medmen.com Open in urlscan Pro
2606:4700::6812:1c81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://medmen.com/
Submission: On September 21 via api (September 21st 2023, 6:35:53 am UTC) from IN — Scanned from DE

Summary HTTP 115 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 26 domains to perform 115 HTTP transactions. The main IP is 2606:4700::6812:1c81, located in United States and belongs to CLOUDFLARENET, US. The main domain is medmen.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 11th 2022. Valid for: a year.

This is the only time medmen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700::68... 2606:4700::6812:1c81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	13.32.99.125 13.32.99.125	16509 (AMAZON-02) (AMAZON-02)
1 1	52.4.143.156 52.4.143.156	14618 (AMAZON-AES) (AMAZON-AES)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2 5	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
2	34.226.103.242 34.226.103.242	14618 (AMAZON-AES) (AMAZON-AES)
2	23.50.131.81 23.50.131.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
8	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.214.218.48 18.214.218.48	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
2 4	52.19.234.142 52.19.234.142	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	193.0.160.52 193.0.160.52	54312 (ROCKETFUEL) (ROCKETFUEL)
4 10	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	35.157.124.148 35.157.124.148	16509 (AMAZON-02) (AMAZON-02)
2	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:1fe8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	63.32.134.67 63.32.134.67	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.236.186.217 52.236.186.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
115	42

19 2606:4700::6812:1c81 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medmen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-125.fra60.r.cloudfront.net

cdn.surfside.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.143.156 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-143-156.compute-1.amazonaws.com

edge.surfside.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

8869459.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.103.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-103-242.compute-1.amazonaws.com

col.surfside.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.131.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-81.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.218.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-218-48.compute-1.amazonaws.com

bk.adprimemedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.74 (United States)

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.234.142 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-234-142.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.0.160.52 (United States)

ASN54312 (ROCKETFUEL, US)

medmen.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 98.98.134.242 (United States) 4 redirects

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.124.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-124-148.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1fe8 (United States)

ASN13335 (CLOUDFLARENET, US)

ql.mymedmeninterface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.134.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-134-67.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.236.186.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	medmen.com 1 redirects medmen.com	2 MB
11	doubleclick.net 2 redirects 8869459.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 pubads.g.doubleclick.net — Cisco Umbrella Rank: 359	6 KB
8	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 2721	17 KB
8	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 4361 consumer.krxd.net — Cisco Umbrella Rank: 12285 beacon.krxd.net — Cisco Umbrella Rank: 1035	183 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2225 adservice.google.com — Cisco Umbrella Rank: 182 www.google.com — Cisco Umbrella Rank: 11	2 KB
7	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 778 fonts.googleapis.com — Cisco Umbrella Rank: 113 www.googleapis.com — Cisco Umbrella Rank: 57	173 KB
6	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 6421	649 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 w.clarity.ms — Cisco Umbrella Rank: 10792 c.clarity.ms — Cisco Umbrella Rank: 2092	27 KB
6	surfside.io 1 redirects cdn.surfside.io — Cisco Umbrella Rank: 147139 edge.surfside.io — Cisco Umbrella Rank: 106215 col.surfside.io — Cisco Umbrella Rank: 89064	35 KB
5	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 3974 adservice.google.de — Cisco Umbrella Rank: 9064	1 KB
4	basis.net 4 redirects pixel-a.basis.net — Cisco Umbrella Rank: 39798	264 B
4	netmng.com medmen.netmng.com	5 KB
4	bidr.io 2 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6817	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 691 c.bing.com — Cisco Umbrella Rank: 481	16 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	346 KB
3	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 3300 bs.serving-sys.com — Cisco Umbrella Rank: 2046	23 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	64 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637 insight.adsrvr.org — Cisco Umbrella Rank: 964	446 B
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 1169	282 B
2	acuityplatform.com acuityplatform.com — Cisco Umbrella Rank: 2085	1012 B
2	adprimemedia.net bk.adprimemedia.net	2 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 6949 cdn.acsbapp.com — Cisco Umbrella Rank: 7465	220 KB
1	mymedmeninterface.com ql.mymedmeninterface.com
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 16767	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 4601	22 KB
115	26

	Domain	Requested by
19	medmen.com	1 redirects medmen.com
8	pixel.mathtag.com	8869459.fls.doubleclick.net pixel.mathtag.com
6	pixel.sitescout.com	8869459.fls.doubleclick.net medmen.com
5	8869459.fls.doubleclick.net	2 redirects medmen.com www.googletagmanager.com adservice.google.com
5	cdn.krxd.net	medmen.com cdn.krxd.net
5	maps.googleapis.com	medmen.com maps.googleapis.com az416426.vo.msecnd.net
4	pixel-a.basis.net	4 redirects
4	medmen.netmng.com	8869459.fls.doubleclick.net medmen.netmng.com
4	segment.prod.bidr.io	2 redirects 8869459.fls.doubleclick.net
4	www.google.de	medmen.com
4	www.google-analytics.com	medmen.com www.google-analytics.com az416426.vo.msecnd.net
4	www.googletagmanager.com	medmen.com www.googletagmanager.com
3	www.google.com	medmen.com
3	stats.g.doubleclick.net	www.googletagmanager.com az416426.vo.msecnd.net
3	bat.bing.com	medmen.com bat.bing.com
3	cdn.surfside.io	medmen.com cdn.surfside.io
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	c.clarity.ms	1 redirects
2	w.clarity.ms	az416426.vo.msecnd.net
2	pubads.g.doubleclick.net	8869459.fls.doubleclick.net bk.adprimemedia.net
2	acuityplatform.com	8869459.fls.doubleclick.net pixel.mathtag.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	consumer.krxd.net	cdn.krxd.net
2	bk.adprimemedia.net	8869459.fls.doubleclick.net
2	insight.adsrvr.org	8869459.fls.doubleclick.net
2	adservice.google.com	8869459.fls.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
2	secure-ds.serving-sys.com	www.googletagmanager.com az416426.vo.msecnd.net
2	col.surfside.io	cdn.surfside.io
2	static.hotjar.com	medmen.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	beacon.krxd.net	cdn.krxd.net
1	www.googleapis.com	az416426.vo.msecnd.net
1	ql.mymedmeninterface.com	medmen.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	adservice.google.de	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.acsbapp.com	acsbapp.com
1	up.pixel.ad	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	az416426.vo.msecnd.net	medmen.com
1	acsbapp.com	medmen.com
1	match.adsrvr.org	medmen.com
1	edge.surfside.io	1 redirects
1	fonts.googleapis.com	medmen.com
115	45

This site contains links to these domains. Also see Links.

