d7f2d-49ef-4096-a2c6-97b3853cec75&it=1659533097063&v=0.0.20&u=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&r=https%3A%2F%2Fmkto-sj300004.com%2F&st=1659533097062&et=1659533097063&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
ct.pinterest.com/user/ 490 B
584 B 159ms
77ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%22eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1659533097091
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7daba9ea1e541f132fda9656c5f2baed4942e7fdf534298400a7f7dad0811cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wearfigs.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU1EUTJNVFl6TlRRdE1UazJPQzAwT0Roa0xXSXdPRGd0T0RKaVpXUTNZV1V5WldJMw
x-pinterest-rid: 5040128186489778
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
content-length: 353
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 100ms
72ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%22eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22ref%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659533097097
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1563955881447775
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
328 B 70ms
69ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%2C%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22ref%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659533097097
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 5440795498358100
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
331 B 69ms
68ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22ref%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659533097098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
x-pinterest-rid: 1359779229687020
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 index-cc35f9e8384f96d24f0d.css
cdn1.affirm.com/products/toast/master/dist/ Frame 7AC4 15 KB
5 KB 120ms
44ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/products/toast/master/dist/index-cc35f9e8384f96d24f0d.css

Requested by

Host: www.affirm.com
URL: https://www.affirm.com/apps/toast/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7de29db67a5a02da70e826601983cc17f3edc043744bdb3d8f64d9c3d065697f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.affirm.com/
Origin: https://www.affirm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: hBns5Ml7_83aH2fuhveFHo1fIMgaOJ_W
content-encoding: gzip
etag: "4ca8e7473adc506a12320a9dcaf0edcf"
age: 4401903
via: 1.1 varnish, 1.1 varnish
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31557600
x-amz-request-id: A9EGYE6ZPGJM07R4
x-amz-id-2: GVoRWVkJTKYD6nIwc6O/3WGK0FCjR8iMeh9/OR/yCr7jW86aq3LE54HvPEYaBvWJAmxTM5HOgT0=
x-served-by: cache-iad-kcgs7200052-IAD, cache-hhn4075-HHN
accept-ranges: bytes
last-modified: Wed, 09 Feb 2022 01:28:20 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 13:24:57 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
x-amz-meta-md5checksum: TKjnRzrcUGoSMgqdyvDtzw==
content-length: 4585
x-cache-hits: 22807, 11631

GET
H2 200 index-98ecc297034b2159fbf5.js Show response
cdn1.affirm.com/products/toast/master/dist/ Frame 7AC4 327 KB
103 KB 112ms
37ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/products/toast/master/dist/index-98ecc297034b2159fbf5.js

Requested by

Host: www.affirm.com
URL: https://www.affirm.com/apps/toast/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

813b6f9c4d6e568debdb35e047666aaacda2ff909b8c00ea6ad49292e8139ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.affirm.com/
Origin: https://www.affirm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: GAmTOvYterrePQMt2V0KirWdrlvsjcY9
content-encoding: gzip
etag: "e52ac0c5b5b3b2d52a408c6794407eb8"
age: 15162994
via: 1.1 varnish, 1.1 varnish
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
access-control-max-age: 3000
x-amz-replication-status: PENDING
strict-transport-security: max-age=31557600
x-amz-request-id: MZ47EG4R3PBCEGPT
x-amz-id-2: pfVHoz/QiO0UuQuOcCq2EsOsSXbR8pnDvQ6RIrxpYeb8KXUHKv4yoNeLcjCN//6J84eOC6/P62U=
x-served-by: cache-iad-kcgs7200097-IAD, cache-hhn4075-HHN
accept-ranges: bytes
last-modified: Wed, 09 Feb 2022 01:28:20 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 13:24:57 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
x-amz-meta-md5checksum: 5SrAxbWzstUqQIxnlEB+uA==
content-length: 104287
x-cache-hits: 20043, 11733

GET
H2 200 event Show response
sslwidget.criteo.com/ 28 KB
5 KB 203ms
73ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5B38779%2C76417%2C83917%2C75649%5D&v=5.12.0&p0=e%3Dce%26m%3D%255Bundefined%255D&p1=e%3Dexd%26ref%3Dhttps%253A%252F%252Fmkto-sj300004.com&p2=e%3Ddis&adce=1&bundle=Ryr9HF9zVVdtdGYlMkJOYnN0eXpzalpzUSUyRmFGa3kwMkhQaUE5OCUyQlUxOTY0MGNGMXFDN3BWcUljQjFYOW43QXBZNDN1T0cxZlRQM244aldhNnFOSU5qUVVKZ1IlMkI2YmtXNUlpVE1seG0lMkJ4WkgwWHB6V1BuU05TM3o5OGt1cWc1aVRWMm54VGpHY3RyUlBIanE4dUo1V3lJRmJsVk9RJTNEJTNE&tld=wearfigs.com&fu=https%253A%252F%252Fwww.wearfigs.com%252F%253Futm_source%253Ddelighted%2526utm_medium%253Demail%2526utm_campaign%253Devergreen%2526utm_content%253Dcustomer-profile-figs%2526mkt_tok%253DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&pu=https%253A%252F%252Fmkto-sj300004.com%252F&dtycbr=10105

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f7fbd7b4e7bdfd114be17323736653f75ec64d6671d98e0d71c15eaa4be43ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 25707657
content-type: application/x-javascript
expires: 0

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame ED10 0
11 B 136ms
136ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:24:57 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 111ms
111ms Image
image/gif 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?pageReferrer=https%3A%2F%2Fmkto-sj300004.com%2F&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&action=view&source=figs&rb_source=figs&script_version=wxyz.rb.js&sessionId=f84585ae-cb11-4a27-934f-98ec511534cc&uid=rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 208ms
111ms Image
image/gif 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?pageReferrer=https%3A%2F%2Fmkto-sj300004.com%2F&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&action=identify&source=figs&rb_source=figs&script_version=wxyz.rb.js&sessionId=f84585ae-cb11-4a27-934f-98ec511534cc&uid=rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 317ms
111ms Image
image/gif 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?pageReferrer=https%3A%2F%2Fmkto-sj300004.com%2F&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&action=identify&source=figs&rb_source=figs&tatari_session_id=96e40dbb-91c9-f8be-38f4-b37378c4a6b7&script_version=wxyz.rb.js&sessionId=f84585ae-cb11-4a27-934f-98ec511534cc&uid=rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.9.3/ Frame 7AC4 27 KB
9 KB 124ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.9.3/rollbar.min.js

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/products/toast/master/dist/index-98ecc297034b2159fbf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70dee174047f13d7c472fcb3507e2930f06be338ac959fa8c0bea798cca1b5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affirm.com/
Origin: https://www.affirm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6108678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8868
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc0-6bce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdz3Zaq01W8r9FyTy81M0E8NOLw4tJYpxb41Wm8ghA1BhIgJNURfn2yxN404vnW8qWoF%2BdtFZgK4fqhnFFTITAKyr5eqtcvuVSNu9kmiVh%2FkiF3lujJG4O1ocf9V3fT%2BOnh7yzghkwwuExUTEi%2FLOa8t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 734f6062cac19bb0-FRA
expires: Mon, 24 Jul 2023 13:24:57 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame F9F0
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30

43 B
495 B

41ms
41ms

Image
image/gif

3.73.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30
Protocol: HTTP/1.1
Server: 3.73.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30
Date: Wed, 03 Aug 2022 13:24:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame F9F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_cm&google_hm=ay03S0t0MUUwSWVjZk9YWTI3V01wbkZzbGhNVkJKdEpuS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

43 B
371 B

93ms
41ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1426665
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame F9F0
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

43 B
370 B

153ms
42ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:56 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2636778
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:57 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0863b161-21ac-460d-a253-2bddcf391029
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame F9F0
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=660e44...
https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302

321 B
701 B

436ms
329ms

Image
image/png

2600:9000:223d:ae00:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302
Protocol: H2
Server: 2600:9000:223d:ae00:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:45:06 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 391191
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: pmA7V5kxhlcsakoqlQ0SnpZqHBecENMbJOXF16vH8IWCmf2kqp7kgQ==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302
date: Wed, 03 Aug 2022 13:24:57 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3

200

rum
r.casalemedia.com/ Frame F9F0
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg&C=1

43 B
1 KB

101ms
60ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f60644806902e-FRA
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu9s75kUcuuw53KnV%2BjNQVvi9fPpmrkXO2ctXh7Zz0KF1gPtoHXn4CfTHL8PC3OZC1HY8QCbsV9WQYpyF7VBaAHDUD7zySwUQMziDXFnSBr6XthmQ%2FXsTZTKFYvy1z7Egucx"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

cf-ray: 734f6063afe1698f-FRA
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkNEtt8ReC3Ta5%2BX0GRdUWOa7G2Vf%2B8Gkc7k2jVeTkAgFxVIZRyBJK3X2i8hFBuiHwuf%2Ffk5mvbudqHjw3cgshk1Wpbt9Oq6wu%2FV4CjTc8fH5Im%2BvnYZsrAE5pilJwu6gsY2"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg&C=1
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame F9F0
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA

43 B
446 B

47ms
47ms

Image
image/gif

18.196.185.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA
Protocol: H2
Server: 18.196.185.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-185-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame F9F0 45 B
786 B 250ms
65ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-dn2II00IecfOXY27WMpnFslhMVC2NhNrcITmeA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Wed, 03 Aug 2022 13:24:57 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 03 Aug 2022 13:24:57 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame F9F0 40 B
40 B 204ms
111ms Image
text/html 18.185.150.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-bzpSS00IecfOXY27WMpnFslhMVD-y8fGl8eIZw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame F9F0 0
308 B 539ms
111ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ptYxv00IecfOXY27WMpnFslhMVCFQN5McvYTZA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Cache-Control: no-cache
X-TraceId: 68daa806f6c189282ef8eadae4c3c7ad
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F9F0 0
225 B 344ms
47ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-aZVRTU0IecfOXY27WMpnFslhMVAkooLQUk6PHA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F9F0 0
239 B 184ms
43ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-BuiOPE0IecfOXY27WMpnFslhMVBL02JtMvfEwA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame F9F0 0
35 B 274ms
44ms Image
text/plain 18.198.158.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-K_kMNE0IecfOXY27WMpnFslhMVCUMD0CUNnz1g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.158.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F9F0 43 B
163 B 262ms
49ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jTHEaU0IecfOXY27WMpnFslhMVA-UfHjeM9Wgw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F9F0 0
99 B 182ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-mf8tz00IecfOXY27WMpnFslhMVBN-vUFEj1owQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44574

GET
H2 200 um
criteo-sync.teads.tv/ Frame F9F0 23 B
172 B 220ms
62ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k--zRZHE0IecfOXY27WMpnFslhMVBmXaDQPEGIdQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 03 Aug 2022 13:24:58 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame F9F0 37 B
140 B 159ms
42ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-mNn32U0IecfOXY27WMpnFslhMVAhQKiegfTlfw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame F9F0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ&verify=true

0
311 B

43ms
43ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ&verify=true
date: Wed, 03 Aug 2022 13:24:57 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame F9F0 0
522 B 129ms
44ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2 200 pixel
cm.adform.net/ Frame F9F0 43 B
162 B 197ms
57ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-uXr4Mk0IecfOXY27WMpnFslhMVB3Q25SGypZZw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame F9F0 49 B
235 B 184ms
53ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yrJCrE0IecfOXY27WMpnFslhMVDZyCcIVaJQRw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F9F0
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mKy7fgPzWdxqOWQgnhanMM1bofPJ4uCI
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mKy7fgPzWdxqOWQgnhanMM1bofPJ4uCI

42 B
942 B

65ms
65ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mKy7fgPzWdxqOWQgnhanMM1bofPJ4uCI

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-0ee03f33a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3l+4B+P4TsI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v038-0b30dd767.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: PPydTnShRwQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mKy7fgPzWdxqOWQgnhanMM1bofPJ4uCI
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame F9F0 43 B
1 KB 131ms
39ms Image
image/gif 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-3E0HyU0IecfOXY27WMpnFslhMVDd5U0rhD7oqg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame F9F0
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg

43 B
419 B

382ms
122ms

Image
image/gif

2600:1f18:444a:4602:5dad:49cd:e8da:29f0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:5dad:49cd:e8da:29f0 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:59 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg
Date: Wed, 03 Aug 2022 13:24:58 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame F9F0
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA&ang_testid=1

42 B
60 B

117ms
41ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame F9F0 43 B
183 B 428ms
120ms Image
image/gif 2600:1f18:612b:4216:25d9:1223:9f5d:e330
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-JVbHfk0IecfOXY27WMpnFslhMVB_SK5rKYnICw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:25d9:1223:9f5d:e330 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame F9F0 43 B
153 B 144ms
44ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-lZZJJ00IecfOXY27WMpnFslhMVCn4qdyyBjLUA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 13:24:58 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H2 200 755-086626e486c3e2950d93.js Show response
assets.privy.com/packs/js/ 88 KB
31 KB 94ms
72ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/755-086626e486c3e2950d93.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f33558ec884158b2b139ca81a5172e64ffb9e3b70cf708ceb33043c57a844d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 vegur, 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 2038
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 31072
last-modified: Mon, 01 Aug 2022 23:54:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 734f60673e6ebb3d-FRA
x-amz-cf-id: AngkEjy5gpYFQX7UhL9cXjtqndzqCUFJz8CYDzaBSu6wV4FJNZ2i_A==

GET
H2 200 908-000e1ac551df9d63c8a5.js Show response
assets.privy.com/packs/js/ 38 KB
12 KB 66ms
66ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 vegur, 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 2813
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 12368
last-modified: Mon, 01 Aug 2022 23:54:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 734f60675e9ebb3d-FRA
x-amz-cf-id: BBB2iUBWOGgzC_SgxeldgqwZ8N6Nrv2FTnzhwVzzTZjqV3uvic3czQ==

GET
H2 200 864-f9538eba7e93bec99a2f.js Show response
assets.privy.com/packs/js/ 19 KB
6 KB 46ms
45ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/864-f9538eba7e93bec99a2f.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db490d0e782d70ca57c6859b52a0d1cc2e0e2b6f3b5f471c3f96d05120c0bbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 vegur, 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 958
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 6183
last-modified: Mon, 01 Aug 2022 23:54:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 734f60679efbbb3d-FRA
x-amz-cf-id: HZcVP1kaHSOlWQjKgImJoKBZMSJylppSN1RTU4REZLelKbdsUeLBmg==

GET
H2 200 538-bf3fc814b30cd54e78ae.js Show response
assets.privy.com/packs/js/ 107 KB
31 KB 45ms
45ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/538-bf3fc814b30cd54e78ae.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a50fd373707e2361b60d190955de9340554d0feda5be5fbe9b9cffa1a17368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 vegur, 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 683
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 31284
last-modified: Mon, 01 Aug 2022 23:54:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 734f6067af17bb3d-FRA
x-amz-cf-id: YUv46n6yCJ4SjXrpR2OzgcRPLdQEiAoGCQhQY6JsDr10py7kbZKMbw==

GET
H2 200 legacy_widget-a7ec2f64eee8863dee2d.chunk.js Show response
assets.privy.com/packs/js/ 114 KB
28 KB 51ms
51ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/legacy_widget-a7ec2f64eee8863dee2d.chunk.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f0618cb3c3856699241d1d6e2d91e0203db04d90d99e50c048867eeab8ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 vegur, 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 683
x-cache: Miss from cloudfront
content-encoding: gzip
content-length: 29020
last-modified: Mon, 01 Aug 2022 23:54:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 734f6067af22bb3d-FRA
x-amz-cf-id: K5bkuCjmOowXLhl8WP6uA-SdFjiUHGTq4rknBaSFZnGaolnk6LeSFw==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A07A 0
18 B 77ms
37ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.wearfigs.com
Referer: https://www.wearfigs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.wearfigs.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 13:24:57 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK segment-2.m4s
134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822... Frame ED10 10 MB
10 MB 39ms
39ms XHR
video/mp4 2a02:26f0:3500:6::17d8:4dab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://134vod-adaptive.akamaized.net/exp=1659536995~acl=%2Fa7e69b02-e10f-4b0c-9393-22c8d822713d%2F%2A~hmac=302f53620e8b3e80abaa00acb2fcda94be59232c2e57312385f05b74fa3fcadb/a7e69b02-e10f-4b0c-9393-22c8d822713d/sep/video/6ddec520/chop/segment-2.m4s?r=dXM%3D
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:6::17d8:4dab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:57 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1658163600
Connection: keep-alive
Content-Length: 10063822
AK-REFERENCE-ID: 0.ab6f1002.1659533097.37e9b0
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=30166552
Akamai-Edge-IP: 2a02:26f0:3500:6::17d8:4dab
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 attn.js Show response
cdn.attn.tv/ 336 KB
108 KB 48ms
48ms Script
application/javascript 2600:9000:223c:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/attn.js?v=4-latest_21bdfcc439
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ed322ba2539b005005d2197faf9875279671306dfb4002cd5d304b43c493620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Y9DVhCGWCDkA1WWDak2qZy.g1W95Pr0F
content-encoding: gzip
etag: "10cb00484fdb98b820e7ba0d6027d8d3"
age: 192
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 109721
last-modified: Tue, 02 Aug 2022 18:01:30 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 13:21:49 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: S8eYmXEK4wVSP189MLVX5o5wZT1krzKG3wf2ONH00S87m6IUH0NNPg==

GET
H2 200 tag.js Show response
cdn.attn.tv/tag/4-latest/ 41 KB
14 KB 148ms
148ms Script
application/javascript 2600:9000:223c:200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_21bdfcc439
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef3af2a57ff11058d1cfe9e52b8efe6df9eaf44e29a97daabf77417341747485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: sEObiqomqkjzmSVq9PmfoBeIZZ9s1VI5
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 20:43:37 GMT
server: AmazonS3
age: 130
etag: W/"120faaf686abe0f5f0ae468d418541e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control: public, max-age=300
date: Wed, 03 Aug 2022 13:24:57 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 4Q6DCojeUztTCwScnDxV3wHF-52bVp8zWZ80Ch75PS6n1tGLHyb1SA==

GET
H2 200 event Show response
sslwidget.criteo.com/ 28 KB
5 KB 93ms
93ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e45bbdb5567f0207d19193ed360d57926a6bc9e51a4d8447163634d365708c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 40642463
content-type: application/x-javascript
expires: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 28 KB
5 KB 91ms
91ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5B38779%2C76417%2C83917%2C75649%5D&v=5.12.0&p0=e%3Dvh&p1=e%3Dexd%26ref%3Dhttps%253A%252F%252Fmkto-sj300004.com&p2=e%3Ddis&adce=1&bundle=Ryr9HF9zVVdtdGYlMkJOYnN0eXpzalpzUSUyRmFGa3kwMkhQaUE5OCUyQlUxOTY0MGNGMXFDN3BWcUljQjFYOW43QXBZNDN1T0cxZlRQM244aldhNnFOSU5qUVVKZ1IlMkI2YmtXNUlpVE1seG0lMkJ4WkgwWHB6V1BuU05TM3o5OGt1cWc1aVRWMm54VGpHY3RyUlBIanE4dUo1V3lJRmJsVk9RJTNEJTNE&tld=wearfigs.com&fu=https%253A%252F%252Fwww.wearfigs.com%252F%253Futm_source%253Ddelighted%2526utm_medium%253Demail%2526utm_campaign%253Devergreen%2526utm_content%253Dcustomer-profile-figs%2526mkt_tok%253DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&pu=https%253A%252F%252Fmkto-sj300004.com%252F&dtycbr=93741

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4590ad0460e12cb597f840b1f5375e43f547ee070dadfa420fbc07ca20f621cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 38812680
content-type: application/x-javascript
expires: 0

GET
H3 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 115ms
56ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e5c6c793e1605905735480e28ebc646d67e6d96116869c371797bdfdd92c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 14:22:04 GMT
server: cloudflare
age: 4353
etag: W/"62bdb18c-3bb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VK%2FmZMd9Q%2FIp%2BN%2F044%2FGsBcOv%2F9RZuuLOxGAeiy7CoNWy47IcK5SDIFJrElJ77ZZQs%2FZbb65zbkd1pym5M1INoPDfUNFOHxL%2FdZRJI14nrDXfTNW07gpsG7pUJvapVpZHITyEAvIYgexzAzbsvP7yriMlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 734f6065ca769110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F9F0
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=YJSKNRpKShfz40jlN6HQ8ArQe62zZNhY

0
338 B

183ms
54ms

Image
text/plain

108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=YJSKNRpKShfz40jlN6HQ8ArQe62zZNhY
Protocol: H2
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1659533098
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=YJSKNRpKShfz40jlN6HQ8ArQe62zZNhY
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2310
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 ev1 Show response
connect.nosto.com/ 434 B
1 KB 218ms
142ms XHR
application/json 2600:9000:2490:ae00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/ev1?m=shopify-1398942&message=%7B%22elements%22%3A%5B%5D%2C%22referrer%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22response_mode%22%3A%22HTML%22%2C%22url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22events%22%3A%5B%5B%22ec%22%2C%22evergreen%22%5D%5D%7D

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ae00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d21a1de85fbf817ad3d6b4733e608e4900570f750dc296d75ba097aa8e599918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 50b2d240-dd61-41f2-bd6c-44cf86e7a631
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: gTwspzMGbABkL5XT3ilt8JhcZMqIRmvfJEQ7sK0FBNu1Yoab_NwVXQ==

GET
H3 200 sync
ad.sxp.smartclip.net/ Frame 00F8 42 B
60 B 124ms
40ms Image
image/gif 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 00F8 43 B
182 B 283ms
121ms Image
image/gif 2600:1f18:612b:4216:25d9:1223:9f5d:e330
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-JVbHfk0IecfOXY27WMpnFslhMVB_SK5rKYnICw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:25d9:1223:9f5d:e330 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 00F8 43 B
220 B 40ms
39ms Image
image/gif 3.73.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 00F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_cm&google_hm=ay03S0t0MUUwSWVjZk9YWTI3V01wbkZzbGhNVkJKdEpuS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

43 B
370 B

40ms
40ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1355259
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 00F8
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

43 B
370 B

43ms
43ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4598194
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cc238bff-eb63-4bb0-90c3-1c989606a830
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 00F8
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302

321 B
701 B

37ms
36ms

Image
image/png

2600:9000:223d:ae00:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302
Protocol: H2
Server: 2600:9000:223d:ae00:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:45:06 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 391192
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: ssTZo4b4KMb-xAjxtiGcOXAmF5rfl35Hl9PrVOweKCitvRE_aIJzZA==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302
date: Wed, 03 Aug 2022 13:24:57 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3 200 rum
r.casalemedia.com/ Frame 00F8 43 B
971 B 66ms
61ms Image
image/gif 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f60662a4c902e-FRA
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z6AlReM52KIqLiVAvc5Vb6E4EvTSS075UTJ63fSM3NQh3hwzTkMp%2B0WKUF2hzfkjkDmV9%2BPM88daw7CGAx5Czo6EshTBUU%2B3sx8pzwuunL4QDQK1yNdBa1yeYz7wTd%2FN2hE"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 match
ad.360yield.com/ Frame 00F8 43 B
446 B 51ms
46ms Image
image/gif 18.196.185.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.185.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-185-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 00F8 45 B
622 B 80ms
75ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-dn2II00IecfOXY27WMpnFslhMVC2NhNrcITmeA

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Wed, 03 Aug 2022 13:24:57 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 03 Aug 2022 13:24:57 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 00F8 0
145 B 111ms
111ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ptYxv00IecfOXY27WMpnFslhMVCFQN5McvYTZA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Cache-Control: no-cache
X-TraceId: 400cfcadd085413dd1216abdaa264de2
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 00F8 0
74 B 44ms
43ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-aZVRTU0IecfOXY27WMpnFslhMVAkooLQUk6PHA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 00F8 0
34 B 39ms
39ms Image
text/plain 18.198.158.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-K_kMNE0IecfOXY27WMpnFslhMVCUMD0CUNnz1g
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.158.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 00F8 43 B
163 B 48ms
48ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jTHEaU0IecfOXY27WMpnFslhMVA-UfHjeM9Wgw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 00F8 0
98 B 42ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-mf8tz00IecfOXY27WMpnFslhMVBN-vUFEj1owQ
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43895

GET
H2 200 um
criteo-sync.teads.tv/ Frame 00F8 23 B
172 B 65ms
65ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k--zRZHE0IecfOXY27WMpnFslhMVBmXaDQPEGIdQ
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 03 Aug 2022 13:24:58 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 00F8 37 B
139 B 41ms
40ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-mNn32U0IecfOXY27WMpnFslhMVAhQKiegfTlfw&dongle=013b
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 00F8 0
17 B 45ms
44ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 00F8 43 B
161 B 55ms
55ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-uXr4Mk0IecfOXY27WMpnFslhMVB3Q25SGypZZw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 00F8 49 B
117 B 51ms
50ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yrJCrE0IecfOXY27WMpnFslhMVDZyCcIVaJQRw

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 00F8 43 B
1 KB 39ms
38ms Image
image/gif 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-3E0HyU0IecfOXY27WMpnFslhMVDd5U0rhD7oqg

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 00F8
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg

43 B
419 B

363ms
123ms

Image
image/gif

2600:1f18:444a:4602:5dad:49cd:e8da:29f0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:5dad:49cd:e8da:29f0 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:59 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7NvBh00IecfOXY27WMpnFslhMVAIrQCKfRS4kg
Date: Wed, 03 Aug 2022 13:24:57 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2

200

cs
s.thebrighttag.com/ Frame 00F8
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aG_HDmn91R2O2s0_5yF9awE3-07WRk2P

35 B
267 B

405ms
129ms

Image
image/gif

18.224.195.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aG_HDmn91R2O2s0_5yF9awE3-07WRk2P
Protocol: H2
Server: 18.224.195.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-195-6.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: abbacc50-132f-11ed-ba5d-0000ac1701d1
server: nginx
date: Wed, 03 Aug 2022 13:24:58 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aG_HDmn91R2O2s0_5yF9awE3-07WRk2P
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2431
content-length: 203
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 00F8 0
522 B 63ms
63ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 00F8 43 B
219 B 250ms
55ms Image
image/gif 54.170.211.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-axOV500IecfOXY27WMpnFslhMVD5BgQE8eN0Mg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.211.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-211-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 00F8 40 B
40 B 46ms
44ms Image
text/html 18.185.150.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-bzpSS00IecfOXY27WMpnFslhMVD-y8fGl8eIZw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 00F8 0
239 B 41ms
40ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-BuiOPE0IecfOXY27WMpnFslhMVBL02JtMvfEwA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H3 200 sync
ad.sxp.smartclip.net/ Frame C795 42 B
60 B 42ms
41ms Image
image/gif 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame C795 43 B
182 B 166ms
120ms Image
image/gif 2600:1f18:612b:4216:25d9:1223:9f5d:e330
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-JVbHfk0IecfOXY27WMpnFslhMVB_SK5rKYnICw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:25d9:1223:9f5d:e330 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C795 0
522 B 51ms
51ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame C795 43 B
220 B 205ms
54ms Image
image/gif 54.170.211.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-axOV500IecfOXY27WMpnFslhMVD5BgQE8eN0Mg&pn_id=criteo&ext=1
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.211.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-211-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C795 43 B
220 B 40ms
40ms Image
image/gif 3.73.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-aNUaFk0IecfOXY27WMpnFslhMVBBjtdJQEHHZw&expires=30
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.7.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-7-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C795
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_cm&google_hm=ay03S0t0MUUwSWVjZk9YWTI3V01wbkZzbGhNVkJKdEpuS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

43 B
370 B

40ms
39ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1220061
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7KKt1E0IecfOXY27WMpnFslhMVBJtJnHmj_QFA&google_gid=CAESEHKt6NgsiKAwAoEwgw4YKSQ&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C795
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

43 B
370 B

40ms
39ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1317838
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
X-Proxy-Origin: 80.255.7.104; 80.255.7.104; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cb785b95-4f31-4f7b-a110-7bdc96242b4f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=9170143873530532265
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame C795
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302

321 B
701 B

37ms
37ms

Image
image/png

2600:9000:223d:ae00:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302
Protocol: H2
Server: 2600:9000:223d:ae00:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:45:06 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 391192
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: dE8-KiHaHcVb0QKorwSWhWnbOfXYzSPc0XnShZY8t_9xSoVOi_HINA==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=b4bcfec6d1acbdf067d4310d005814aa8110686d2d7e62d049e06bd8d7c7f302
date: Wed, 03 Aug 2022 13:24:57 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3 200 rum
r.casalemedia.com/ Frame C795 43 B
972 B 63ms
59ms Image
image/gif 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f60665a76902e-FRA
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frDZNv4ooYqMH4%2Fhweg%2F0%2BdIXGzqniZGc2faW21gEutl5H3tWKFYE5DZi2fkIXRVY0DYgYh5EgEx69CwpMqo02j5F%2FBT2P747fdnmPWNjMNNRNV7r1ZMf3Pbv77i%2FczqkKIH"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 match
ad.360yield.com/ Frame C795 43 B
446 B 47ms
43ms Image
image/gif 18.196.185.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-dv946k0IecfOXY27WMpnFslhMVBed6orc86ZXA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.185.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-185-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 13:24:57 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame C795 45 B
622 B 68ms
64ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-dn2II00IecfOXY27WMpnFslhMVC2NhNrcITmeA

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Wed, 03 Aug 2022 13:24:58 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 03 Aug 2022 13:24:58 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame C795 40 B
40 B 45ms
41ms Image
text/html 18.185.150.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-bzpSS00IecfOXY27WMpnFslhMVD-y8fGl8eIZw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame C795 0
145 B 112ms
112ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ptYxv00IecfOXY27WMpnFslhMVCFQN5McvYTZA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Cache-Control: no-cache
X-TraceId: 79b6c3eed9d484fb997e3b175691715f
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C795 0
74 B 47ms
44ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-aZVRTU0IecfOXY27WMpnFslhMVAkooLQUk6PHA
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:56 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C795 0
239 B 40ms
40ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-BuiOPE0IecfOXY27WMpnFslhMVBL02JtMvfEwA&expires=30
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame C795 0
34 B 43ms
40ms Image
text/plain 18.198.158.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-K_kMNE0IecfOXY27WMpnFslhMVCUMD0CUNnz1g
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.158.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C795 43 B
163 B 47ms
47ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jTHEaU0IecfOXY27WMpnFslhMVA-UfHjeM9Wgw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C795 0
98 B 44ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-mf8tz00IecfOXY27WMpnFslhMVBN-vUFEj1owQ
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44574

GET
H2 200 um
criteo-sync.teads.tv/ Frame C795 23 B
172 B 68ms
66ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k--zRZHE0IecfOXY27WMpnFslhMVBmXaDQPEGIdQ
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 03 Aug 2022 13:24:58 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame C795 37 B
139 B 45ms
43ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-mNn32U0IecfOXY27WMpnFslhMVAhQKiegfTlfw&dongle=013b
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame C795 0
17 B 43ms
43ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fc6pDE0IecfOXY27WMpnFslhMVDE97J3qwbTjQ

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame C795 43 B
161 B 55ms
54ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-uXr4Mk0IecfOXY27WMpnFslhMVB3Q25SGypZZw
Requested by: Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame C795 49 B
93 B 57ms
57ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yrJCrE0IecfOXY27WMpnFslhMVDZyCcIVaJQRw

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
content-length: 49
expires: 0

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame C795 43 B
1 KB 40ms
40ms Image
image/gif 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-3E0HyU0IecfOXY27WMpnFslhMVDd5U0rhD7oqg

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:57 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame C795
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=u2TYGimbyhB5xreL3g_3cOLXbtbMXcS0