Domain
accessibe.com

Subject Issuer	Validity	Valid
*.medmen.com Go Daddy Secure Certificate Authority - G2	`2022-11-11` - `2023-11-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
cdn.surfside.io Amazon RSA 2048 M01	`2023-03-26` - `2024-04-22`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
acsbapp.com GTS CA 1P5	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.surfside.io Amazon RSA 2048 M02	`2023-06-11` - `2024-07-09`	a year	crt.sh
secure-ds.serving-sys.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
adprimehealth.com R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.acuityplatform.com Go Daddy Secure Certificate Authority - G2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.netmng.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-04`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.mymedmeninterface.com Go Daddy Secure Certificate Authority - G2	`2022-08-30` - `2023-09-30`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-02` - `2024-08-27`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://medmen.com/
Frame ID: DCBC538C209E5AE6B289B6344E52F72E
Requests: 74 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032
Frame ID: DD8DC8CB087B6AB13D8A77B8CE3998E1
Requests: 1 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F
Frame ID: 2EA75C7221211214205C8628404791EA
Requests: 12 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Frame ID: E54E582040E58BD4A9BBCDA3CF71A41F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 77A4710B119D4A728D9DF73584C0CFBF
Requests: 4 HTTP requests in this frame

Frame: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Frame ID: 208225F03E4B57F0580E13685B290729
Requests: 11 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
Frame ID: B14A01501A03569AF0ECC41E54E815D1
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: BD9814B5E76DC9F1B48C73F632998A67
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
Frame ID: 50A858823895EAFA88EEC4710CD66DD3
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: DCBF3B7598B2FB3E33BB8B724A453C48
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 7060072954E60EA94F93893CB73A5F90
Requests: 1 HTTP requests in this frame

Frame: https://medmen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: 100A09D9461BDD41D50AFA0CC16CBB59
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedMen Cannabis Dispensaries and Delivery Service

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

115
Requests

93 %
HTTPS

47 %
IPv6

26
Domains

45
Subdomains

42
IPs

5
Countries

2867 kB
Transfer

9771 kB
Size

38
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://edge.surfside.io/id/uid HTTP 302
https://match.adsrvr.org/track/cmf/generic/?ttd_pid=tkfr5iv&ttd_tpi=1

Request Chain 21

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032 HTTP 302
https://8869459.fls.doubleclick.net/activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032

Request Chain 36

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F HTTP 302
https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F

Request Chain 62

https://adservice.google.de/ddm/fls/i/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/ HTTP 302
https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/

Request Chain 75

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Request Chain 78

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 79

https://pixel-a.basis.net/iap/d46ec517f54be3d6 HTTP 301
https://pixel.sitescout.com/iap/d46ec517f54be3d6

Request Chain 88

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Request Chain 91

https://pixel-a.basis.net/iap/d46ec517f54be3d6 HTTP 301
https://pixel.sitescout.com/iap/d46ec517f54be3d6

Request Chain 92

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 96

https://medmen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://medmen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

Request Chain 104

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=69AE03CC086C4465B36AACD29C73CFCF&RedC=c.clarity.ms&MXFR=1C52661B79D16D442E2C75887DD16316 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69AE03CC086C4465B36AACD29C73CFCF&MUID=3A29A110AEDF65D03655B283AF736462

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
medmen.com/ 123 KB
27 KB 2263ms
2147ms Document
text/html 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374fb059a4d9ccaf1db21f8a110f9553a4abb8c07ae54635837c9b666c828dc1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80a04a2dabbc9030-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Sep 2023 06:35:45 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bundle.12e21ab4.css
medmen.com/static/css/ 143 KB
25 KB 868ms
866ms Stylesheet
text/css 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/static/css/bundle.12e21ab4.css
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7def70856ea78116825d8ddc9f3a81561da30078d018db98ca148e39a0e9662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"23ae9-18a8f8d5d68"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 80a04a3b2ea99030-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:46 GMT

GET
H2 200 bundle.12e21ab4.js Show response
medmen.com/static/js/ 6 MB
2 MB 1202ms
1201ms Script
application/javascript 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/static/js/bundle.12e21ab4.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5aaaf6429f866bd377690684cce5b71b9f897c13ade5ab2915a5527ac60bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"593660-18a8f8d5d68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 80a04a3b2ead9030-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:46 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 190 KB
65 KB 170ms
76ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places&callback=gmapInit

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

00243e5921179da41a732324adf3d9804520742ca821ed729370dd5b1ffb397e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65780
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
95 KB 229ms
121ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SZP0SGZ478

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3c02783bc9896b00e03474081aac7cb0d260a801d42e0f0f782b0e6f128f922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H3 200 mobile-menu.d9fe4230.svg
medmen.com/static/media/ 278 B
347 B 710ms
697ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/mobile-menu.d9fe4230.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7844d240d400c2e9c62cf3ec3a2381ced604a9a3d99793399a8ca315efad7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"116-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9bc4d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 logo-red.4ec39e62.svg
medmen.com/static/media/ 4 KB
2 KB 704ms
692ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/logo-red.4ec39e62.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847ced341e460ec43012f8c38c591165bac938facc323f54837722e9c7f0a3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"11fa-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9bf4d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 cart.7291935a.svg
medmen.com/static/media/ 1001 B
715 B 707ms
694ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/cart.7291935a.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf2c7d8af5c7956d251f5e8f2da1cf4b4b1caae90c833fe0975b14c1d55b0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"3e9-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c04d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 icon-footer-social-facebook-off.bdffbd54.svg
medmen.com/static/media/ 3 KB
2 KB 755ms
742ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-facebook-off.bdffbd54.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff90cc4ac0935612385a6962684ec5b4c94efb7607357dcd93d3b0147932d76c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"bbc-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c14d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 icon-footer-social-facebook-on.2444a8e0.svg
medmen.com/static/media/ 3 KB
2 KB 752ms
740ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-facebook-on.2444a8e0.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2928858da99fb4e62826a3ae19a8d26d7e7209c35ac928235ce188f7652d794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"bbc-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c34d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 icon-footer-social-twitter-off.7c147182.svg
medmen.com/static/media/ 4 KB
2 KB 713ms
701ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-twitter-off.7c147182.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1ef128acbbfdc0850ab9a1d26fcb6e2b01c6dc85777b73e98d8162699885fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"101b-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c44d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 icon-footer-social-twitter-on.f449cb62.svg
medmen.com/static/media/ 4 KB
2 KB 713ms
701ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-twitter-on.f449cb62.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bccbf4fac8c424d82fcdcf7cce8771cafd3d205591d7195a27d91e62002c4c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"101b-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c54d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 icon-footer-social-instagram-off.d85212f2.svg
medmen.com/static/media/ 3 KB
2 KB 713ms
702ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-instagram-off.d85212f2.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73ddca1d5c05c6cc15bafa1e66f73de96d9768271e9b7c85d39b055665761d23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"d55-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c74d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 icon-footer-social-instagram-on.1fd0b77e.svg
medmen.com/static/media/ 5 KB
2 KB 707ms
700ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/icon-footer-social-instagram-on.1fd0b77e.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769e4e838034e05d5ec90c655dfec2600cab746d9b727a1dd5599b9e84a1c27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"12a6-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9c84d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 mobile-menu-close.9f65624b.svg
medmen.com/static/media/ 350 B
410 B 701ms
694ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/mobile-menu-close.9f65624b.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1454f94371ba5d171b5e0460fc61d78f5744c1ad229f7e28470319506a9b544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"15e-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9ca4d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
968 B 140ms
47ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass

Requested by

Host: medmen.com
URL: https://medmen.com/static/css/bundle.12e21ab4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02740213cf74a960d502d0cf348791c0e5e1cff1d3b902149c35387deb75bcee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 05:34:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
83 KB 163ms
65ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eaf051b76081a3dee52055b3ab7cb6052c224a20f2c571b5c010b9cd56481a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84643
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 05:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2763
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 07:49:43 GMT

GET
H2 200 tbth5qz56.js Show response
cdn.krxd.net/controltag/ 26 KB
8 KB 272ms
160ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48f15b53d21b43ca1bbdd33f3439c0d1c2b0fff4ff76e649f4738a89306e527e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7432
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000060-IAD, cache-fra-eddf8230090-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1695278147.949626,VS0,VE103
etag: "751300fbe8f36832e62f8d94a631e1df4b33df7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 19302, 1

GET
H2 200 wave.min.js Show response
cdn.surfside.io/v1.1.0/ 3 KB
1 KB 139ms
39ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.surfside.io/v1.1.0/wave.min.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-125.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b227c1e78229c326ff643903227c9598ad89e5e0a3d9aeb8ff7e91221125e7de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:24 GMT
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-version-id: 7DZWXt0Xq0QbRgrvJ7HAGydr92E7esYI
x-amz-cf-pop: FRA60-P3
age: 207983
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 994
last-modified: Sun, 12 Feb 2023 20:13:24 GMT
server: AmazonS3
etag: "e8437c9c52eef8ee31c16024080710f7"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: UI0Ku97XvICAxKrn5f0GctiAfGMXK2rzSxfixL6zz7YOZYcAG3XH-g==

GET
H2

200

/
match.adsrvr.org/track/cmf/generic/
Redirect Chain

https://edge.surfside.io/id/uid?
https://match.adsrvr.org/track/cmf/generic/?ttd_pid=tkfr5iv&ttd_tpi=1

70 B
149 B

175ms
56ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic/?ttd_pid=tkfr5iv&ttd_tpi=1
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: //match.adsrvr.org/track/cmf/generic/?ttd_pid=tkfr5iv&ttd_tpi=1
Date: Thu, 21 Sep 2023 06:35:47 GMT
Connection: keep-alive
X-Powered-By: Express
Content-Length: 85
Vary: Accept
Content-Type: text/plain; charset=utf-8

GET
H2 200 hotjar-2370412.js Show response
static.hotjar.com/c/ 10 KB
4 KB 189ms
74ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2370412.js?sv=6

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

8944804f8b087dd71c08772e9562404edc0d219400193648d0b70b7c728d19f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 06:35:46 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/4c170b10a7b6cdb6acc382891c1a7d28
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: I3KqgjPZj0tnv3EOXynq-1qRYjEmODowF4U2R4-bPOWMyfQP7VcF2w==

GET
H2

200

activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032 Show response
8869459.fls.doubleclick.net/ Frame DD8D
Redirect Chain

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032?
https://8869459.fls.doubleclick.net/activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032?

494 B
434 B

84ms
83ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032?

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

5c0e54eb231761b71cc395a56777b1ed95598acf839f47c79e8983e9a62dae1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 258
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8869459.fls.doubleclick.net/activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 748 KB
219 KB 282ms
167ms Script
application/javascript 2606:4700:10::6816:1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b484297db1860824af2c3e1051d368886c4fe823d64f78543c3f4e5e88ae936e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduzMxjM6qMXlSug1YlMVPoQJau6PH2JzCqJ124vuj_4QVhsMS0sL5Tmrv7go9-TNZK6-nj76RJzLhp2WPAtirfkqV8M5vbi
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Tue, 19 Sep 2023 10:13:15 GMT
server: cloudflare
etag: W/"a11913328ec2d4c9fee4929431f1a2d4"
vary: Accept-Encoding
x-goog-generation: 1695118395188882
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=XH7XSA==, md5=oRkTMo7C1Mn+5JKUMfGi1A==
access-control-expose-headers: *
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 766148
cf-ray: 80a04a425a63bb86-FRA
expires: Fri, 20 Sep 2024 06:35:47 GMT

GET
H3 200 map-marker-w-person-red.8fa097a2.svg
medmen.com/static/media/ 2 KB
1 KB 698ms
694ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/map-marker-w-person-red.8fa097a2.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3abfa81bf126b2f141735f1c0f78feb649ce3d483a216a5245766ff243ad10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"835-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9cb4d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 header-triangle.a5f8b9e9.svg
medmen.com/static/media/ 160 B
355 B 733ms
729ms Image
image/svg+xml 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medmen.com/static/media/header-triangle.a5f8b9e9.svg
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67945f239be12624d8f67a31a6743530bde14f078cd6a2a07eda0dc1d7681c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"a0-18a8f8d5d68"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
cf-ray: 80a04a41a9cc4d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H3 200 AvenirNextLTPro-Regular.otf
medmen.com/fonts/ 65 KB
38 KB 856ms
854ms Font
font/otf 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/fonts/AvenirNextLTPro-Regular.otf
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a

Request headers

Referer: https://medmen.com/
Origin: https://medmen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 13 Sep 2023 17:18:41 GMT
server: cloudflare
etag: W/"104f0-18a8f8d5d68"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=3600
cf-ray: 80a04a41a9cd4d54-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Sep 2023 07:35:47 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 171ms
40ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 794
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 46eac4c6-c01e-0056-6554-ec01b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 21 Sep 2023 07:05:47 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 138ms
54ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places&callback=gmapInit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medmen.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 edge.min.js Show response
cdn.surfside.io/v1.1.0/ 100 KB
31 KB 52ms
52ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.surfside.io/v1.1.0/edge.min.js
Requested by: Host: cdn.surfside.io
URL: https://cdn.surfside.io/v1.1.0/wave.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-125.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 036a5f3009d3cb2bed0ba3de1e5bec6b23d7aacfaa2f6de9d5ae7bf9c9201224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:25 GMT
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-version-id: KGLWTNsywDtLQw.ZwNIwxEUASdK0MeAd
x-amz-cf-pop: FRA60-P3
age: 207982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31401
last-modified: Sun, 12 Feb 2023 20:13:24 GMT
server: AmazonS3
etag: "43eadef5d91c1610945d9915ae165468"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: E5pws--yZ4CGGixhcEQsH1xiLzlAFObzXjVv_IvKZi8gOhYlMiwhtw==