0
98 B

136ms
47ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=u2TYGimbyhB5xreL3g_3cOLXbtbMXcS0
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=u2TYGimbyhB5xreL3g_3cOLXbtbMXcS0
date: Wed, 03 Aug 2022 13:24:56 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2715
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 / Show response
wearfigs.attn.tv/d/ 5 B
349 B 526ms
431ms Fetch
application/json 104.18.7.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wearfigs.attn.tv/d/?attn_vid=864e90fa0b494c0495c3f96c6b85cbb1
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
cf-ray: 734f6067ebb391ff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 unrenderedCreative Show response
wearfigs.attn.tv/ 0
66 B 529ms
446ms Fetch 104.18.7.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wearfigs.attn.tv/unrenderedCreative?v=0926456f&r=https%3A%2F%2Fmkto-sj300004.com%2F&id=864e90fa0b494c0495c3f96c6b85cbb1&pv=1&l=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&w=1600&h=1200&ss_ref=https%3A%2F%2Fmkto-sj300004.com%2F&m=marketing&m=live-sms
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
cf-ray: 734f6067ebb491ff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 112ms
112ms Image
image/gif 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?pageReferrer=https%3A%2F%2Fmkto-sj300004.com%2F&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&action=identify&source=figs&rb_source=figs&tatari_session_id=96e40dbb-91c9-f8be-38f4-b37378c4a6b7&pinterest_view_id=04616354-1968-488d-b088-82bed7ae2eb7&script_version=wxyz.rb.js&sessionId=f84585ae-cb11-4a27-934f-98ec511534cc&uid=rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H2 200 e
events.attentivemobile.com/ 0
252 B 281ms
148ms Ping
text/plain 104.18.14.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.14.25_368e2ade0b&pd=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&u=864e90fa0b494c0495c3f96c6b85cbb1&c=wearfigs&ceid=zn7&lt=1659533098164&tag=modern&cs=812577482&t=v&r=https%3A%2F%2Fmkto-sj300004.com%2F&m=%7B%22source%22%3A%22a%22%7D&cb=1659533098169
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/tag.js?v=4-latest_21bdfcc439
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
x-envoy-upstream-service-time: 3
cf-ray: 734f606a9b698ff8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
327 B 69ms
68ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=ExternalMeasurement&ed=%7B%22external_measurement_id%22%3A%22rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe%22%2C%22external_measurement_vendor_id%22%3A1%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%2C%22ge%22%5D%2C%22pin_unauth%22%3A%22dWlkPU1EUTJNVFl6TlRRdE1UazJPQzAwT0Roa0xXSXdPRGd0T0RKaVpXUTNZV1V5WldJMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22ref%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659533098173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 8843177736349759
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
347 B 67ms
66ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=custom&ed=%7B%22order_id%22%3A%22rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe%22%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%2C%22pin_unauth%22%3A%22dWlkPU1EUTJNVFl6TlRRdE1UazJPQzAwT0Roa0xXSXdPRGd0T0RKaVpXUTNZV1V5WldJMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22ref%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c99cd143%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1659533098173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 3389055098692604
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ev1 Show response
connect.nosto.com/ 1 MB
42 KB 258ms
257ms XHR
application/json 2600:9000:2490:ae00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/ev1?m=shopify-1398942&message=%7B%22elements%22%3A%5B%22frontpage-nosto-1%22%2C%22frontpage-nosto-2%22%2C%22frontpage-nosto-3%22%2C%22frontpage-nosto-4%22%2C%22frontpage-nosto-5%22%2C%22frontpage-nosto-6%22%2C%22frontpage-nosto-7%22%2C%22frontpage-nosto-8%22%2C%22frontpage-nosto-9%22%2C%22frontpage-nosto-10%22%2C%22frontpage-nosto-11%22%2C%22frontpage-nosto-12%22%5D%2C%22tags%22%3A%5B%5D%2C%22custom_fields%22%3A%5B%5D%2C%22categories%22%3A%5B%5D%2C%22referrer%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22response_mode%22%3A%22JSON_ORIGINAL%22%2C%22url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22events%22%3A%5B%5B%22ec%22%2C%22evergreen%22%5D%5D%2C%22page_type%22%3A%22front%22%2C%22cart%22%3A%5B%5D%2C%22restore_link%22%3Anull%7D

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ae00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

af8f4138af26b9cd55095e091d6d285f492769e3783c1601aeaeee74e002f151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: d954a1d3-b388-4ca8-97af-2fdb825d4f2c
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: PARi9G9pXw1pLVceWroW8i-SR61SYlHLWLlFOJI-_Ca6jfxy9ZKKfw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
7 KB 139ms
51ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=a0110022-31dd-4efb-94cd-540e657e5305

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0GAW1QKNHCKYTDTG
x-amz-id-2: y2K7in4a4oDj8dM5edhvAodzhC9Gs0vrbtTFSHqYf9ZLfZl+0wnbZnlp92AEJXHMtEHPZl17bLk=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTy0IpDkP%2BTA9Sun0v8YeMEAsbFgHd53DvpIWb2A%2F6XphtN9PbT9XJDIJKW4ppkhFjqxW5siYRCkvPh%2F3MJw1IwBrqrML%2Bf1uRoQPOh02WnwhcPp7jViCYZVyZoDpI58vSOkY8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-ray: 734f6069fd3568e9-FRA

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame F9F0 0
522 B 64ms
64ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H3

451

397596.gif
idsync.rlcdn.com/ Frame F9F0
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=DJ3oap2hoH5yYM0mo4fHkvyJFI75383-

0
9 B

124ms
48ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=DJ3oap2hoH5yYM0mo4fHkvyJFI75383-
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=DJ3oap2hoH5yYM0mo4fHkvyJFI75383-
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2716
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cs
s.thebrighttag.com/ Frame C795
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZA6Huj2X_q-zzmmmtr9GltF6HWkUHNyW

35 B
268 B

181ms
129ms

Image
image/gif

18.224.195.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZA6Huj2X_q-zzmmmtr9GltF6HWkUHNyW
Protocol: H2
Server: 18.224.195.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-195-6.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: abbacc51-132f-11ed-ba5d-0000ac1701d1
server: nginx
date: Wed, 03 Aug 2022 13:24:58 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZA6Huj2X_q-zzmmmtr9GltF6HWkUHNyW
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2383
content-length: 203
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

POST
H2 200 collect Show response
events.privy.com/v2/ 0
150 B 161ms
146ms XHR
text/html 2606:4700:10::ac43:246a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:246a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
x-request-id: bb6db442-708e-44c5-9696-ce635ebe5c83
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-download-options: noopen
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 734f60685c7f92b4-FRA

GET
H2 200 widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css
assets.privy.com/assets/ 245 KB
25 KB 44ms
43ms Stylesheet
text/css 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 vegur, 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 5383
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 25091
last-modified: Mon, 16 May 2022 16:06:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
cf-ray: 734f6068481bbb3d-FRA
x-amz-cf-id: qRTQZjqtOydUn1IJXlOR4SY3dmniWZWtzEnjiTZnuO8SwhY81zy69g==

GET
H2

200

collect
google-analytics.com/
Redirect Chain

https://privymktg.com/collect?v=1&cid=122c33d3-00ca-464c-ac75-46df4c6bdc94&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&e...
https://google-analytics.com/collect?v=1&cid=122c33d3-00ca-464c-ac75-46df4c6bdc94&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E...

35 B
393 B

134ms
37ms

Image
image/gif

2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google-analytics.com/collect?v=1&cid=122c33d3-00ca-464c-ac75-46df4c6bdc94&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dr=https%3A%2F%2Fmkto-sj300004.com%2F&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=6673183962074762

Protocol

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 23:48:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49007
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 Aug 2022 13:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKYycb%2FA%2B2IilfkWT0HPgKJXhnAb6ZRPOihw4obBbdYNrFufOMSd4mi81iXGqeb4W4kWfB2WHod4C9UgkOAJl3vXfNniE3uTlMPTTYekeIZ9bzD1A9RT%2BYWcih7hCPqDvjxB529mzMOkZ6kf"}],"group":"cf-nel","max_age":604800}
location: https://google-analytics.com/collect?v=1&cid=122c33d3-00ca-464c-ac75-46df4c6bdc94&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dr=https%3A%2F%2Fmkto-sj300004.com%2F&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=6673183962074762
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 734f606a0a649c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 x Show response
api.fouanalytics.com/api/ 0
517 B 380ms
339ms XHR
text/plain 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?FUX4YJ4Ah00K5fIa$dXJsJDIkaHR0cHM6Ly93d3cud2VhcmZpZ3MuY29tLz91dG1fc291cmNlPWRlbGlnaHRlZCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1ldmVyZ3JlZW4mdXRtX2NvbnRlbnQ9Y3VzdG9tZXItcHJvZmlsZS1maWdzJm1rdF90b2s9TURrNUxWTktUQzB3TlRjQUFBR0dBdFpvUF9LRTJhMlFyaTBYMFFYREpDMEc2cVpqYi1scjVhcUlteVJmb3dFS2o5ZHlxNThXbTNEYmY5ZWRybTRnRWJuTHRRSUU2Q0JOWW8xNDljWTNpUk9sYzB1NWZNa0lMcFFlX2ZNdk5nIiwicmVmZXJyZXIkMiRodHRwczovL21rdG8tc2ozMDAwMDQuY29tLyIsImFuY2VzdG9yT3JpZ2lucyQyJCIsInZpZGVvJDIkMTYwMHgxMjAweDI0IiwiZnJhbWUkMiQwIiwiaGlkZGVuJDIkMCIsInZpc2liaWxpdHlTdGF0ZSQyJHZpc2libGUiLCJoYXNGb2N1cyQyJDEiLCJ3aW5kb3ckMiQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDIkMSIsImlubmVyJDMkMTYwMHgxMjAwIiwib3V0ZXIkMyQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMyQxIiwic2Vzc2lvblN0b3JhZ2UkMyQxIiwiYXBwQ29kZU5hbWUkMyRNb3ppbGxhIiwiYXBwTmFtZSQzJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQzJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA0LjAuNTExMi43OSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQzJHRydWUiLCJkZXZpY2VNZW1vcnkkMyQ4IiwiZG9Ob3RUcmFjayQzJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMyQ0IiwibGFuZ3VhZ2UkMyRlbi1VUyIsInBsYXRmb3JtJDMkV2luMzIiLCJwcm9kdWN0JDMkR2Vja28iLCJwcm9kdWN0U3ViJDMkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMyRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA0LjAuNTExMi43OSBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDMkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMyQiLCJuYXZpZ2F0b3ItaGFzaCQ1JDEwZmM2MmIyIiwibmF2aWdhdG9yLXRpbWUkNSQyLjEiLCJzZW5kQmVhY29uJDUkMSIsImZvbnRyZW5kZXIkMTAkMSIsInRpbWUkMTAkMTY1OTUzMzA5Nzk2OSIsInRpbWV6b25lJDEwJDAiLCJwbHVnaW5zLXRpbWUkMTAkMC4xIiwicGx1Z2lucyQxMCRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkMTEkNzIuMiIsIm1lbS11c2VkSlNIZWFwU2l6ZSQxMSQ1Ni44IiwibWVtLWpzSGVhcFNpemVMaW1pdCQxMSQzNzYwIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQxMSQxIiwidGltZS1kb21haW5Mb29rdXBFbmQkMTEkNDIiLCJ0aW1lLWNvbm5lY3RTdGFydCQxMSQ0MiIsInRpbWUtY29ubmVjdEVuZCQxMSQxMTkiLCJ0aW1lLXNlY3VyZUNvbm5lY3Rpb25TdGFydCQxMSQ3OSIsInRpbWUtcmVxdWVzdFN0YXJ0JDExJDExOSIsInRpbWUtcmVzcG9uc2VTdGFydCQxMSQ0NTYiLCJ0aW1lLXJlc3BvbnNlRW5kJDExJDQ5NiIsInRpbWUtZG9tTG9hZGluZyQxMSQ0NTgiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDExJDUwMCIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkMTEkMTM4NiIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDExJDEzODYiLCJ0aW1lLWRvbUNvbXBsZXRlJDExJDIzMDEiLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDExJDIzMDIiLCJ0aW1lLWxvYWRFdmVudEVuZCQxMSQyMzI5IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDExJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMTEkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMjIkMC4yIiwiZ2xvYmFscyQyMiQ2YTkyMjRlNCIsImRvY3VtZW50LXRpbWUkMzAkMC45IiwiZG9jdW1lbnQkMzEkMWE5Nzk1OGUiLCJjb25uZWN0aW9uJDMxJCIsImRvd25saW5rTWF4JDMxJCIsImdldFVzZXJNZWRpYSQzMSQyIiwicGFnZS1mcmFtZS1jb3VudCQzMiQxNyIsInBhZ2UtZnJhbWUtbGlzdCQzMiQyMjAweDExMDAjcGxheWVyLnZpbWVvLmNvbSAweDAjYTE4Mjc0OTMzOTk0LmNkbi5vcHRpbWl6ZWx5LmNvbSAweDAjIDB4MCN3ZWJzZXJ2aWNlcy5nbG9iYWwtZS5jb20gMHgwI3NuYXAwNzIwMjc3MTMwODkzNjk1IDB4MCNndW0uY3JpdGVvLmNvbSAweDAjdmFycy5ob3RqYXIuY29tIDB4MCNfaGpTYWZlQ29udGV4dF81MTMzOTEwNCAxeDEjd3d3LmFmZmlybS5jb20gMHgwIyAweDAjbm9zdG8tc2FuZGJveCAweDAjIDB4MCMgMHgwI19fSlNCcmlkZ2VJZnJhbWVfMS4wX18gMHgwI19fSlNCcmlkZ2VJZnJhbWVfU2V0UmVzdWx0XzEuMF9fIDB4MCNfX0pTQnJpZGdlSWZyYW1lX18gMHgwI19fSlNCcmlkZ2VJZnJhbWVfU2V0UmVzdWx0X18iLCJwYWdlLWhhc2gtdGltZSQzNyQ0LjUiLCJwYWdlLWhhc2gkMzckOTVlY2YxOWQiLCJmb250JDUxJDEwMDAwMDAiLCJzdHlsZS1oYXNoJDUyJDQ1OGMyODk3Iiwic3R5bGUtdGltZSQ1MiQwLjgiLCJhdWRpby1jb2RlYyQ1MiQyMjIxMiIsInZpZGVvLWNvZGVjJDUyJDIyMjAwMCIsImNsb2NrJDYzJDM0MzUiLCJzb3J0JDc2JDEzIiwic3RhY2skNzgkMTM5NTciLCJzdGFjay1lcnJvciQ3OCRSYW5nZUVycm9yOiBNYXhpbXVtIGNhbGwgc3RhY2sgc2l6ZSBleGNlZWRlZCIsInN0YWNrLXRpbWUkNzgkMS4zIiwid2ViZ2wkODMkMSIsIndlYmdsMiQ4MyQxIiwid2ViZ2wtdmVuZG9yJDgzJEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQ4MyRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDgzJDQ0OTUzOTY1Iiwid2ViZ2wtdGltZSQ4MyQ1LjUiLCJiYXR0ZXJ5JDkxJDEgMSAwIEluZmluaXR5IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQ5MSRwcm9tcHQiLCJhdWRpb2NvbnRleHQkMTY4JGY3ZTcxMmQ5IiwiYXVkaW9jb250ZXh0LXRpbWUkMTY4JDExMC4yIiwiZnJhbWVyYXRlJDE2OSQyMCIsImludGVyc2VjdGlvbi1zaXplJDE2OSQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kMTY5JDIzIiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDE3OSRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxNzkkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDE3OSRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxNzkkcHJvbXB0IiwiYWRibG9jayQyMTIkMA~~
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxV18LHlYyB8rS132X5u5bcks61Z8U1b2CkQKef0QeABRzDZUO1mtQ6becaJsGRY1USVa5EDZgCUgQTzHg5WylbehlqiRlCfvhJ4FeX6HnfaCjKKRY%2FtAsWXUfzVDU7sXepW3MhSKB2M4n68CV2aJlyujg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 734f60698860917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 00F8 0
522 B 110ms
48ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1100083/log/3/ 0
247 B 41ms
41ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1100083/log/3/unip?en=pre_d_eng_tb&tos=1601&scd=23&ssd=1&est=1659533096727&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1659533098329&vi=1659533096724&ri=37b193c3681c560e1f37e72a855fd57c&ref=https%3A%2F%2Fmkto-sj300004.com%2F&cv=20220731-6-RELEASE&item-url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ler=other
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.wearfigs.com
pragma: no-cache
date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css
fonts.googleapis.com/ 664 B
858 B 130ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,undefined

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 13:08:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 03 Aug 2022 13:24:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Aug 2022 13:24:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
631 B 131ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;700&display=swap

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cc141bab6bf8dec71fe52de4693ed668dbf6082a91d29688a35e611e963103c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 12:04:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 03 Aug 2022 13:24:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Aug 2022 13:24:58 GMT

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C795 0
522 B 120ms
45ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame F9F0
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=BIQQNeDObTzEf5cxPIqf261OISrzFs-S

35 B
266 B

129ms
129ms

Image
image/gif

18.224.195.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=BIQQNeDObTzEf5cxPIqf261OISrzFs-S
Protocol: H2
Server: 18.224.195.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-195-6.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: abcca6a0-132f-11ed-8e1e-0000ac170172
server: nginx
date: Wed, 03 Aug 2022 13:24:58 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=BIQQNeDObTzEf5cxPIqf261OISrzFs-S
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3789
content-length: 203
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=6vWTAg7xGSqbrqMg4rjVljqe5CdIHRuX
dpm.demdex.net/ Frame 00F8
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=6vWTAg7xGSqbrqMg4rjVljqe5CdIHRuX

42 B
942 B

58ms
58ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=6vWTAg7xGSqbrqMg4rjVljqe5CdIHRuX

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-000197fe5.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nS9v+4NdSMM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=6vWTAg7xGSqbrqMg4rjVljqe5CdIHRuX
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2357
content-length: 198
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=TBDxO9x5HaTw6z21I-zPUPPQbkGdh1FD
dpm.demdex.net/ Frame C795
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TBDxO9x5HaTw6z21I-zPUPPQbkGdh1FD

42 B
942 B

116ms
59ms

Image
image/gif

52.213.150.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TBDxO9x5HaTw6z21I-zPUPPQbkGdh1FD

Protocol

HTTP/1.1

Server

52.213.150.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-150-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-040ebce15.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9T6f0WqHR1Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TBDxO9x5HaTw6z21I-zPUPPQbkGdh1FD
date: Wed, 03 Aug 2022 13:24:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4184
content-length: 198
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 ev1 Show response
connect.nosto.com/ 34 KB
5 KB 154ms
153ms XHR
application/json 2600:9000:2490:ae00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/ev1?m=shopify-1398942&message=%7B%22elements%22%3A%5B%22cartpage-nosto-4%22%5D%2C%22tags%22%3A%5B%5D%2C%22custom_fields%22%3A%5B%5D%2C%22categories%22%3A%5B%5D%2C%22referrer%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22response_mode%22%3A%22JSON_ORIGINAL%22%2C%22url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%2C%22events%22%3A%5B%5B%22ec%22%2C%22evergreen%22%5D%5D%2C%22page_type%22%3A%22cart%22%2C%22restore_link%22%3Anull%7D

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ae00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

efa8d56288d3577cc0387addbad7d9f4fe0692d03412ef89f13f6ee4aa646c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 9368cc39-0f02-48f4-a617-3e89472c86e8
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: RwTCJP5THAiYXDiaIuh6_PqwRqb_wqeN42nuid6JxB4vHY4KGVdeZg==

GET
H2 200 graphql Show response
www.wearfigs.com/catalog/ 13 KB
2 KB 39ms
38ms Fetch
application/json 13.32.121.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wearfigs.com/catalog/graphql?operationName=FetchRecoProductDetails&variables=%7B%22handles%22%3A%5B%22womens-catarina-one-pocket-scrub-top-dark-harbor%22%2C%22womens-catarina-one-pocket-scrub-top-sea-glass%22%2C%22womens-zamora-jogger-scrub-pants-dark-harbor%22%2C%22womens-zamora-high-waisted-yoga-waistband-jogger-scrub-pants-dark-harbor%22%2C%22womens-rafaela-mandarin-collar-scrub-top-dark-harbor-2%22%2C%22womens-zamora-jogger-scrub-pants-sea-glass%22%2C%22womens-zamora-high-waisted-yoga-waistband-jogger-scrub-pants-seaglass%22%2C%22womens-rafaela-mandarin-collar-scrub-top-sea-glass%22%2C%22womens-yola-high-waisted-yoga-waistband-skinny-scrub-pants-dark-harbor%22%2C%22womens-inala-slim-top-dark-harbor%22%2C%22womens-on-shift-sweater-knit-jacket-marled-dark-harbor%22%2C%22womens-casma-three-pocket-scrub-top-dark-harbor%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%223a0c5b0796eea1e5b1f7ca19666bb335478e6f283cab984ae2584ecb1eaf1ee6%22%7D%7D
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-80.fra60.r.cloudfront.net
Software: envoy / Express
Resource Hash: dc17b451d62fd68fa97376c15d89ffdb01f8ae4739a19ede6a8e047751896745

Request headers

x-figs-shop-region: DE
x-figs-shop-currency: EUR
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
x-datadog-sampling-priority: 1
accept: */*
Referer: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
x-figs-shop-locale: en-EU
x-datadog-trace-id: 244496290860529655
x-datadog-parent-id: 244496290860529655
x-datadog-sampled: 1

Response headers

date: Wed, 03 Aug 2022 12:43:50 GMT
content-encoding: br
age: 2468
x-powered-by: Express
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 210
x-figs-catalog-impl: zidi
access-control-allow-origin: *
server: envoy
etag: W/"3263-1bM38ccO0AfLNpJUXoRB8ktZ1m0"
vary: Accept-Encoding,x-figs-shop-region,x-figs-shop-locale,x-figs-shop-currency
content-type: application/json; charset=utf-8
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control: public, max-age=0, s-maxage=14400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: WE_LCNcTXcnnN8Bt1f9hA8kzkENef-Z5pPbD5fLS-cnTGeB45JCTOA==

GET
H2 200 graphql Show response
www.wearfigs.com/catalog/ 12 KB
1 KB 40ms
39ms Fetch
application/json 13.32.121.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wearfigs.com/catalog/graphql?operationName=FetchRecoProductDetails&variables=%7B%22handles%22%3A%5B%22mens-leon-two-pocket-scrub-top-dark-harbor%22%2C%22mens-leon-two-pocket-scrub-top-sea-glass%22%2C%22mens-leon-slim-scrub-top-dark-harbor%22%2C%22mens-tansen-2-0-jogger-scrub-pants-dark-harbor%22%2C%22mens-classic-namiro-cargo-scrub-pants-dark-harbor%22%2C%22mens-tansen-2-0-jogger-scrub-pants-sea-glass%22%2C%22mens-cairo-slim-cargo-scrub-pants-dark-harbor%22%2C%22mens-cairo-cargo-scrub-pants-dark-harbor%22%2C%22mens-classic-lima-zip-cargo-scrub-polo-dark-harbor%22%2C%22mens-tansen-slim-jogger-scrub-pants-dark-harbor%22%2C%22mens-classic-tansen-utility-cargo-jogger-scrub-pants-dark-harbor%22%2C%22mens-pisco-basic-scrub-pants-dark-harbor%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%223a0c5b0796eea1e5b1f7ca19666bb335478e6f283cab984ae2584ecb1eaf1ee6%22%7D%7D
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-80.fra60.r.cloudfront.net
Software: envoy / Express
Resource Hash: 7fa2d84bc86548264f38a4712f5c4bc73349bca10844c8eb2a30c8b6e8d0e069

Request headers

x-figs-shop-region: DE
x-figs-shop-currency: EUR
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
x-datadog-sampling-priority: 1
accept: */*
Referer: https://www.wearfigs.com/?utm_source=delighted&utm_medium=email&utm_campaign=evergreen&utm_content=customer-profile-figs&mkt_tok=MDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg
x-figs-shop-locale: en-EU
x-datadog-trace-id: 2860938477115052563
x-datadog-parent-id: 2860938477115052563
x-datadog-sampled: 1

Response headers

date: Wed, 03 Aug 2022 12:05:55 GMT
content-encoding: br
age: 4743
x-powered-by: Express
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 294
x-figs-catalog-impl: zidi
access-control-allow-origin: *
server: envoy
etag: W/"2e04-KMX1ND//oWvGU3xP8qBbSJNYeh4"
vary: Accept-Encoding,x-figs-shop-region,x-figs-shop-locale,x-figs-shop-currency
content-type: application/json; charset=utf-8
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control: public, max-age=0, s-maxage=14400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7NsVgsnapwwfAv7fg4pl3vv6IAE3g1NHNmsiPTRMEWWlp1bjhRbWSQ==

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 00F8 0
522 B 47ms
47ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 00F8
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vb9PcZWKSNM8rsETuxW9Zb7RGnH6QE27

0
337 B

54ms
54ms

Image
text/plain

108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vb9PcZWKSNM8rsETuxW9Zb7RGnH6QE27
Protocol: H2
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1659533098
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vb9PcZWKSNM8rsETuxW9Zb7RGnH6QE27
date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2883
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C795 0
522 B 49ms
49ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-tzwHN00IecfOXY27WMpnFslhMVDsFZoQZsOpjg

Requested by

Host: mkto-sj300004.com
URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Aug 2022 13:24:58 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 02 Aug 2022 13:24:58 GMT

GET
H2 200 a0110022-31dd-4efb-94cd-540e657e5305 Show response
ekr.zdassets.com/compose/ 432 B
1 KB 295ms
211ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/a0110022-31dd-4efb-94cd-540e657e5305

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d54cd20c212229c81a99b270fc41d15937c5210403d3d21a822d6712fb624dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 734f606adc569b6e-FRA
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 1dee377bebdbe898aca44e3c06fbd5cc, 1dee377bebdbe898aca44e3c06fbd5cc
x-runtime: 0.003066
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d54cd20c212229c81a99b270fc41d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO6Jt3BZNWZIaAh6ymgeX9P%2BxzgKf60JkdSvUR0DAWfxwvkV5XFu7CB%2B6gn%2BinBkNEmdh4UCPMStJikzOuZZm4SuuIuBhRyLhr2ef8tRgznMvVELGRu5RvvXCuKi9%2BnJO9U%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
access-control-expose-headers

GET
H3 200 Womens-Catarina-DarkHarbor-XS-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
10 KB 127ms
125ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Catarina-DarkHarbor-XS-1_408x547.jpg?v=1657752743

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a97a2f1a5ffe7d6de51b5f9cedec96d43a7f1ef5cb74e37fe74dfa654906f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 254797
server-timing: imagery;dur=201.410, imageryFetch;dur=24.309, imageryProcess;dur=176.114;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9474
x-xss-protection: 1; mode=block
x-request-id: 22013cdb-4943-43cc-b995-394091838bba
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 05:19:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uS0uGFS6PIEOMM%2FoVZoNnqbxzh23pGBppfk9JzP03W3d0aikNCEuFu70ff0OjewdwJhgXR7CWoFnUQkgm4ghc86bYZw%2FJ4ySwLCbQROY2IpC6MdlCjETij%2BHzgGM9ifQKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b18455c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Catarina-DarkHarbor-XS-1_408x547.jpg>; rel="canonical"

GET
H3 200 Womens-Catarina-Seaglass-XS-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
9 KB 53ms
51ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Catarina-Seaglass-XS-1_408x547.jpg?v=1657751852

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88e6eac3b6e1e07d753d05c0c0b0ceac0e5c2cc302ea4139f1a22a00ee1a239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 206239
server-timing: imagery;dur=174.990, imageryFetch;dur=23.506, imageryProcess;dur=150.286;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8848
x-xss-protection: 1; mode=block
x-request-id: e462c9b0-f674-479c-a56e-4eebea38b3c4
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 05:19:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGN3l10Ct%2BBr17Zkn9Ncrzj%2Fz048LSCRA2JJyQDH4D2zDMgKPKgJxyYQfLEp8bKFlBKCJ39JDWNZlP1TK5PJ%2BXV1eH6qBNLOHwzcbk2kIl%2F8uOvjbDOOAiQSxqyz4JwNsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b18475c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Catarina-Seaglass-XS-1_408x547.jpg>; rel="canonical"

GET
H3 200 Womens-Zamora-Jogger-Scrub-Pant_Dark-Harbor-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
10 KB 90ms
88ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Zamora-Jogger-Scrub-Pant_Dark-Harbor-1_408x547.jpg?v=1657755312

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a5e646ce4440d2715303c89467029e8ab0576fc26c1e2f3da2690f667cb7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 16455
server-timing: imagery;dur=216.750, imageryFetch;dur=31.337, imageryProcess;dur=183.988;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9394
x-xss-protection: 1; mode=block
x-request-id: d871ce36-6b66-4a48-bfe7-4e7b34a1f6e0
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 06:52:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvBEEUa7%2BJfIyAVScCbWZ5WL6GENgiZz%2BZip1FqaVTZrsmuhBdTnA6%2BgfIjT8yIJCIq19FpysC0xINcRZQHpVV8v67qx1cu%2F7aubZkAyYngRxw8%2BjAVH6ALqZVGfA5S%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b18485c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Zamora-Jogger-Scrub-Pant_Dark-Harbor-1_408x547.jpg>; rel="canonical"

GET
H3 200 Womens-HWZamora-DarkHarbor-XS-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
10 KB 91ms
89ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-HWZamora-DarkHarbor-XS-1_408x547.jpg?v=1657825976

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3253ac5bdecdc15abe27fd785731cd1d25869e54a9575668e0f776bef8192fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 197380
server-timing: imagery;dur=189.742, imageryFetch;dur=21.595, imageryProcess;dur=166.918;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9814
x-xss-protection: 1; mode=block
x-request-id: 88f670f8-f0d7-4e08-adf9-eb8fd1ff01da
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 06:57:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgoISJug%2BOHfGx882e5fX1CWEsALQDK8%2FCNnwei%2Bie4Lu3vFLWKelZkj0ENGn8BQNKPUtq1A8vVRGede9SX7oFEH8SgeUKda9s6rD3Mu%2FZEjzxBSmYmZwabA8KmvWkoKHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b184a5c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-HWZamora-DarkHarbor-XS-1_408x547.jpg>; rel="canonical"

GET
H3 200 Womens-Rafaela-DarkHarbor-XS-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
10 KB 128ms
126ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Rafaela-DarkHarbor-XS-1_408x547.jpg?v=1657753728

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e5705712c1170379d7b99a592c43f79d9ac059c532c4990eeba71947a9e107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 254185
server-timing: imagery;dur=228.907, imageryFetch;dur=30.831, imageryProcess;dur=196.810;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9704
x-xss-protection: 1; mode=block
x-request-id: 2f65b466-2e44-4cce-bd17-82db02ecd9dd
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 05:19:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FKKVlm5yRhBBpfg8BEZSJ%2BWqHhZ9cAPPXBf4lrDDUi1UKHIFG%2Bw3v8BwWFVYROJC6TSCQrdMyEwt5seLiywr0uJo0MoE74Kw%2BV8ftBB%2Boqnz3vYfs20LiID7V1%2BcpZ9FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b184c5c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Rafaela-DarkHarbor-XS-1_408x547.jpg>; rel="canonical"

GET
H3 200 Mens-Leon-DarkHarbor-M-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
10 KB 52ms
50ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Leon-DarkHarbor-M-1_408x547.jpg?v=1658169812

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b0ee7c41a3238c4b0018da2c279d8200d1613f79ef0496b731513c28914c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 581736
server-timing: imagery;dur=319.132, imageryFetch;dur=66.828, imageryProcess;dur=251.242;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9518
x-xss-protection: 1; mode=block
x-request-id: dd1deda9-0ae9-4589-9c22-6725ce1797fb
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 05:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eprjuT2MIPnZO8u0E8UQKNXHHmBM5Feci6x6lMbKQWknqSMK6VHR5F81JOscbKjy7QygFgmqDGP0qaGV5LJakp9Nei4XQXRMsZB20BCfKdwcOqaRYy2DG7Ke4gO2ZzFi8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b184d5c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Leon-DarkHarbor-M-1_408x547.jpg>; rel="canonical"

GET
H3 200 Mens-Leon-Seaglass-M-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
11 KB 128ms
126ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Leon-Seaglass-M-1_408x547.jpg?v=1657914859