GET
H2 200 dutchie.min.js Show response
cdn.surfside.io/v1.1.0/ 3 KB
1 KB 53ms
52ms Script
application/javascript 13.32.99.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.surfside.io/v1.1.0/dutchie.min.js
Requested by: Host: cdn.surfside.io
URL: https://cdn.surfside.io/v1.1.0/wave.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-125.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 477ca53e13838ea2855ca04d80d39abda8ce89588323d6115bf0d6a926487bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:49:30 GMT
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-version-id: woqTRMEWBpJFwsA6F96rNyAOYuqTaryW
x-amz-cf-pop: FRA60-P3
age: 207977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1037
last-modified: Sun, 12 Feb 2023 20:13:24 GMT
server: AmazonS3
etag: "10269982a979d7a66dd7646411f29ed0"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: RGfdVCA9bvD4z1s-V1h-uvFB9rwGjXSov6TVU1DvRL0MzIxsFS2khw==

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Sep 2023 07:06:51 GMT

GET
H2 200 modules.4ed09ad592101c54e9e4.js Show response
script.hotjar.com/ 225 KB
55 KB 144ms
44ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4ed09ad592101c54e9e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2370412.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

3f1debe1ac6066919736837125f1f35a225efcd0f56c5cf0a9a9b86b537d656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 17:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 48161
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56073
last-modified: Wed, 20 Sep 2023 17:12:39 GMT
etag: "6db2a0c2bdd2e53c733e03ac81d84bb1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2fRQvqIEzxxa5o5PmoMDlablMZzXBFS6WRwYzyaGR6lF0OVX_wDbAg==

OPTIONS
H/1.1 200
OK track
col.surfside.io/event/ Frame 0
0 492ms
120ms Preflight 34.226.103.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://col.surfside.io/event/track
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.103.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-103-242.compute-1.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://medmen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Allow-Origin: https://medmen.com
Access-Control-Max-Age: 5
Content-Length: 0
Date: Thu, 21 Sep 2023 06:35:46 GMT
Server: akka-http/10.2.7

POST
H/1.1 200
OK track Show response
col.surfside.io/event/ 2 B
427 B 471ms
118ms XHR
text/plain 34.226.103.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://col.surfside.io/event/track
Requested by: Host: cdn.surfside.io
URL: https://cdn.surfside.io/v1.1.0/edge.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.103.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-103-242.compute-1.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://medmen.com
Date: Thu, 21 Sep 2023 06:35:47 GMT
Access-Control-Allow-Credentials: true
Content-Type: text/plain; charset=UTF-8
Server: akka-http/10.2.7
Content-Length: 2
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 controltag.js.387e8802bbd0d9fbfa52c1546d7297df Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 40ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 200690
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84742
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Thu, 28 Apr 2022 05:17:05 GMT
x-timer: S1695278147.097405,VS0,VE1
etag: "387e8802bbd0d9fbfa52c1546d7297df"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 25 Apr 2032 05:17:04 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1089415617&t=pageview&_s=1&dl=https%3A%2F%2Fmedmen.com%2F&ul=en-us&de=UTF-8&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIJBAAAACAMI~&jid=1708634471&gjid=1048516844&cid=827786294.1695278147&tid=UA-112939841-1&_gid=289808365.1695278147&_r=1&_slc=1&gtm=45He39i0n81N7J8WCW&z=219374916

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore... Show response
8869459.fls.doubleclick.net/ Frame 2EA7
Redirect Chain

https://8869459.fls.doubleclick.net/activityi;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~o...
https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=...

2 KB
993 B

81ms
80ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

dedee6e70297233e91a014c13bb6955dd93c8dd89b22c61ece172ca2e5380c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 968
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Thu, 21 Sep 2023 06:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2370412.js Show response
static.hotjar.com/c/ 10 KB
4 KB 41ms
40ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2370412.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

8944804f8b087dd71c08772e9562404edc0d219400193648d0b70b7c728d19f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 06:35:46 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/4c170b10a7b6cdb6acc382891c1a7d28
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 5HQ4pEvp1luNLzlxJEa-_m1px2N52uHSJfEB2udtTb5lJ7DmMj2xHA==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 74 KB
22 KB 196ms
39ms Script
application/javascript 23.50.131.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-81.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
x-amz-request-id: XKGHZFD3MWE70SZ5
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 21820
x-amz-id-2: gWr3vmZpuUzRmaKoPVdSs4ykeAN462JpboAK4ld9+bVsv5xw5w9p3fV9vmBtMtnNjQiNw7PfAEA=
last-modified: Wed, 06 Sep 2023 14:35:36 GMT
server: AmazonS3
etag: "220840acac0b72605c541d1c968febe3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=690
accept-ranges: bytes
x-amz-cf-id: Jp9zwROH3po8zTkriAo-o-qhv3WHYM2JGt8p3Mza7an2zSSb460m_g==

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 141ms
39ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 519884
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 5ee5ef13797b856dbb32018ef503d249

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11068987015

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cd188b7fc7dc7a076321c42b891a52ef55377655ca9e9f9829f3bc7ef2fb4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74815
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 06:35:47 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 178ms
68ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 21 Sep 2023 06:35:46 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 12B3B366C9B94253BC041C179749F030 Ref B: FRA31EDGE0105 Ref C: 2023-09-21T06:35:47Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
95 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SZP0SGZ478&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7J8WCW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6efd985fedef5f7532910c44029eee2f8a321161f45f63a1f58f7af95de3d573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 06:35:47 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 135ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SZP0SGZ478&gtm=45je39i0&_p=1089415617&_gaz=1&cid=827786294.1695278147&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695278147&sct=1&seg=0&dl=https%3A%2F%2Fmedmen.com%2F&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZP0SGZ478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 145ms
48ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SZP0SGZ478&cid=827786294.1695278147&gtm=45je39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZP0SGZ478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 145ms
50ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SZP0SGZ478&cid=827786294.1695278147&gtm=45je39i0&aip=1&z=1197023300

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 136ms
47ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-112939841-1&cid=827786294.1695278147&jid=1708634471&gjid=1048516844&_gid=289808365.1695278147&_u=aGDACEIIBAAAACAMI~&z=81842879

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https:... Frame E54E 493 B
633 B 192ms
78ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18dc1cd9106790d35010a07c84ac0c109adb16f6d1cef61f9eab1ef0a643c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 258
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 77A4 805 B
825 B 39ms
39ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28944755
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Thu, 21 Sep 2023 06:35:47 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1501
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-fra-eddf8230090-FRA
x-timer: S1695278147.264577,VS0,VE0