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5632a9b95681e2fbc649979cd4f3c652b7544b77eca52e939de484c3aa4444d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 579521
server-timing: imagery;dur=207.606, imageryFetch;dur=23.004, imageryProcess;dur=183.717;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10006
x-xss-protection: 1; mode=block
x-request-id: 22cc7bbf-970f-4e77-b8fd-6b791b068e22
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 05:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qc0jSbw2zkZ8%2BtWOVK0E77QjRc8Osw0vgEe5mMfoQ9H6DwgWx7g1c6Qkly6MtG7BvkKesGbCwLlgA5zmThXhusHDNdrlKhCxF7eYGDZpfPzkhnOopo06lsQSUb8PsOR%2BQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b184f5c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Leon-Seaglass-M-1_408x547.jpg>; rel="canonical"

GET
H3 200 Mens-SlimLeon-DarkHarbor-M-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
11 KB 129ms
127ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-SlimLeon-DarkHarbor-M-1_408x547.jpg?v=1657907848

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0997aba521ca3efdb97c22a749ed3915e0c6a453dfcc1e95ff3de45da2e185

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 101959
server-timing: imagery;dur=234.606, imageryFetch;dur=42.069, imageryProcess;dur=191.103;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10426
x-xss-protection: 1; mode=block
x-request-id: 8e727fae-d1cd-469e-be74-deb313a69451
timing-allow-origin: *
last-modified: Tue, 19 Jul 2022 06:30:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjJYILoicz1lpKmpzN77DgUOBtTx1v1U8tTouDIdsF6eVuaeMm86R9ogou4%2FgDNNubEtz9mix1TbYa%2BM1IXne6ILCbiYMk3AS%2F1811SFdTcJXX3%2F3ebifvhlhniGmPwbbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b18505c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-SlimLeon-DarkHarbor-M-1_408x547.jpg>; rel="canonical"

GET
H3 200 Mens-Tansen-DarkHarbor-M-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
10 KB 163ms
161ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Tansen-DarkHarbor-M-1_408x547.jpg?v=1657913305

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e960e0520c1994242cd2c9e99888dfd1c9be45ddd2971cba44d54bff15f27ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 16455
server-timing: imagery;dur=251.266, imageryFetch;dur=95.694, imageryProcess;dur=154.703;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9062
x-xss-protection: 1; mode=block
x-request-id: 5f78e925-e56d-4eca-8981-64ecf3d468e0
timing-allow-origin: *
last-modified: Wed, 27 Jul 2022 23:00:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vmw1SO3bYqBws%2BuKtMsZzOpD9Jwbp1yjulmXe3YgeYmVq6Ao0KRnsZL9I5kupxamyPevUCvdqZ8UpQwSjOFM2tnCXTbHFKCteeRdaG6WhKMEK%2BtWnxwX8l7Z3jSW1OzN5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b18515c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Tansen-DarkHarbor-M-1_408x547.jpg>; rel="canonical"

GET
H3 200 Mens-NamiroCargo-DarkHarbor-M-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 9 KB
10 KB 163ms
162ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-NamiroCargo-DarkHarbor-M-1_408x547.jpg?v=1658273989

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be9c370ece160557b82cef72ad150e43a3af8a4c52a6bddb37926db8e505bebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 157043
server-timing: imagery;dur=387.142, imageryFetch;dur=24.894, imageryProcess;dur=360.146;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9658
x-xss-protection: 1; mode=block
x-request-id: 81631f3a-34da-405c-a791-c85aa11353f4
timing-allow-origin: *
last-modified: Wed, 27 Jul 2022 00:43:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6RGhmM4GjENUsek%2BZEqysi%2BUvlAZfzBoXPhTGqA1a7Q7%2BYNZph5FUusnhLNWrIAeJQpoaKhwuO2W3XWB77EFIYb0A1Oix0nKoDeJFEb%2BqxMsyrDQomE4OZQ%2BT56hmJi4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 734f606b18525c4a-FRA
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-NamiroCargo-DarkHarbor-M-1_408x547.jpg>; rel="canonical"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C795
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Uk36xnxXiFcqfkq1SchackVoAinlN6Pr

0
337 B

55ms
54ms

Image
text/plain

108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Uk36xnxXiFcqfkq1SchackVoAinlN6Pr
Protocol: H2
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1659533098
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Uk36xnxXiFcqfkq1SchackVoAinlN6Pr
date: Wed, 03 Aug 2022 13:24:58 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2785
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 collections Show response
connect.nosto.com/cmp-mapping/ 2 B
890 B 138ms
138ms XHR
application/json 2600:9000:2490:ae00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/cmp-mapping/collections?m=shopify-1398942&cid=62ea772a410263410d5b8b4b&fs=&preview=false

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:ae00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-length: 2
x-xss-protection: 1; mode=block
x-request-id: 46c8a82d-978c-4f7d-95d8-3c7b79df4cbb
server: nginx
x-frame-options: DENY
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: BW2yfXZHEAWfmRnOeW8OkUYSnviStR8FRvekQuUESL-6NYUCt5Blpw==

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 111ms
111ms Image
image/gif 162.243.13.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?pageReferrer=https%3A%2F%2Fmkto-sj300004.com%2F&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&action=identify&source=figs&rb_source=figs&tatari_session_id=96e40dbb-91c9-f8be-38f4-b37378c4a6b7&pinterest_view_id=04616354-1968-488d-b088-82bed7ae2eb7&privy_uuid=122c33d3-00ca-464c-ac75-46df4c6bdc94&script_version=wxyz.rb.js&sessionId=f84585ae-cb11-4a27-934f-98ec511534cc&uid=rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.175 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 13:24:58 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 web-widget-framework-b71a7ee60b36e20dd8c1.js Show response
static.zdassets.com/web_widget/latest/ Frame 8999 169 KB
56 KB 52ms
51ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-b71a7ee60b36e20dd8c1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a0110022-31dd-4efb-94cd-540e657e5305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f42e57fbfd351e0235d39f1c57a74862ec089e6ae702e054a126f7e295fb9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132497
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: W900WC2MF4THBP5Z
x-amz-id-2: CQLNQEy5GEGtjZKG3OM9iD7WSpcMeACxIX9ubyAUeXFdphfeVqDJ5w6wm/MgrEyVgMu7P2aAH5Q=
last-modified: Mon, 01 Aug 2022 05:59:23 GMT
server: cloudflare
etag: W/"786b9b5aef9718789d3887e9f132dfe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=racuOIZIzRuukFLbffnO01bY5QAJxHs5n58zR9NyUP5Ep6vWb8Xagxf38BjfT%2F%2FgzHIbDNxQQVCNZCfwD5XlJN%2BeRit8V4R55FRnZ7h%2B0sCYfvP0d7NiSagiQBcYmCthDbM%2FnK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: QlJePtWGIerLiQaXmsb2aKD.2zIuKaHd
cf-ray: 734f606c582368e9-FRA
expires: Tue, 01 Aug 2023 05:59:22 GMT

GET
H2 200 config Show response
wearfigs.zendesk.com/embeddable/ Frame 8999 967 B
1 KB 344ms
220ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wearfigs.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-b71a7ee60b36e20dd8c1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67eba79e23346e4b85388f93bc009bff7d1503b63bc38b92d5582e33c5a7af11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-cc9979cd7-jl4tk
access-control-allow-methods: GET
x-cached: STALE
x-request-id: b3aa643308d3dc456e78020b1237439d
x-runtime: 0.001227
last-modified: Wed, 03 Aug 2022 13:17:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfT%2FXCUC%2BojJuEDygAfpYgqtTaSqybAqsP2ugHGAuBLYpKpyAzfONiuVdZCrOUMZaYdMTRcb1f3aFGu7A0htpdf0%2BRcCrJFQU8EQ5%2FoR0G6sQaeAcdQi32zTx%2BlBHGCWPObOBy7M"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 734f606d88dc6904-FRA

GET
H2 200 web-widget-classic-f7453bc.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 8999 13 KB
4 KB 54ms
53ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-f7453bc.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-b71a7ee60b36e20dd8c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de01a1d935d9d12075af91fcb10132e2eabf5e79c493663ed951824f35e406c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132497
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VW1CJNJGWNT5ZYN4
x-amz-id-2: Wy81Lu1+zlrTOb4sbqY1q+pRbMk+LlDtOASla2q+wTf4JLfOzEtJCJAF59il/VFeiDr00MN54LE=
last-modified: Mon, 01 Aug 2022 05:59:38 GMT
server: cloudflare
etag: W/"e94b082db4836a488564bafac5a891a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHp29VjNHiLgCecL9Oc0dzTzI%2FwSr1RlyvyeJeJ57rDGW7ZhNGtcex2jsfU8vM%2B2ClvboAhRAmqK4V30aIWTo31qp%2BYegUZNjjcCcIu9uawjSrghdx86v%2F7zjSI8E2Ol650odtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: UeIiHQ0l0ASqZx6ZusKI3CehlRhfwTd4
cf-ray: 734f606efb6668e9-FRA
expires: Tue, 01 Aug 2023 05:59:37 GMT

GET
H2 200 web-widget-9252-f7453bc.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 8999 657 KB
189 KB 102ms
102ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-9252-f7453bc.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-f7453bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b326ac06af7d7e110680e40f5ab9ecedd4d228ea0b44fc20d4e4d9f9b14f19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132497
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VW1AK7BEXRSNDXJJ
x-amz-id-2: UJt1QifGkaXG7Nkih0rNwFYPGZzB2u3c3eT/PqJmPaJSKLULUu2eYt29C1icZuiHVgKxjWD6NiQ=
last-modified: Mon, 01 Aug 2022 05:59:38 GMT
server: cloudflare
etag: W/"58c69e6f1cbe8416e30dfd8667b45080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVfXnkz%2BG%2Fyu%2FVsKMmmBliWCpgbaOxQVdVLJi6dIK7pEsOn0ohZRqXHYqaiZLp0LrOWYDUBE2rBHwKI%2BMOp5zMN40tusLACEwcLemHDeocqhUqfOr%2FQ%2FYiDK4iZVYOwsmRhxoDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: X82uL3WtV454ZbTjtoxMyAuhg2WbuLck
cf-ray: 734f606f4bc568e9-FRA
expires: Tue, 01 Aug 2023 05:59:37 GMT

GET
H2 200 web-widget-7495-f7453bc.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 8999 467 KB
105 KB 64ms
64ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-7495-f7453bc.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-f7453bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829d7f1b63be0b08d9cb28526d0b5e722799334a5b91e1b17b4c2e0df4ac4915

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132497
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VW15QMAD3K8ATF3X
x-amz-id-2: yAldOS4RAyzXL9j/C/TyWp0dpTIabNjN4CsPLletNtwKCPCdH8/a1PfElFzUJAj7sdV4huNP8vw=
last-modified: Mon, 01 Aug 2022 05:59:38 GMT
server: cloudflare
etag: W/"c9bf06b84a174dae5363cc05f36f3d3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oY0g%2BrMaRCaWC2FmeMvtvY4yzab3K%2BNmiW7WU4CeV9WeAlphZozXCBgIucz6CNrsRPzQzitZ%2FlT5jllJmNAHOrrflIGwbNlehVHZj8VIc4%2F9J%2FTU4eKavoL22nM74CwEUqOcZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 5SQzoSy.QDE.m211WMumMu16hM.M.UzO
cf-ray: 734f606f4bc668e9-FRA
expires: Tue, 01 Aug 2023 05:59:37 GMT

GET
H2 200 embeddable_blip Show response
wearfigs.zendesk.com/ Frame 8999 0
331 B 213ms
213ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wearfigs.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA0LjAuNTExMi43OSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiYzJhNTA3OGMyMGUzNDZjMGI3NGEwMmVmZDFkYmU3YTUiLCJzdWlkIjoiM2QxYTJmZDhiMTZjNDg2MGJkY2E2ZGU3ZTc3YWRjOTMiLCJ2ZXJzaW9uIjoiZjc0NTNiYyIsInRpbWVzdGFtcCI6IjIwMjItMDgtMDNUMTM6MjQ6NTkuNTk1WiIsInVybCI6Imh0dHBzOi8vd3d3LndlYXJmaWdzLmNvbS8%2FdXRtX3NvdXJjZT1kZWxpZ2h0ZWQmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249ZXZlcmdyZWVuJnV0bV9jb250ZW50PWN1c3RvbWVyLXByb2ZpbGUtZmlncyZta3RfdG9rPU1EazVMVk5LVEMwd05UY0FBQUdHQXRab1BfS0UyYTJRcmkwWDBRWERKQzBHNnFaamItbHI1YXFJbXlSZm93RUtqOWR5cTU4V20zRGJmOWVkcm00Z0Vibkx0UUlFNkNCTllvMTQ5Y1kzaVJPbGMwdTVmTWtJTHBRZV9mTXZOZyJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-b71a7ee60b36e20dd8c1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Aug 2022 13:24:59 GMT
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmy4BqjLYquyCAmZvPud6rx68uoA3LLCRUW6vcYPLw5spW9A9pIHi0W9haqus9dj7pcjyEWVM5NacP1JGnZ6%2FoIIyb59GOqPrrDBpn%2F8zU3J08tWEqD8pwH2DF1Bc7zMLI%2FUmt9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 734f60709d7e6904-FRA
content-length: 0
x-request-id: bad9be0d0ae4e3451adbb4a8bc79fa5f

GET
H2 200 de-de-json-f7453bc.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 8999 27 KB
7 KB 47ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-f7453bc.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-f7453bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132496
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DRDMDQEGW4TBQASF
x-amz-id-2: bTSFAVWvhF8mvbl7/7cLEmcnEW8UCTWWd1GJv7eZTW6EIaZb3AlXInHSzonOvVIN8AV/Pej+k9M=
last-modified: Mon, 01 Aug 2022 05:59:39 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7OtjpYPyANyu71QYjPlSPe%2BIhhJ6WeWKcrPYVkbLq1WJWFzwRqSiWrg%2Bw7Zko7RzBhIJb6v%2Fv%2BBi0n2QDnEKR%2BKZud4aFAEuxzyOrxzq0IbNuSdwMyyxB544gRlz2QK4TSLmKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: c5BB1axELyXgqVSanoMwsUCkN5Pfnobp
cf-ray: 734f6070ade968e9-FRA
expires: Tue, 01 Aug 2023 05:59:38 GMT

GET
H2 200 web-widget-chat-sdk-f7453bc.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 8999 202 KB
51 KB 55ms
55ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-f7453bc.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-f7453bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:24:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132497
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VW1DM8X4RNPC4N9E
x-amz-id-2: vnL+X8Sk81eR5IvvSApsDzOx2FxzFhMJPL89WVEeobQ81T07hZB+jOVEMCVLj6wmiwLPaxLiaMM=
last-modified: Mon, 01 Aug 2022 05:59:38 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbtFkN1JrEfvYm%2BAI%2BpGHZWCb2XeNgU8zKQ5zCZL2R7ZchF93gXB%2FoVM1IA%2F76Xj%2FyKfJqQt7y9ibUgE%2B0WgFkJ6X6GucLZ%2BzaaYDE9HhjzfQM9kLfG2ST1%2F65nfCKFpex9Nn%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3zVexzY4KkgeWPMDDBKMOLPHoaOQPT5e
cf-ray: 734f6070fe6568e9-FRA
expires: Tue, 01 Aug 2023 05:59:37 GMT

POST
H2 200 pv
wearfigs.zendesk.com/frontendevents/ Frame 8999 0
0 212ms
211ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wearfigs.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-b71a7ee60b36e20dd8c1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 13:25:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO%2BVWE%2Bpg4fxvC6G2XrG1%2B6Nc2yzAWjhWiqo12hTvPeKnOBkvOKXi2dKeQVIikvF3nKuiuwtvpQ4P%2BvdJIlBCPQaQySd0nRapStLfVZ10LZ2ddTAaYvKxMaQj64Z5NJFUL4q471F"}],"group":"cf-nel","max_age":604800}
cf-ray: 734f6072990e6904-FRA
content-length: 0
x-request-id: 9f46a68c8b19ffecd3db35589c1bce38

OPTIONS
H2 204 pv
wearfigs.zendesk.com/frontendevents/ Frame 0
0 239ms
239ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wearfigs.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wearfigs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 734f60712eba6904-FRA
date: Wed, 03 Aug 2022 13:24:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VamX5H7Ka0X4K9qcb7fBh68LLNWLgkbTGXNQTBRHGC8U%2Bt63wNzV30riX5lQ8UPT2e9tNHn1g4%2BJHo1EasypJsGvgQRd65bVHPL2yejAVKMsBWBBXfQOvai7ySeL8Zw%2Feley4N03"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: eb85425416a117e43cee09a6db7fc075
x-zendesk-zorg: yes

GET
H2 200 web-widget-chat-incoming-message-notification-f7453bc.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 8999 208 B
631 B 49ms
49ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-f7453bc.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-f7453bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:25:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132497
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DRDVSBT1Y4BBAPSZ
x-amz-id-2: FzGDwQ/fOWywzr+68jfHecVZpSOf8YY6BUVl6gjZQypKbR039QTsBCdZMF+3D1u4EAtRxheAxOY=
last-modified: Mon, 01 Aug 2022 05:59:38 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7GDRbosbk58k8coDzhGXDoTzHgQ96hfC9TptfrPT4rEhWBXbFXVcVum%2FbRd5Z%2FejNIVqbeaiAejVH0mtcAFwAZH%2F2RLJCAQWwTX3Hm8PHYYYRx8o6Mps8eF9DRZthOQQS1I%2BFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: p6brYUy7R91UtveQpJon2cAFfhaPYCsc
cf-ray: 734f607359e868e9-FRA
expires: Tue, 01 Aug 2023 05:59:37 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 8999 19 KB
20 KB 47ms
47ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 03 Aug 2022 13:25:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12653659
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: EPY8X9YDY570SGAA
x-amz-id-2: WVW0sQpQKxtjsx0iINkCoae6bdpTd6ZKYq7y3xgTJmp8089rbECdSsKMuL0FO0ENh4HnR2ic4Ug=
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAqjKGC%2BynbCzn8ryMm%2Bg46Z%2FP2RKLc%2FSJZOp9hnSOdv6xI99LlV2%2BBJkzExhxhFfhGevVgMuB98wDYBqPLILnQwB3AlkRF84ENxp4NYUMOCjGgWfuSPF14uyJMQH2A7cQ7q1yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
Content-Length: 19698
cf-ray: 734f6073aa6a68e9-FRA
expires: Thu, 09 Mar 2023 06:43:04 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1100083/log/3/ 0
247 B 41ms
41ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1100083/log/3/unip?en=pre_d_eng_tb&tos=4602&scd=23&ssd=1&est=1659533096727&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1659533101330&vi=1659533096724&ri=37b193c3681c560e1f37e72a855fd57c&ref=https%3A%2F%2Fmkto-sj300004.com%2F&cv=20220731-6-RELEASE&item-url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&ler=other
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/pages/_app-c1fd59efa7f1f0928fb5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.wearfigs.com
pragma: no-cache
date: Wed, 03 Aug 2022 13:25:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 200 player-stats
fresnel.vimeocdn.com/add/ Frame ED10 0
11 B 137ms
137ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8cc4cc12898b9128dc1208d50b5f11bceed1ec3b1659533095
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.7.4/js/player.de-DE.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Wed, 03 Aug 2022 13:25:02 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

124 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:00:19	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 05:42:05	Name: _li_ss Value: MgkI_____wcQ9RI
.mkto-sj300004.com/	1970-01-20 04:58:54	Name: __cf_bm Value: XNI2u9DLXTYjrHi98CTCp5ZTn3bHi_na6kgidnotFGo-1659533093-0-AWIWY6gdKbtaYHLkZfW60iFXlFukXy6ponQryE2Ywh2OvHe5sRr0e59GkhYlG3j0l0ZdkHKp2Le+7TIzUectlBc=
.global-e.com/	1970-01-20 05:03:12	Name: GlobalE_Data Value: {"countryISO":"DE","currencyCode":"EUR","cultureCode":"de"}
.wearfigs.com/	1970-01-20 05:03:12	Name: GlobalE_Data Value: %7B%22countryISO%22%3A%22DE%22%2C%22currencyCode%22%3A%22EUR%22%2C%22cultureCode%22%3A%22de%22%7D
.wearfigs.com/	1970-01-20 09:18:05	Name: optimizelyEndUserId Value: oeu1659533094479r0.28103609176279964
.www.wearfigs.com/	1970-01-20 14:34:53	Name: GlobalE_CT_Data Value: %7B%22CUID%22%3A%22357089914.211564646.1021%22%2C%22CHKCUID%22%3Anull%7D
.www.wearfigs.com/	1970-01-20 04:58:54	Name: GlobalE_Ref Value: https%3A//mkto-sj300004.com/
.wearfigs.com/	1969-12-31 23:59:59	Name: GlobalE_SupportThirdPartCookies Value: true
.wearfigs.com/	1970-01-20 05:42:13	Name: userLocale Value: en-EU
.wearfigs.com/	1970-01-20 05:42:13	Name: x-figs-shop-region Value: DE
.wearfigs.com/	1970-01-20 05:42:13	Name: x-figs-shop-locale Value: en-EU
.wearfigs.com/	1970-01-20 05:42:13	Name: x-figs-shop-currency Value: EUR
www.wearfigs.com/	1970-01-20 04:58:53	Name: _dd_s Value: rum=0&expire=1659533995117
.vimeo.com/	1970-01-20 04:58:54	Name: __cf_bm Value: wdXk_M1c17R6CDdjJZN5ohn5p1VCvsOAQEUPd7X9r3U-1659533095-0-AXOOlKHvigK+ghQFZZj0GSbgFqMv53McebEMP5jZX9O5g/0DFKAFA4D641BgrXfk2TlAfD0x/LOVyOTMRfLytOQ=
.wearfigs.com/	1970-01-20 13:37:17	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Aug+03+2022+13%3A24%3A55+GMT%2B0000+(GMT)&version=6.34.0&isIABGlobal=false&hosts=&consentId=ec40bace-4d58-4138-9b4e-ab05286f7a01&interactionCount=0&landingPath=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
.vimeo.com/	1970-01-20 14:34:53	Name: vuid Value: pl521242806.182359766
.vimeo.com/	1970-01-20 13:44:29	Name: player Value: ""
.wearfigs.com/	1970-01-20 04:58:54	Name: GlobalE_Ref Value: https%3A//mkto-sj300004.com/
.wearfigs.com/	1970-01-20 05:03:12	Name: GlobalE_Welcome_Data Value: %7B%22showWelcome%22%3Afalse%7D
.wearfigs.com/	1969-12-31 23:59:59	Name: GlobalE_Full_Redirect Value: false
.wearfigs.com/	1970-01-20 07:08:29	Name: _gcl_au Value: 1.1.2061988733.1659533096
.wearfigs.com/	1970-01-20 14:28:39	Name: _scid Value: 3e7c5f46-9f34-4711-a49d-3049e1e04ba7
.wearfigs.com/	1970-01-20 05:00:19	Name: _gid Value: GA1.2.656714981.1659533096
.wearfigs.com/	1970-01-20 04:58:53	Name: _gat_UA-42322832-1 Value: 1
.bing.com/	1970-01-20 14:20:29	Name: MUID Value: 2D0BE39829AE663F21C8F26D282567AE
.wearfigs.com/	1970-01-20 14:26:50	Name: _hp2_id.4169410828 Value: %7B%22userId%22%3A%225201719033691813%22%2C%22pageviewId%22%3A%228610147006238249%22%2C%22sessionId%22%3A%226308339568508007%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.wearfigs.com/	1970-01-20 14:34:53	Name: _ga_HSQT51TL60 Value: GS1.1.1659533096.1.0.1659533096.60
.wearfigs.com/	1970-01-20 14:34:53	Name: _ga Value: GA1.1.1493098592.1659533096
.snapchat.com/	1970-01-20 14:20:29	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiREAIAgDsIm4Q8Ei41ifKRjeZEVEn2ZysV2c+0qmdlkgvCnPI6saRg4zTZR+7aFHUDIAAAA=
.wearfigs.com/	1970-01-20 07:08:29	Name: _rdt_uuid Value: 1659533096504.c399c15e-86a6-4201-95ee-bee5f49716b4
.criteo.com/	1970-01-20 14:20:29	Name: uid Value: 1ab5b3fa-a901-46e4-aa5b-292c256a92c9
.wearfigs.com/	1970-01-20 05:00:19	Name: _uetsid Value: aab40b70132f11ed924e5d59a8726724
.wearfigs.com/	1970-01-20 14:20:29	Name: _uetvid Value: aab44190132f11edbc461137ad0d2109
.wearfigs.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .wearfigs.com
.wearfigs.com/	1970-01-20 14:34:53	Name: _lc2_fpi Value: c30794b3d355--01g9hy2xr6bvmv25nn5y5d7pmc
www.wearfigs.com/	1970-01-20 13:44:29	Name: __pdst Value: 7c5a7977682a4e24a8100e3715473e51
.tiktok.com/	1970-01-20 14:20:29	Name: _ttp Value: 2CqbWvB5EuwaSAC8sYSTRgMZUSl
www.wearfigs.com/	1970-01-20 14:34:53	Name: tatari-cookie-test Value: 18629176
.wearfigs.com/	1970-01-20 04:58:53	Name: t-ip Value: 1
.wearfigs.com/	1970-01-20 14:34:53	Name: tatari-session-cookie Value: 96e40dbb-91c9-f8be-38f4-b37378c4a6b7
.affirm.com/	1969-12-31 23:59:59	Name: DUMMY_COOKIE Value: DUMMY_VALUE
.wearfigs.com/	1970-01-20 14:20:29	Name: _tt_enable_cookie Value: 1
.wearfigs.com/	1970-01-20 14:20:29	Name: _ttp Value: f0085b12-e869-4d8e-8a86-3fabf7b3d5cf
.wearfigs.com/	1970-01-20 07:08:29	Name: _fbp Value: fb.1.1659533097011.1016709680
.affirm.com/	1970-01-20 14:34:53	Name: tracker_device Value: 5cf3c7d4-ac1b-4edc-8798-46f06c442eba
.affirm.com/	1970-01-20 14:34:53	Name: t_v2_s Value: eyIgYiI6Ik5XTm1NMk0zWkRRdFlXTXhZaTAwWldSakxUZzNPVGd0TkRabU1EWmpORFF5WldKaCJ9.FcwIqA.LpYjSLWSd6z-WlWBfCSImwc0t3M
.affirm.com/	1970-01-20 14:34:53	Name: 3060738.3440491 Value: 5cf3c7d4-ac1b-4edc-8798-46f06c442eba
.wearfigs.com/	1970-01-20 13:44:29	Name: _hjSessionUser_1435364 Value: eyJpZCI6ImU2MGRiMTU0LWQxNzItNTE5Ni1iZDAxLTIwNTg1OTlhNTIyNyIsImNyZWF0ZWQiOjE2NTk1MzMwOTY5ODAsImV4aXN0aW5nIjpmYWxzZX0=
.wearfigs.com/	1970-01-20 04:58:54	Name: _hjFirstSeen Value: 1
www.wearfigs.com/	1970-01-20 04:58:53	Name: _hjIncludedInSessionSample Value: 0
.wearfigs.com/	1970-01-20 04:58:54	Name: _hjSession_1435364 Value: eyJpZCI6IjU4M2Y1NmY4LWI4MzgtNGViNi1iNmFkLTMyOTJlYjFiZDM0YSIsImNyZWF0ZWQiOjE2NTk1MzMwOTcwMzIsImluU2FtcGxlIjpmYWxzZX0=
.wearfigs.com/	1970-01-20 04:58:54	Name: _hjAbsoluteSessionInProgress Value: 1
www.wearfigs.com/	1970-01-20 14:34:53	Name: tracker_device Value: 5cf3c7d4-ac1b-4edc-8798-46f06c442eba
.wearfigs.com/	1970-01-20 04:58:54	Name: _hp2_ses_props.4169410828 Value: %7B%22r%22%3A%22https%3A%2F%2Fmkto-sj300004.com%2F%22%2C%22us%22%3A%22delighted%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22customer-profile-figs%22%2C%22ua%22%3A%22evergreen%22%2C%22ts%22%3A1659533096390%2C%22d%22%3A%22www.wearfigs.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_source%3Ddelighted%26utm_medium%3Demail%26utm_campaign%3Devergreen%26utm_content%3Dcustomer-profile-figs%26mkt_tok%3DMDk5LVNKTC0wNTcAAAGGAtZoP_KE2a2Qri0X0QXDJC0G6qZjb-lr5aqImyRfowEKj9dyq58Wm3Dbf9edrm4gEbnLtQIE6CBNYo149cY3iROlc0u5fMkILpQe_fMvNg%22%7D
.wearfigs.com/	1970-01-20 14:28:17	Name: cto_bundle Value: Ryr9HF9zVVdtdGYlMkJOYnN0eXpzalpzUSUyRmFGa3kwMkhQaUE5OCUyQlUxOTY0MGNGMXFDN3BWcUljQjFYOW43QXBZNDN1T0cxZlRQM244aldhNnFOSU5qUVVKZ1IlMkI2YmtXNUlpVE1seG0lMkJ4WkgwWHB6V1BuU05TM3o5OGt1cWc1aVRWMm54VGpHY3RyUlBIanE4dUo1V3lJRmJsVk9RJTNEJTNE
.getrockerbox.com/	1970-01-20 05:42:05	Name: uuid Value: rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
.wearfigs.com/	1970-01-20 05:42:05	Name: rbuid Value: rbos-f918b8a6-869f-4fa0-a39d-e44c5337c8fe
pixel.tvsciapi.com/	1970-01-20 13:44:29	Name: TVS_ID Value: tvs-55441270-3871-4862-b8fd-d6d9662ecf32
.wearfigs.com/	1970-01-20 13:44:29	Name: _pin_unauth Value: dWlkPU1EUTJNVFl6TlRRdE1UazJPQzAwT0Roa0xXSXdPRGd0T0RKaVpXUTNZV1V5WldJMw
.bidr.io/	1970-01-20 14:27:26	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 14:27:26	Name: bito Value: AABRB07F1O4AABASCWi5Ug
.tapad.com/	1970-01-20 06:25:17	Name: TapAd_TS Value: 1659533097344
.tapad.com/	1970-01-20 06:25:17	Name: TapAd_DID Value: 365b7151-d305-4c12-9492-5599deb432f5
.liadm.com/	1970-01-20 14:34:53	Name: lidid Value: 1bcc52a4-72f2-4c87-935c-da140e634882
.adnxs.com/	1970-01-20 07:08:29	Name: uuid2 Value: 9170143873530532265
.tapad.com/	1970-01-20 06:25:17	Name: TapAd_3WAY_SYNCS Value:
.wearfigs.com/	1970-01-20 13:44:29	Name: _privy_D07CA17E1806573C54E81EE3 Value: %7B%22uuid%22%3A%22122c33d3-00ca-464c-ac75-46df4c6bdc94%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22DE%22%2C%22region_code%22%3A%22DE_%22%2C%22postal_code%22%3A%22%22%7D
.adscale.de/	1970-01-20 13:41:09	Name: uu Value: 660e44db6f974a10b1de7112d31d1ad4
.adscale.de/	1970-01-20 13:41:09	Name: cct Value: 1659533097524
.doubleclick.net/	1970-01-20 14:20:29	Name: IDE Value: AHWqTUkO0VxWrXZmQI5DJ9KEdCZLqNJTwjlqimMaZntMZZcUHMib8toK0VZE9AiddTE
.bidswitch.net/	1970-01-20 13:44:29	Name: tuuid Value: d3b39b9d-200d-43d3-9b92-c049375c8bb7
.bidswitch.net/	1970-01-20 13:44:29	Name: c Value: 1659533097
.bidswitch.net/	1970-01-20 13:44:29	Name: tuuid_lu Value: 1659533097
.ih.adscale.de/	1970-01-20 13:41:09	Name: tu Value: 4#810711521#40~k-9__S300IecfOXY27WMpnFslhMVAtAJzR7ufXTQ~460981~0~0
.casalemedia.com/	1970-01-20 13:44:29	Name: CMID Value: Yup3KWKROMRKcqel91HMXgAA
.casalemedia.com/	1970-01-20 07:08:29	Name: CMPS Value: 5129
.360yield.com/	1970-01-20 07:08:29	Name: tuuid Value: ef5f8f12-7ae0-446e-9d25-fe372148203c
.360yield.com/	1970-01-20 07:08:29	Name: tuuid_lu Value: 1659533097
.casalemedia.com/	1970-01-20 07:08:29	Name: CMPRO Value: 1208
.casalemedia.com/	1970-01-20 13:44:29	Name: CMRUM3 Value: 1462ea77292760k-ww5mNE0IecfOXY27WMpnFslhMVCiqsiU_L0EUg
.casalemedia.com/	1970-01-20 05:00:19	Name: CMST Value: Yup3KWLqdykA
.360yield.com/	1970-01-20 07:08:29	Name: umeh Value: !38,0,1721741097,-1
.demdex.net/	1970-01-20 09:18:05	Name: demdex Value: 04908872751389935744223676775652640138
.media.net/	1970-01-20 13:44:29	Name: visitor-id Value: 3025346979085672000V10
.media.net/	1970-01-20 05:42:05	Name: data-c-ts Value: 1659533097
.media.net/	1970-01-20 05:42:05	Name: data-c Value: k-dn2II00IecfOXY27WMpnFslhMVC2NhNrcITmeA~~3
exchange.mediavine.com/	1970-01-20 05:19:02	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ab5330e0-132f-11ed-be8c-0f4fce42c783%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 05:19:02	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ab5330e0-132f-11ed-be8c-0f4fce42c783%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 05:19:02	Name: criteo Value: %7B%22id%22%3A%22k-bzpSS00IecfOXY27WMpnFslhMVD-y8fGl8eIZw%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 09:18:05	Name: dpm Value: 04908872751389935744223676775652640138
.wearfigs.com/	1970-01-20 14:34:53	Name: nostojs Value: autoload
.casalemedia.com/	1970-01-20 07:08:29	Name: CMTS Value: 5151
.360yield.com/	1970-01-20 07:08:29	Name: um Value: !38,xMkIzVlm0gVH9d7YEptogcoTFQkz6yh4wUN4fQW77ZxZbeb2uvBeeCRrljWnTO-igqof8IqQ,1667309097
.yahoo.com/	1970-01-20 13:44:50	Name: A3 Value: d=AQABBCl36mICELPoUhZhbRsNquAfQ0F1T9AFEgEBAQHI62L0YgAAAAAA_eMAAA&S=AQAAAjjUREjh2POh4dc8v2BJJMg
.yieldlab.net/	1970-01-20 13:44:29	Name: id Value: 5c850404-304e-4488-b173-10022c673c5c
.krxd.net/	1970-01-20 09:18:05	Name: _kuid_ Value: O_vzmk_e
www.wearfigs.com/	1970-01-20 14:34:53	Name: __attentive_id Value: 864e90fa0b494c0495c3f96c6b85cbb1
www.wearfigs.com/	1970-01-20 14:34:53	Name: __attentive_cco Value: 1659533098107
www.wearfigs.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_source Value: delighted
www.wearfigs.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_medium Value: email
www.wearfigs.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_campaign Value: evergreen
www.wearfigs.com/	1969-12-31 23:59:59	Name: __attentive_utm_param_content Value: customer-profile-figs
www.wearfigs.com/	1970-01-20 04:58:54	Name: __attentive_pv Value: 1
.id5-sync.com/	1970-01-20 04:58:53	Name: cf Value:
.id5-sync.com/	1970-01-20 04:58:53	Name: cip Value:
.id5-sync.com/	1970-01-20 04:58:53	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:58:53	Name: car Value:
.id5-sync.com/	1970-01-20 04:58:53	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:58:53	Name: callback Value:
www.wearfigs.com/	1970-01-20 04:58:54	Name: __attentive_ss_referrer Value: "https://mkto-sj300004.com/"
.sxp.smartclip.net/	1970-01-20 05:42:05	Name: uuid Value: 754d52a7-2a77-ea62-1a7d-788e318bee75
.analytics.yahoo.com/	1970-01-20 13:44:29	Name: IDSYNC Value: 18zh~26dp
.outbrain.com/	1970-01-20 07:08:29	Name: obuid Value: 0acd91f2-d377-4a36-9ebf-a63e83993473
www.wearfigs.com/	1970-01-20 14:34:53	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNjU5NTMzMDk4MTY3LFwidW9cIjoxNjU5NTMzMDk4MTY3LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjg2NGU5MGZhMGI0OTRjMDQ5NWMzZjk2YzZiODVjYmIxXCJ9In0=
.friendbuy.com/	1970-01-20 13:44:29	Name: current_shopper Value: "lzue6aiSMECL0uilJwBqlcqdtsQ=?current_shopper_code=VmUyZTA2YjYyLWM1MGEtNDZjYy05NDkyLTkyNDEzODZkN2RiOApwMAou"
.ct.pinterest.com/	1970-01-20 13:44:29	Name: _pinterest_ct_ua Value: "TWc9PSZzYkhNUmJRUUoxcngvNG9GenhFcEVTaVIvK2hPU2Z3ZjRTdmhZR21MRWpheHpHa2F2dXNmb293QWNsNWFjd3BGemFuRUgzTUduU2ZpSHR3clNjaGRVK3VEQWZ1S1IrdTUxbjFaYzdMT3lDTT0mYzJKWjYyVDMwZTdZY3phc0NUUnFvN0tUbW5VPQ=="
.sxp.smartclip.net/	1970-01-20 05:42:05	Name: dspuuid Value: 69.k-koctqE0IecfOXY27WMpnFslhMVAFrqa2E0UjcA
.sxp.smartclip.net/	1970-01-20 05:42:05	Name: psyn Value: 19207.69
.wearfigs.com/	1970-01-20 14:34:53	Name: 2c.cId Value: 62ea772a82580a2f30305da3
www.wearfigs.com/	1970-01-20 05:00:19	Name: __attentive_dv Value: 1
.wearfigs.com/	1969-12-31 23:59:59	Name: pjn-click Value: null
widget-mediator.zopim.com/	1970-01-20 05:08:57	Name: AWSALBCORS Value: K23oUdkIcF36Gc4wzlHinuWztYRnVNkEVkbARblQz2CYBRJqQtgM+PI1q7xDXDrPb57U1Ob4m14Zsw/TrWkzGWNrFKwUwlSySq7I12pAN2ILUp7H4hJfyZrIPse2
.wearfigs.com/	1970-01-20 13:44:29	Name: __zlcmid Value: 1BHl7hSyRPQmF5W