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/medmen.com/ 163 B
723 B 251ms
157ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/medmen.com/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b4fc6761b678ef44cd3d021c75f64f2823c2efe75d375656693b8bec0b6b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsUoUS5fjc6HGesQzesxXvWrK3g8NUBQYdZdn3CU--Faww46H7gfno2NMcnCGbo2xfGd_1VwOZOB-mdXUdIpS5ZUG5Dj8ME
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 21 Feb 2023 14:46:40 GMT
server: cloudflare
etag: W/"e55daed8e07d450e534c8596f24058ad"
vary: Accept-Encoding
x-goog-hash: crc32c=At6ZFQ==, md5=5V2u2OB9RQ5TTIWW8kBYrQ==
x-goog-generation: 1676990800754340
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300, must-revalidate
x-goog-stored-content-length: 163
cf-ray: 80a04a4568aa1e30-FRA
expires: Fri, 20 Sep 2024 06:35:47 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 2EA7 70 B
149 B 178ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=1bqaots&ct=0:yfhoofy&fmt=3
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 2EA7 6 KB
6 KB 170ms
52ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524" /
Resource Hash: f12f409f9231abe69a8829577da175f173930cefebcb9aedaaf75b9a870848ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 06:35:47 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6099
Expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H/1.1 200
OK apbWVkbWVuLWNvbnRhaW5lcjE5.js Show response
bk.adprimemedia.net/k/audq/p/ Frame 2EA7 707 B
804 B 388ms
118ms Script
application/javascript 18.214.218.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bk.adprimemedia.net/k/audq/p/apbWVkbWVuLWNvbnRhaW5lcjE5.js
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.218.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-218-48.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / PHP/5.6.40
Resource Hash: 671a4b1a48d02018ac096ede0243f23b03988b915459215d18b61741fc9190e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:47 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 360
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=*;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F
adservice.google.com/ddm/fls/z/ Frame 2EA7 42 B
118 B 77ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=*;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ 234 B
431 B 160ms
66ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b1ce6ee9230efeb04a3e32ac6d6e564ea192399e6b1e815c516a895e27a3817f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: consumer-a004-dub-prod.krxd.net, cache-fra-etou8220050-FRA
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1695278147.485765,VS0,VE27
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 187
x-cache-hits: 0, 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 143ms
51ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112939841-1&cid=827786294.1695278147&jid=1708634471&_u=aGDACEIIBAAAACAMI~&z=2076820610

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112939841-1&cid=827786294.1695278147&jid=1708634471&_u=aGDACEIIBAAAACAMI~&z=2076820610

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tbth5qz56.js Show response
cdn.krxd.net/controltag/ Frame 77A4 26 KB
8 KB 42ms
41ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 48f15b53d21b43ca1bbdd33f3439c0d1c2b0fff4ff76e649f4738a89306e527e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 7432
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kiad7000060-IAD, cache-fra-eddf8230090-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1695278147.407239,VS0,VE0
etag: "751300fbe8f36832e62f8d94a631e1df4b33df7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 19302, 2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11068987015/ 3 KB
2 KB 177ms
84ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11068987015/?random=1695278147403&cv=11&fst=1695278147403&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedmen.com%2F&hn=www.googleadservices.com&frm=0&tiba=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&auid=651065702.1695278147&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11068987015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a7a5d4f049d91dffe0d9af472204b7bb6b11d797db45ee3e56331e466179478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 343027052.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 67ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343027052.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

096cbfd786af3b2f84a5afc07008707949c7f1b2c1e845053aea1f95834efb8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 21 Sep 2023 06:35:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1103FF856DD54885A70858DED4558D11 Ref B: FRA31EDGE0105 Ref C: 2023-09-21T06:35:47Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 101ms
100ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343027052&Ver=2&mid=1d567a38-71a7-4271-a756-446975eababa&sid=193c7540584911eeb17a198ccfff5642&vid=193cc080584911eeaa61efff8c58050b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&kw=medmen,%20med%20men,%20medman,%20dispensary%20near%20me,%20dispensaries%20near%20me,%20medmen%20dispensary,%20medmen%20delivery,%20marijuana%20delivery,%20medmen%20locations,%20medmen%20las%20vegas,%20medmen%20los%20angeles,%20medmen%20chicago,%20medmen%20nyc,%20medmen%20san%20diego,%20medmen%20florida,%20medmen%20menu&p=https%3A%2F%2Fmedmen.com%2F&r=&evt=pageLoad&sv=1&rn=754847

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Sep 2023 06:35:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B62DD224C024B3C8A9F8830672B6707 Ref B: FRA31EDGE0105 Ref C: 2023-09-21T06:35:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10566 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/6/ 2 KB
960 B 396ms
279ms XHR
application/octet-stream 23.50.131.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/6/10566
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-81.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cb9389308a294f1aa4b8e85da093d2fb1e86f89688a1cf39b5983e0d8d6ecb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: ol8.Xn8XQNG0gq4EdEiEWGSTSzEjQoBs
content-encoding: gzip
date: Thu, 21 Sep 2023 06:35:47 GMT
last-modified: Tue, 09 Feb 2021 16:50:50 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "5f3a2e7fd180ef4ab6589cd46b70c80b"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=69
x-amz-replication-status: COMPLETED
accept-ranges: bytes
x-amz-cf-id: cT5tK8hr7bONX1kLBPGG8lTgdRIIQmLcKyqzHUCf_nicqoNZqIdjWA==
content-length: 637

GET
H3

200

/ Show response
8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref... Frame 2082
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref...
https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.0...

2 KB
814 B

79ms
78ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

b69e30289715aeff61f0e88e1ae3d6dec6d5899142385f99920c20969d024b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 791
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Thu, 21 Sep 2023 06:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 controltag.js.387e8802bbd0d9fbfa52c1546d7297df Show response
cdn.krxd.net/ctjs/ Frame 77A4 259 KB
83 KB 42ms
41ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tbth5qz56.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 2
age: 200690
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84742
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Thu, 28 Apr 2022 05:17:05 GMT
x-timer: S1695278147.468030,VS0,VE0
etag: "387e8802bbd0d9fbfa52c1546d7297df"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 25 Apr 2032 05:17:04 GMT

GET
H2 200 343027052 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 283ms
138ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343027052
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343027052.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60b491a8cce7b7be1fa924e6bb2ddaa9f656c4d9e830ba3456564ba6b11eaa49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires: -1
date: Thu, 21 Sep 2023 06:35:47 GMT
x-azure-ref: 20230921T063547Z-9hydxk6v352kb92dygf95hz4uw0000000csg000000006n99
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 7b3785dc-e5e8-4465-88e8-0bb2db048533 Show response
consumer.krxd.net/consent/get/ Frame 77A4 219 B
281 B 66ms
66ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/7b3785dc-e5e8-4465-88e8-0bb2db048533?idt=device&dt=kxcookie&callback=Krux.ns.centro.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bbc9e4d3b9f0b1230c4dea72ebd07c3c30665e70f0d5740691810a4757b1850e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: consumer-a014-dub-prod.krxd.net, cache-fra-etou8220050-FRA
date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1695278148.549388,VS0,VE27
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 176
x-cache-hits: 0, 0

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame B14A 677 B
1 KB 52ms
51ms Document
text/html 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Thu, 21 Sep 2023 06:35:47 GMT
Expires: Thu, 21 Sep 2023 06:35:46 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"