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://mkto-sj300004.com/MDk5LVNKTC0wNTcAAAGGAtZoP8r4mlCkz0aO9vw3xq540PlL7foos_YREeQDuOQLBJRqDlwGvCCquV1UQpz0coUvlWo= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
other	warning	URL: https://magnolia.assets.prod.wearf1gs.com/3.326.4/_next/static/chunks/framework-6419dc6081358336873e.js Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://cdn.pbbl.co/r/1535.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=u2TYGimbyhB5xreL3g_3cOLXbtbMXcS0 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=DJ3oap2hoH5yYM0mo4fHkvyJFI75383- Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-DkdraJJ379EeXh228+8hFjQD7VkRlTjkOq5CGib6nfo=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

134vod-adaptive.akamaized.net
a.twiago.com
a18274933994.cdn.optimizely.com
acdn.adnxs.com
action.dstillery.com
action.media6degrees.com
ad.360yield.com
ad.sxp.smartclip.net
ad.yieldlab.net
alb.reddit.com
analytics.tiktok.com
api-cf.affirm.com
api.fouanalytics.com
api.privy.com
assets.privy.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
cdn.attn.tv
cdn.cookielaw.org
cdn.heapanalytics.com
cdn.optimizely.com
cdn.pbbl.co
cdn.pdst.fm
cdn.shopify.com
cdn.taboola.com
cdn1.affirm.com
cdn1.friendbuy.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
connect.nosto.com
container.pepperjam.com
contextual.media.net
cotads.adscale.de
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dis.criteo.com
djnf6e5yyirys.cloudfront.net
dpm.demdex.net
dvqigh9b7wa32.cloudfront.net
eb2.3lift.com
ekr.zdassets.com
events.attentivemobile.com
events.privy.com
exchange.mediavine.com
f.vimeocdn.com
fonts.googleapis.com
fresnel.vimeocdn.com
geolocation.onetrust.com
gepi.global-e.com
getrockerbox.com
google-analytics.com
googleads.g.doubleclick.net
gum.criteo.com
heapanalytics.com
i.liadm.com
i.vimeocdn.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
images.ctfassets.net
logx.optimizely.com
magnolia.assets.prod.wearf1gs.com
match.sharethrough.com
mkto-sj300004.com
mug.criteo.com
o241518.ingest.sentry.io
pix.pub
pixel.rubiconproject.com
pixel.tapad.com
pixel.tvsciapi.com
player-telemetry.vimeo.com
player.vimeo.com
privymktg.com
r.casalemedia.com
rbqnb9ch.wearfigs.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.pinimg.com
s.thebrighttag.com
s3.global-e.com
sc-static.net
script.hotjar.com
segment.prod.bidr.io
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.snapchat.com
tracker.affirm.com
trc-events.taboola.com
trc.taboola.com
unpkg.com
ups.analytics.yahoo.com
us-central1-adaptive-growth.cloudfunctions.net
utils.global-e.com
vars.hotjar.com
vc.hotjar.io
vimeo.com
visitor.omnitagjs.com
wearfigs.attn.tv
wearfigs.zendesk.com
web.global-e.com
webservices.global-e.com
widget.privy.com
ws.friendbuy.com
www.affirm.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
www.wearfigs.com
x.bidswitch.net
104.111.242.245
104.16.255.71
104.16.53.111
104.17.70.206
104.18.14.235
104.18.18.126
104.18.7.131
104.18.70.113
104.18.72.113
104.21.58.221
104.96.92.79
107.21.19.116
108.128.241.23
108.138.7.91
13.248.245.213
13.32.121.23
13.32.121.6
13.32.121.80
13.32.27.35
13.32.98.147
141.226.228.48
141.95.98.71
142.250.185.194
142.250.186.34
143.204.215.95
151.101.1.44
151.101.193.140
151.101.64.84
151.101.65.108
151.101.66.133
162.159.138.60
162.243.13.175
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.185.150.140
18.196.185.162
18.198.158.44
18.198.159.243
18.224.195.6
18.64.78.252
18.66.112.72
18.66.122.27
18.66.17.76
185.255.84.153
185.64.189.110
185.86.137.133
199.232.18.109
2.18.235.93
2001:4860:4802:32::15
2001:4860:4802:32::36
2001:4860:4802:36::36
23.36.163.224
2600:1f18:444a:4602:5dad:49cd:e8da:29f0
2600:1f18:612b:4216:25d9:1223:9f5d:e330
2600:1f18:730:b120:4ab9:a165:6787:58f
2600:9000:2057:a000:8:8845:1500:93a1
2600:9000:206f:7e00:17:3f5c:f800:21
2600:9000:211a:9000:4:6d29:5d00:93a1
2600:9000:214f:2800:17:f683:1d40:21
2600:9000:214f:f600:3:760:2800:21
2600:9000:223c:200:1c:9484:cec0:93a1
2600:9000:223d:ae00:1b:832b:ac00:93a1
2600:9000:223e:b000:12:94b3:c380:93a1
2600:9000:2490:ae00:f:ee6c:7180:93a1
2606:4700:10::6816:146c
2606:4700:10::ac43:246a
2606:4700:3036::ac43:c834
2606:4700:3037::6815:46f
2606:4700:4400::6812:2962
2606:4700::6810:1f3d
2606:4700::6810:7caf
2606:4700::6810:9440
2606:4700::6811:180e
2606:4700::6812:a4f
2620:1ec:c11::200
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:6::17d8:4dab
2a02:26f0:dc:187::13b8
2a02:26f0:dc:18a::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::396
3.73.7.113
34.120.195.249
34.120.202.204
34.203.132.51
35.186.194.101
35.190.43.134
35.227.248.159
35.244.142.80
35.244.174.68
37.157.4.28
37.252.173.62
52.213.150.8
52.31.191.2
54.170.211.103
54.191.207.134
54.210.202.232
54.210.205.155
54.215.202.231
65.9.58.221
65.9.66.123
65.9.66.34
69.173.144.165
70.42.32.95
85.215.5.31
96.16.132.239
99.86.4.101
99.86.4.16
99.86.4.61
00ba1b348c364430239c5ef0937969723af68094acb5115d3ac57e0c95769877
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
04e5c6c793e1605905735480e28ebc646d67e6d96116869c371797bdfdd92c19
05ac6db01b5733d2020dd02bab380194bed240203cb4592ec5a959d1f78a4f20
0852ef45093e3cdb7ee1d7402d2177c0a14b92c4f1b547e3322134f03979f4f2
0a2e6448eceba03f9eed29afe817572242b5fb58567a4a53e8e2dc492dc660f1
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122a7ac3587a42480f035280cd321cf5c7745b7ea6c9ad94f0fab096c0af37d3
12fe4c21a4779e7fd096828701856f6e97aea763ef7419f2d037c0014135743e
13217b8f57c644094438b615f04691b4615d2ed0b2ac8007fb0e4e675cde389f
1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6
188cc1e1264e9abb963aeaabdc479651858f7a35ca8a785771933312a294824b
18c157f4e4be24b91770e1ec9af1ceaafcf7aeda021e927dd3a7d15e9258704a
19f016c7bc67b17a2155e294999a2fdb2bfafc13573d9b18996cd79fa82accc7
1c7d083ec5d447b7f8cec01550320dcf74794702f2cd617a489acfd1e99a8341
1f28b04cf2360fc33f5726edbc08c22d98201fe6c59e1e5e44e4e626ae0fb8df
204f0fbfac3802a2f23157962bfb0c05a44769ad06688fe66ea8801756cd3403
20f42e57fbfd351e0235d39f1c57a74862ec089e6ae702e054a126f7e295fb9f
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
2207492a2cc099f6c61e6f89b630cb4d3c4b0604ca481a0bb83389d9341ac52d
220f0618cb3c3856699241d1d6e2d91e0203db04d90d99e50c048867eeab8ba0
25a8dd378bcc8a65c2110b29dc8b4c9baa2f828869ffb243a56243bb36a16d84
27417480c18f6b772e934eaa3ec44c1a90f1f6a6d2fc4807c2fa72e1c1e414c8
28ab678228cedd73532dcd1bcbba2544c331101118a00559194b548516df8074
2a5506da0d2843ed4efb113b51ffa83a805c710dac3fa0f1c2e189a60962f999
2d9fde7533e03aae69d02bbf6ab9013855738e1889ccd01ad8a0f5b8bea3d92d
2da008ebd641a93284e17c469057184fb945eefd4ad51748aed3c6f966e68746
2e10acc8d39f64adea961a82e6ba5d1865108ea71ea16dedc4807ac8aa17e205
2ed322ba2539b005005d2197faf9875279671306dfb4002cd5d304b43c493620
2f69922d70f579ddf91d031b41b3e5e48240d29011e24d8e468d860a3edb8517
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31a5e646ce4440d2715303c89467029e8ab0576fc26c1e2f3da2690f667cb7d5
3253ac5bdecdc15abe27fd785731cd1d25869e54a9575668e0f776bef8192fe3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330fc3c64247bf5e23b641a7c5ac6fb3a7f02595a4a559eb0e8e5209eac4917f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3471f3d26407a39c740e96af9ab18b4c126c80af362e72b91d4550a39007a0e4
358dd21108b997a96ebab0ff7ca3e08ac67aacbcde6947e02252e9d12815f6c7
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
371c7619c36e1e1364329d7da03b78f25f7de9d24a843c54323e87f3311a8d1b
374df3dfdc8e680a5b78dbd2317d40fa2b6e4e7021dd2383d72d0441e4d49d26
376420aca93c5d7acef9245e8862461bcbe2cf4b3c97a1bedf7560f3d2ead303
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37fda353bad7760e3c0332b566592ea0b7e3ac995dd8f9198d3c49087570107f
3a73b5756c951af9742c7c11e2536820a201abbd3d51104f049af53ad8e01434
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
3c3a4acd9d4d093cab31ab5672f1d3a40088c2c72c00707760b962169d09ba03
3c66fb97274d680909c1f95235c01f5fe420499610c70477adbf0eb23db7ebbb
3ebdb6bcff54c762653505e961c8ebf6f6f44a122babae718cc92dcca2a2e0b8
3f2f367743680779134db33905dae9e5b3f037e2f799da6dbd4980592bdfa647
4278b218534f6c4e06ffce50c31dd7cc8b5633a63e73534480ef842d8e768c0c
43646ec69078527e32f9cff44ee1e8eab7649b0bdab1af708045cba619649f9e
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4590ad0460e12cb597f840b1f5375e43f547ee070dadfa420fbc07ca20f621cf
4727fdc99122510a24222101798999b6a28b94a725c962e294276d449858986f
48116469b4b3231fa1550756465d62811d2148f23104e403c76ea119a76fc4dd
48bd3deeafc2b55fdff034b410aa3e5ffc378d4e83483a951871d474146e8e92
48ef8b994ba24e484b6280283fc094f455d8d936a5f581493d0711c85de080fa
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7
4b52c8c1065cb4cbfbd6541783a7df840ced6dea39be4a79e41a09d131f9eae6
4b9823efcf399e051dbe0b59db5b8737ac18c4bae25e297ae3eef9e7565f1013
4d3a3fe0ae1e8971fdaac8fbafdcf1d14a14f47c478fcc665b8b484b908a1a07
4d4084fb33d37159b32d247eb5a597a851634e696eed4f10c7bb0bf0396166eb
4d44546ee81f3c6ab536ce28d03586eefce10ca69b22ba23ba318a5b47b514f3
4d9d398f5d40472b74ad49676f694d8ed2c29251b3df106e3b4df1b441ad4511
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4516e3afa1170bf934a7882bf09eacf63d4600ea4b2609724c6cfa49333472
50256f4c4ea9b31ab509f36ad16d820b1e59b1e88d474801a038203a9bc6704f
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
51c32664634ce24109c65978acc1ac17dd62cc8d5c214473a2d59cfefa6fc314
5262f5aa9d7b47c385d408f33c5313696ad3aece82a576e65eb18caee1f47cd5
5279dd72ab09eb58633466980fe30bf06cbf4204b4b7a1c1a93c1ec06fc44ac7
5291ed540bc2d9854e37745efaf4d12545525947bc1134574bc16403b9880ea0
52e8b92ac72d626b7c18e665c95c719654329266ee6f34d6d6c945ae1adc07c7
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
53d009529a165927702561721509cfa0b3a2df118568438eef25db04afa18102
5418492a5407bf646e69a23e2222a5246f09fb72cdba6030ba16b9614ee7870b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5632a9b95681e2fbc649979cd4f3c652b7544b77eca52e939de484c3aa4444d2
56b0ee7c41a3238c4b0018da2c279d8200d1613f79ef0496b731513c28914c1a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5afde67cc01017b552b99c4a8a8dc9aeb9670d6fcd02db36ea3bba681a39298e
5cc141bab6bf8dec71fe52de4693ed668dbf6082a91d29688a35e611e963103c
5d0997aba521ca3efdb97c22a749ed3915e0c6a453dfcc1e95ff3de45da2e185
5dc75f862038e8220582bfa3ded1fd31bbec487bd2973718b79702e77da6fe5e
5fcfccefd969cc7a2cd9c0d2f8d25ef0d66526d7f648b79595f7a36b981cef8b
6490db85a5bcfa3cf586cb17480f147aaee8cb5f1f5a201725952b343f62763f
64e96a44c8bd377acf7abbd8e2ddcc4d2bdd2c6fe33760eff391187690efbd1d
660fd4ca089d5f9e52f8abdb62d8b1ca98ad2fe554364a6b6e6d01a38ef98bad
66bb4cd150935b5a45caeb0f53bfd21a78b087fad6c507b810e5d5d84072d37f
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
67eba79e23346e4b85388f93bc009bff7d1503b63bc38b92d5582e33c5a7af11
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d192931840b5846cdd202ac4888c640d2be647332313394807c76adde0f47bc
6d4f572bac358d523c32e30153af5aee1775e20c95fc5c362db33985599923dd
6e45bbdb5567f0207d19193ed360d57926a6bc9e51a4d8447163634d365708c7
6e68528b40ad0e0664ceb7a452c3d2029359e145a531ef5b06ed650f5eed72a7
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f6b3151f432fcfb78af8e74decd62d7fd687b3777ae096424b6d7c68eba5696
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
70dee174047f13d7c472fcb3507e2930f06be338ac959fa8c0bea798cca1b5b8
70f07df8529a5da355e70cb8fd1a2c6cdbe6dec83a5332bfcf06f5a917e6e607
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
78739a534a3eeabbe7720b946d992b020b2c77e72dcbeee3dba1e1305f7be938
78d055d34af43c27b5fcfe63e46cf73c8b58f7783415c3ba088e4a4d19e4901e
7a59e69c001589474efc4d7267cf3d65a42fd47bba501d1c32f339777f707caa
7a97a2f1a5ffe7d6de51b5f9cedec96d43a7f1ef5cb74e37fe74dfa654906f55
7a9b37e64361e7b7fa2d828d4443d9a95a1d4b78316487433f1aa6cb0b76ca9b
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7daba9ea1e541f132fda9656c5f2baed4942e7fdf534298400a7f7dad0811cc9
7de29db67a5a02da70e826601983cc17f3edc043744bdb3d8f64d9c3d065697f
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7e606e98d582ed3560e31fdf939efdb3ff2ea30046a0c00fd5a34105acbdff93
7fa2d84bc86548264f38a4712f5c4bc73349bca10844c8eb2a30c8b6e8d0e069
813b6f9c4d6e568debdb35e047666aaacda2ff909b8c00ea6ad49292e8139ec6
815ff4c9b8b41e38d4db9628ba39f07ca3ce2da7efb4fad31c25ac54160b85db
829d7f1b63be0b08d9cb28526d0b5e722799334a5b91e1b17b4c2e0df4ac4915
831c7e20e2d97601f9d458ebd7d5b9361132a52c80c2f265f9dfec3ce3330ce6
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
8400ca58eb1c38bbd46992209a84ff39f68649cbcdd404521c423cdac8129bf0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a80e453b27e176f388521a72327207ab12a58f53dd32c033592b4a38909b1e
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8768a4170a4710fa38da88574b4315b825a4bba25299dad58fcf248a495c5a69
898b2c3c30868df5f1a15c9b698a6242ee953df448380780ecab9e6bb93b3ab2
89fad8eccf058216f2489b00b6317daded6946aaed503d2795e65a7a2768e696
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1681121847c661677e44cb69bbce869b7b62196373d5396b607a069ee7f9f1
8d728ba62f3f7c795e471c6dce9d637ffce93580e4936c3f1b578320242df7b8
8e24b0916e4b8893e7b89ceabb664ab2e6031375622958da4add8ed8412c931c
8f73a0f0f25ec0b636c5fbe33e1f888633d999188ce4c7da412c9aa153769867
924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40
9594ff4a7989d3edaad4239be043a1dec33d992b4e547cdeec5041e894548041
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9ad1c219ff94663b118109fbd5e8732d1df2109d6e6d5c1357cad61345b80452
9c83f59f564bf2fa7164a6ec5091cd02adf45a4a17322ecf7da7c1bf9ca50622
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08308f74ad2a0d91ec29b62ea2a2dab894b47f5e8fa133e414c7626a5a3ac8f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a214edaba6f3f6855e54ea1d3be4f389f5712522d38a504361109b5ad93eec
a2a777018a5c905953f0339556ea34843c2c4f898cea56e0c1d2c774db50a3df
a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2
a4a50fd373707e2361b60d190955de9340554d0feda5be5fbe9b9cffa1a17368
a4f33558ec884158b2b139ca81a5172e64ffb9e3b70cf708ceb33043c57a844d
a67117312ce631cdfc251dfbb90058bc01e3849deb0cd7fed130745b5813d1b2
a69d9696c73213337b5078e7796f6eb3727270e5cd371d87e7c68bb4306c3b7c
a83bea72ff29916df6db03e66a9305af21cf002debc21fcc578cdb28b39e5722
a88e6eac3b6e1e07d753d05c0c0b0ceac0e5c2cc302ea4139f1a22a00ee1a239
a9fafbf928d890755abe5cfb36150ba8096f4aea080c1ab9ecf1dddf845e319e
aa091214b3fb4b3a2acbfa8ca7938b295d6023fdf87367acff81748f0b2a518f
aa9e4e4bc99c85e24cf16c33b18db6eb0a26f1df7818782bf3e5a30cdeef19e2
acb78805ddf40c2613423953cbb004d2f64ec5634b1019793c01f3c66c274a96
af5e162178e2ab0078edf40f40aea0f71403ceeba321322ca7f36d02385da8e6
af8f4138af26b9cd55095e091d6d285f492769e3783c1601aeaeee74e002f151
b0d5c5a299fed7cd20547157226affe7f324eadd98653d59cbb1782087ae98dc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
b21f7900b433999dea9a9c1dd3c1b851e2da6ee09a8359d82dd6336464a1670e
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b326ac06af7d7e110680e40f5ab9ecedd4d228ea0b44fc20d4e4d9f9b14f19cb
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b40291ffe4e9d9bb2e10835df039258c7d2c8e55c8a9987371e667f5c18a0352
b5963e5160dc961bbc798f5ed49d75c43cd449dcf6d0f8ab65548eda437f1fd2
b750252fca5b45a81bec533a491ec39a7085265f697766d97294cefd94f188a9
b7a7cc486468ef7919d4778d298343f7e48c7749f2aa4929a2a03a0e4095b5b9
b7e477e5b8b86ca6b1358fbeb87736615204866bded195fc73b9f054529910ed
b80124e7faec12ac1bcf0e37475f41ed3364c5e467e81ce723daacacd3179d80
b84f41445d739ecbeb157c36479862efd32314afd5a18fcfe1c14d69084e343f
b9e5705712c1170379d7b99a592c43f79d9ac059c532c4990eeba71947a9e107
ba155a283d4b5de5b24513b6d588c7c9916927bf9c4ca11619ab754a96dc56e0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd315bb9d37df4e19ed637fa1ee24583e336d3110ee3398fb5ebdd2ddd8c71f5
be9b9294d3c54fe68489ff56b8291523368d14c74a94cae8b00fde929103887f
be9c370ece160557b82cef72ad150e43a3af8a4c52a6bddb37926db8e505bebb
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c0406ce23449b57d9354be1cbe46972e7b466f27e08fb58b165a8bbfbc7c3b2a
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424
c359ca086a363b7c2aedef74522528f2b70f37cec4059e0c3ee9d7b12f9d5609
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c77d1987a9c9c59d649802494573b24237d30268bc66cdca6825ecab5c301516
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cbb57fd2543a9ddc252d8d6b174e13dc7a0baafc1a5e1509af83fdb9643fcc46
cd2c8e1d3d26b9d29dfa282199888f576f0780be4b5f4b7d6470f843c63c3a98
ce8178eb9e93bffce9bd40c17d020c1b5c87c5e89fab86c07e8a90aa0e5f0467
d0967f621628c8edb4d931628c455e028d645ade5e6240b2bc3c220587b2b09f
d0f50cd7363d3fcd7e2eac30723a0be9e2e45c480d782a2f0a95bd384fdb5eba
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d21a1de85fbf817ad3d6b4733e608e4900570f750dc296d75ba097aa8e599918
d2ec21db353a25e2660262d889033f6fa3007f8df95b07acb81433796582a1e5
d325596aada7661275ff41f7fc83a0f9eb51d399b220d45f9702998436b8512d
d54cd20c212229c81a99b270fc41d15937c5210403d3d21a822d6712fb624dc0
d6bc239a6993be3a5ed13249ff2d27e4e3bc80a30bbd6df2ff92b4db0ad1d996
d6d7bbb3daaa9ea83598e7e85f133fd348de6a964dbdd88c0992ed04d4257c4f
d8f7596f06ac015a06581be6a70cfb8abf1e6fdf6dd24681adaba6e46d016c17
d9a91836e2644510e44cd3a91b1a217ce771c2c93870ee8009ecc23a97bc445f
d9d5f0f66f59b506997b38ebbfdaf51d34770ce0c933855a48011ec74ea183d2
da75553d55f98d155eac8f9838f76b4660272075d3cf724a6d0122e6bd849bf0
da87d482f0069951e5c4e3474dac1da4b4c28b1344d14e2fa76c05ae67af93f4
db490d0e782d70ca57c6859b52a0d1cc2e0e2b6f3b5f471c3f96d05120c0bbd9
db8c9610fc1862827debb5271e9260b278677aa472487a3febcc3d2d16fdb005
dc17b451d62fd68fa97376c15d89ffdb01f8ae4739a19ede6a8e047751896745
dc3546e455e565a75e16afc3f7f04361b16e58cbe3f784344fb5edba3f66911c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7b071036ce7ea8bc09cf31b37ae8317ca57b598aaefd44663fc8d6c332a9ee
de01a1d935d9d12075af91fcb10132e2eabf5e79c493663ed951824f35e406c3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfcd992429c959224b5892b9026398d0594d958f484259fa96beeefa67ce6375
e238b4270d9c26b9c3220a3a3413fae8a1e6a0f3e35e90b0e53e9016409b6d8f
e26bddfe28fe2e8e28c5b25968decb689ebac4300ee117b4c5c472a0600cd343
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88dafe889a514ea8b9b07747f53d08b66a473b7caa78645b4aa2167563651e7
e960e0520c1994242cd2c9e99888dfd1c9be45ddd2971cba44d54bff15f27ecb
eb6cf1baf1418c7cb982fb9e72bd339f03a3c6ff17c4c3c8af167da959a6f0d9
eb736a59890c6bc135b864b94070335dccd53b6a0e57c7b48d599e1a810338d4
ec131015f3f3076aa102e14b1dea629876032b1ce7227c64771452ead5bf9cea
ed075e6f14b250be3c4344953433b448b5bf72d3937bcf7cafc06bcab0d130ae
ed43c9e31cf28265e5a8991ecc3d51f471fcaa122dfffbc0a3f26a8c10285e27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3af2a57ff11058d1cfe9e52b8efe6df9eaf44e29a97daabf77417341747485
efa8d56288d3577cc0387addbad7d9f4fe0692d03412ef89f13f6ee4aa646c14
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f023b9c97cf8462f3f46e83d1097eee7f2d9d0c35efbf99fe6d51d54af3f8dea
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0f213fd458997140528cb457fd532c1d1f28a00e17ce4deedc50618e5f02a69
f17acd344e7220b3482ac4f1b761aee821e70fc75cb4828fa7921362c5dc65c8
f18b25e9a152e121903cbaff92227f9c8a9b0799d9e04e3ed25b40b8e08c3be0
f1bc0205616879d438a9c5c14eef551352f001dce2ec257e3443f96d4d622c34
f4550040dff4d38f29c36a8173f35de1058faefea0eafeb81d3e3d8fe592b8e6
f5902d035a83bac762333f76a73e62b8918674ada53374fb5dfccd6abba6ad4f
f7fbd7b4e7bdfd114be17323736653f75ec64d6671d98e0d71c15eaa4be43ce2
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

www.wearfigs.com Open in urlscan Pro 13.32.121.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

429 Requests

90 %HTTPS

35 %IPv6

89 Domains

132 Subdomains

116 IPs

10 Countries

23165 kBTransfer

34333 kBSize

124 Cookies

15 Outgoing links

Page URL History

Redirected requests

429 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wearfigs.com Open in urlscan Pro
13.32.121.80 Public Scan

Screenshot
Live screenshot

Full Image

429
Requests

90 %
HTTPS

35 %
IPv6

89
Domains

132
Subdomains

116
IPs

10
Countries

23165 kB
Transfer

34333 kB
Size

124
Cookies

429 HTTP transactions
4 data transactions