GET
H/1.1 200 3770478739069386752
acuityplatform.com/Adserver/pxl/ Frame 2EA7 70 B
506 B 179ms
48ms Image
image/png 154.59.122.74
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acuityplatform.com/Adserver/pxl/3770478739069386752
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.59.122.74 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
transfer-encoding: chunked
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 2EA7 0
489 B 118ms
74ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 933 7933424 master cdg-pixel-x32 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 06:35:47 GMT
Server: MT3 933 7933424 master cdg-pixel-x32 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11068987015/ 42 B
154 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11068987015/?random=1695278147403&cv=11&fst=1695276000000&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedmen.com%2F&frm=0&tiba=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3560807319&rmt_tld=0&ipr=y

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11068987015/ 42 B
64 B 54ms
54ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11068987015/?random=1695278147403&cv=11&fst=1695276000000&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmedmen.com%2F&frm=0&tiba=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3560807319&rmt_tld=1&ipr=y

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame B14A 0
493 B 64ms
51ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x7 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 06:35:47 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x7 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 2082 70 B
148 B 59ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=1bqaots&ct=0:yfhoofy&fmt=3
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 2082 6 KB
6 KB 59ms
58ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438" /
Resource Hash: cf37fd7526504ca335add058018dad5637e125322e2523deafa7b86175bbdabc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 06:35:47 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 6099
Expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H/1.1 200
OK apbWVkbWVuLWNvbnRhaW5lcjE5.js Show response
bk.adprimemedia.net/k/audq/p/ Frame 2082 707 B
804 B 154ms
118ms Script
application/javascript 18.214.218.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bk.adprimemedia.net/k/audq/p/apbWVkbWVuLWNvbnRhaW5lcjE5.js
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.214.218.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-218-48.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / PHP/5.6.40
Resource Hash: 671a4b1a48d02018ac096ede0243f23b03988b915459215d18b61741fc9190e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:47 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 360
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 2EA7
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

43 B
796 B

63ms
54ms

Image
image/gif

52.19.234.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Server

52.19.234.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-234-142.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:48 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1
Date: Thu, 21 Sep 2023 06:35:48 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 x-medmen;ord=1695278147
pubads.g.doubleclick.net/activity;dc_iu=/6105/ Frame 2EA7 42 B
440 B 259ms
123ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6105/x-medmen;ord=1695278147

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 2EA7 304 B
1 KB 483ms
49ms Script
text/javascript 193.0.160.52
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fmedmen.com%2F
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.52 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: e42048e96fe1b87763d5f243e27eafab238f7644be6e002c9ab1ed331aa9c31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:48 GMT
Last-Modified: Tue, 19 Sep 2023 06:35:48 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 19 Sep 2023 06:35:48 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame BD98
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

94ms
44ms

Document
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash

Request headers

Referer: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

d46ec517f54be3d6
pixel.sitescout.com/iap/ Frame 2EA7
Redirect Chain

https://pixel-a.basis.net/iap/d46ec517f54be3d6
https://pixel.sitescout.com/iap/d46ec517f54be3d6

0
191 B

95ms
46ms

Image
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/d46ec517f54be3d6
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/activityi;dc_pre=CMzxh56Lu4EDFUQ6GAodDVkHPQ;src=8869459;type=general;cat=retar0;ord=3779789272710;auiddc=651065702.1695278147;gtm=45He39i0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmedmen.com%2F?
Protocol: H2
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/d46ec517f54be3d6
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 78ms
78ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:47 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 19:28:23 GMT
etag: W/"0x8DBB87D6C4CE56B"
vary: Accept-Encoding
x-azure-ref: 20230921T063547Z-9hydxk6v352kb92dygf95hz4uw0000000csg000000006nac
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f43ca937-f01e-001f-1bc9-ea9ddf000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H/1.1 200 3770478739069386752
acuityplatform.com/Adserver/pxl/ Frame 2082 70 B
506 B 48ms
48ms Image
image/png 154.59.122.74
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acuityplatform.com/Adserver/pxl/3770478739069386752
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.59.122.74 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
transfer-encoding: chunked
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 50A8 677 B
1 KB 57ms
56ms Document
text/html 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1406937&mt_adid=223009&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438" /
Resource Hash: 3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22

Request headers

Referer: https://8869459.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 677
Content-Type: text/html
Date: Thu, 21 Sep 2023 06:35:47 GMT
Expires: Thu, 21 Sep 2023 06:35:46 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 2082 0
489 B 56ms
56ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 851 9bd98ae master cdg-pixel-x13 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 06:35:47 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x13 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H2 200 Serving Show response
bs.serving-sys.com/ 385 B
543 B 233ms
50ms Script
text/html 35.157.124.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=10566&dispType=js&sync=0&sessionid=3410603928173026406&pageurl=$$https%3A%2F%2Fmedmen.com%2F$$&activityValues=$$Session%3D3802352603410521633$$&ns=0&rnd=3298441613&uinadv=%7B%7D&ccpastatus=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-124-148.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 65a758fadbc5054761bae84b65ae5c7da83c8b257f1f7d8ca07e6c6bf4991d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 289
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 50A8 0
493 B 277ms
276ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e6ea650b-e444-4500-b02e-1f1da99c6ce2&no_iframe=1&mt_adid=223009&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 06:35:48 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 21 Sep 2023 06:35:46 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame DCBF 0
0 136ms
44ms Document
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash

Request headers

Referer: https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 1d1a95d7722f377e
pixel.sitescout.com/up/ 43 B
267 B 139ms
47ms Image
image/gif 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/1d1a95d7722f377e?cntr_url=https%3A%2F%2Fmedmen.com%2F
Requested by: Host: medmen.com
URL: https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame 2082
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

43 B
796 B

59ms
59ms

Image
image/gif

52.19.234.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1

Requested by

Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/

Protocol

HTTP/1.1

Server

52.19.234.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-234-142.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:48 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adprime&segment_key=adprime-826&value=&_bee_ppp=1
Date: Thu, 21 Sep 2023 06:35:48 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 x-medmen;ord=1695278147
pubads.g.doubleclick.net/activity;dc_iu=/6105/ Frame 2082 42 B
107 B 110ms
109ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/6105/x-medmen;ord=1695278147

Requested by

Host: bk.adprimemedia.net
URL: https://bk.adprimemedia.net/k/audq/p/apbWVkbWVuLWNvbnRhaW5lcjE5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 2082 314 B
1 KB 331ms
50ms Script
text/javascript 193.0.160.52
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.52 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eb5a28919967c713f79430f3d4ca950ff1c79072ce4806a552ca11c221042ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:48 GMT
Last-Modified: Tue, 19 Sep 2023 06:35:48 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 19 Sep 2023 06:35:48 GMT

GET
H2

204

d46ec517f54be3d6
pixel.sitescout.com/iap/ Frame 2082
Redirect Chain

https://pixel-a.basis.net/iap/d46ec517f54be3d6
https://pixel.sitescout.com/iap/d46ec517f54be3d6

0
191 B

92ms
46ms

Image
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/d46ec517f54be3d6
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: H2
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 21 Sep 2023 06:35:47 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/d46ec517f54be3d6
content-length: 0

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 7060
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

80ms
45ms

Document
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8869459.fls.doubleclick.net
URL: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash

Request headers

Referer: https://8869459.fls.doubleclick.net/ddm/fls/r/dc_pre=CI_2_p2Lu4EDFQigGAodjqsGGA;src=8869459;type=general;cat=retar0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8361262373682.032;~oref=https://medmen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 21 Sep 2023 06:35:47 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
290 B 521ms
249ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://medmen.com
Date: Thu, 21 Sep 2023 06:35:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H2 403 graphql
ql.mymedmeninterface.com/ Frame 0
0 132ms
46ms Preflight
text/html 2606:4700::6812:1fe8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ql.mymedmeninterface.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fe8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://medmen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: max-age=15
cf-ray: 80a04a4cff921909-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Sep 2023 06:35:48 GMT
expires: Thu, 21 Sep 2023 06:36:03 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

POST graphql
ql.mymedmeninterface.com/ 0
0

GET
H3

200

main.js Show response
medmen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame 100A
Redirect Chain

https://medmen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://medmen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

7 KB
3 KB

46ms
45ms

Script
application/javascript

2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medmen.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

Requested by

Host: medmen.com
URL: https://medmen.com/

Protocol

Server

2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b96f015b28dc932a27e52af5498f940c72eb5eb4bb9f0cb5c7c1c7459c2c244

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 80a04a4cecfa4d54-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 21 Sep 2023 06:35:48 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 80a04a4c6c734d54-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
48ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1089415617&t=pageview&_s=1&dl=https%3A%2F%2Fmedmen.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIJBAAAACAMI~&jid=1683353266&gjid=723125793&cid=827786294.1695278147&tid=UA-112939841-1&_gid=289808365.1695278147&_r=1&z=47051146

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 2EA7 1 B
1 KB 57ms
57ms Script
text/javascript 193.0.160.52
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fmedmen.com%2F&cch
Requested by: Host: medmen.netmng.com
URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fmedmen.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.52 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:48 GMT
Last-Modified: Tue, 19 Sep 2023 06:35:48 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 19 Sep 2023 06:35:48 GMT

GET
H/1.1 200
OK / Show response
medmen.netmng.com/ Frame 2082 1 B
1 KB 57ms
57ms Script
text/javascript 193.0.160.52
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F&cch
Requested by: Host: medmen.netmng.com
URL: https://medmen.netmng.com/?aid=5939&siclientid=&ref=https%3A%2F%2Fadservice.google.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.52 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8869459.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Sep 2023 06:35:48 GMT
Last-Modified: Tue, 19 Sep 2023 06:35:48 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 19 Sep 2023 06:35:48 GMT

POST
H2 200 geolocate Show response
www.googleapis.com/geolocation/v1/ 101 B
435 B 177ms
73ms XHR
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

66e6898217713686929b425b23d7a4037e4d2639cbd5f0191a2495d01fc3511a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 06:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://medmen.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105
x-xss-protection: 0

POST
H3 200 80a04a2dabbc9030 Show response
medmen.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 100A 0
270 B 71ms
68ms XHR
text/plain 2606:4700::6812:1c81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medmen.com/cdn-cgi/challenge-platform/h/b/jsd/r/80a04a2dabbc9030
Requested by: Host: medmen.com
URL: https://medmen.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1c81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Sep 2023 06:35:48 GMT
content-encoding: br
server: cloudflare
cf-ray: 80a04a4dedf54d54-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-112939841-1&cid=827786294.1695278147&jid=1683353266&gjid=723125793&_gid=289808365.1695278147&_u=aGDACEIJBAAAACAMI~&z=1763765068

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 79 B
239 B 207ms
57ms Script
text/javascript 63.32.134.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.centro.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.387e8802bbd0d9fbfa52c1546d7297df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.134.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-134-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ba79951c53d48a290dbd1710bfd609fe56deb1f19a0ec0ceea4a908bb40ef4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Thu, 21 Sep 2023 06:35:48 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1695278148
content-type: text/javascript

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=69AE03CC086C4465B36AACD29C73CFCF&RedC=c.clarity.ms&MXFR=1C52661B79D16D442E2C75887DD16316
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69AE03CC086C4465B36AACD29C73CFCF&MUID=3A29A110AEDF65D03655B283AF736462

42 B
443 B

58ms
58ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69AE03CC086C4465B36AACD29C73CFCF&MUID=3A29A110AEDF65D03655B283AF736462
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E21EA888369944B19F6040DBB274AA05 Ref B: FRA31EDGE0105 Ref C: 2023-09-21T06:35:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69AE03CC086C4465B36AACD29C73CFCF&MUID=3A29A110AEDF65D03655B283AF736462
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 json Show response
maps.googleapis.com/maps/api/geocode/ 29 KB
2 KB 125ms
124ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/geocode/json?latlng=51.8619136,8.1690624&key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4a33a7ca802f81c0e575ece9dff80f979078619a7bbf3b52610b4e370d343329

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
server-timing: gfet4t7; dur=85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1995
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112939841-1&cid=827786294.1695278147&jid=1683353266&_u=aGDACEIJBAAAACAMI~&z=301580199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112939841-1&cid=827786294.1695278147&jid=1683353266&_u=aGDACEIJBAAAACAMI~&z=301580199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 257ms
43ms Preflight 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://medmen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
282 B 217ms
217ms XHR
application/json 52.236.186.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e727dbf54f63c36592eea21725f4b4f870120cd825f2046732d99df5ae98799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: F8F87AD2-66BD-470D-BD3C-796E7EAF0399
strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 06:35:48 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
290 B 121ms
121ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://medmen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://medmen.com
Date: Thu, 21 Sep 2023 06:35:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/ 253 KB
56 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places&callback=gmapInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

930f30b7f705805e09f223377ae0381cc427084e96b877b9299f7672b694028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57020
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 20:03:38 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/ 154 KB
49 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBeXp9iJaqjn-R4LHocDt88bDNNpee0aH8&libraries=places&callback=gmapInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

158d8ab2dd5173ff28b9ee1510bed85974e13ab28350c3886b401bc8d58902c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49895
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:18:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 20:03:38 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SZP0SGZ478&gtm=45je39i0&_p=1089415617&cid=827786294.1695278147&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695278147&sct=1&seg=0&dl=https%3A%2F%2Fmedmen.com%2F&dt=MedMen%20Cannabis%20Dispensaries%20and%20Delivery%20Service&en=scroll&epn.percent_scrolled=90&_et=13
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZP0SGZ478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://medmen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 06:35:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medmen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ql.mymedmeninterface.com
URL: https://ql.mymedmeninterface.com/graphql

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medmen.com/	1970-01-20 14:56:04	Name: _gid Value: GA1.2.289808365.1695278147
medmen.com/	1970-01-20 23:40:14	Name: ai_user Value: Ej06F\|2023-09-21T06:35:47.044Z
.medmen.com/	1970-01-20 14:54:38	Name: _gat_UA-112939841-1 Value: 1
.medmen.com/	1970-01-20 17:04:14	Name: _gcl_au Value: 1.1.651065702.1695278147
.medmen.com/	1970-01-21 00:30:38	Name: _ga Value: GA1.1.827786294.1695278147
.medmen.com/	1970-01-21 00:30:38	Name: _ga_SZP0SGZ478 Value: GS1.1.1695278147.1.0.1695278147.60.0.0
.doubleclick.net/	1970-01-21 00:16:14	Name: IDE Value: AHWqTUljCjcjVDzXGHlV8Z_SqvH8Nj4TX2AeujhIGS48p-XsIGT3PD2t5v6Ro_Kdpyw
.surfside.io/	1970-01-20 23:40:14	Name: surf Value: 82d3c21b-d2df-4ad3-b85c-696e384f37ec
.medmen.com/	1970-01-20 23:40:14	Name: _hjSessionUser_2370412 Value: eyJpZCI6ImFmYjY2ZDM2LWIyNGEtNTc1Ni1iZTJjLWVmMWFlNmQ1ZWI0OSIsImNyZWF0ZWQiOjE2OTUyNzgxNDczNjEsImV4aXN0aW5nIjpmYWxzZX0=
.medmen.com/	1970-01-20 14:54:39	Name: _hjFirstSeen Value: 1
.medmen.com/	1970-01-20 14:54:38	Name: _hjIncludedInSessionSample_2370412 Value: 0
.medmen.com/	1970-01-20 14:54:39	Name: _hjSession_2370412 Value: eyJpZCI6IjU1MGQzM2UzLWZlOTgtNDZiNS1iNDMxLWZmZDBkM2NlNjAzMCIsImNyZWF0ZWQiOjE2OTUyNzgxNDczNjIsImluU2FtcGxlIjpmYWxzZX0=
.medmen.com/	1970-01-20 14:54:39	Name: _hjAbsoluteSessionInProgress Value: 0
.medmen.com/	1970-01-20 14:56:04	Name: _uetsid Value: 193c7540584911eeb17a198ccfff5642
.medmen.com/	1970-01-21 00:16:14	Name: _uetvid Value: 193cc080584911eeaa61efff8c58050b
.krxd.net/	1970-01-20 19:13:50	Name: _kuid_ Value: Pzw0s0po
.bing.com/	1970-01-21 00:16:14	Name: MUID Value: 3A29A110AEDF65D03655B283AF736462
.mathtag.com/	1970-01-21 00:20:33	Name: uuid Value: e6ea650b-e444-4500-b02e-1f1da99c6ce2
.mathtag.com/	1970-01-20 15:37:50	Name: mt_misc Value: mt_bt:1
.acuityplatform.com/	1970-01-20 23:40:14	Name: auid Value: 830154705703
www.clarity.ms/	1970-01-20 23:40:14	Name: CLID Value: 089939103e114e6da50d17883d9c690e.20230921.20240920
.medmen.com/	1970-01-20 23:40:14	Name: _clck Value: 1tjj9l8\|2\|ff7\|0\|1359
.bidr.io/	1970-01-21 00:23:11	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-21 00:23:11	Name: bito Value: AAE_qU7KF8kAABizryJu7A
.netmng.com/	1970-01-21 00:23:26	Name: u Value: 5238BA24-8DF6-48BD-B9F1-89527478BB14
medmen.com/	1969-12-31 23:59:59	Name: BUILD_NUMBER Value: 94029
.medmen.com/	1970-01-20 14:56:04	Name: _clsk Value: 2a717q\|1695278148581\|1\|1\|w.clarity.ms/collect
.medmen.com/	1970-01-20 14:54:38	Name: _gat Value: 1
.netmng.com/	1970-01-20 19:18:09	Name: evo5 Value: t27vatqyr3pie%7CO%7CY0c1bmRVVkhibVpJWTJGNFRqUXZNRlI2VEdGU05WaEpVREE1TTJKM1UyMTZObmw2TlUxa01WWlhUSFp2UlVscldrTjBOaXN3VTFGaGFHeFNWSEpXUzJKSlQwazNiRU5pYUcxT1FsVmtWWFUxYkVwd1QyVjZSa2RDU25ocmFHdzRSMlJXWVdaMGMwaHdTRkF3TXpKNE1UTkhaRkJ6ZDNOamJXUk5XVzEyYkRGNlVWbGFlV1JyUkZWYWFtdEhZMDR5VEhOR1MxRnROV2hSVGpGbWJ6RTFWV05vYUU1eFNYbDJVVVowYzFVdlVFWm5hbXA1TXpSNWRqaDVVRWhUUW5GbFkzRnFVMnhCZWpBclJHbG5jVzQ1WVhCUVdVeEpjbWt5YjJoalUxSm9OMVZ1YWxwVE5IWk1aa3BaVW1semRVYzVjRXRUUTBNMlZtMUxSa2hJWnpoc1NnPT06dGo0eitIUTRFVGF3MVY5VW8weUJpZz09
medmen.com/	1970-01-20 14:54:39	Name: ai_session Value: RC/iZ\|1695278147211.9\|1695278148766
.medmen.com/	1970-01-20 23:40:14	Name: cf_clearance Value: QpYTA3sE.ICDtbrU8ZzzSByu4DJ_7XFEQW.ryqDf88s-1695278148-0-1-b418fa76.a2dc03f8.7248eae7-0.2.1695278148
medmen.com/	1970-01-20 14:56:04	Name: LAST_HEADER_STORE Value: Los%20Angeles%20-%20DTLA
.c.bing.com/	1970-01-20 15:04:42	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:16:14	Name: SRM_B Value: 3A29A110AEDF65D03655B283AF736462
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:16:14	Name: MUID Value: 3A29A110AEDF65D03655B283AF736462
.c.clarity.ms/	1970-01-20 15:04:42	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:54:38	Name: ANONCHK Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://medmen.com/static/js/bundle.12e21ab4.js(Line 1) Message: WebSocket connection to 'wss://ql.mymedmeninterface.com/graphql' failed: Error during WebSocket handshake: Unexpected response code: 403
javascript	error	URL: https://medmen.com/ Message: Access to fetch at 'https://ql.mymedmeninterface.com/graphql' from origin 'https://medmen.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ql.mymedmeninterface.com/graphql Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://medmen.com/static/js/bundle.12e21ab4.js(Line 1) Message: WebSocket connection to 'wss://ql.mymedmeninterface.com/graphql' failed: Error during WebSocket handshake: Unexpected response code: 403
network	error	URL: https://medmen.com/static/js/bundle.12e21ab4.js(Line 1) Message: WebSocket connection to 'wss://ql.mymedmeninterface.com/graphql' failed: Error during WebSocket handshake: Unexpected response code: 403
network	error	URL: https://medmen.com/static/js/bundle.12e21ab4.js(Line 1) Message: WebSocket connection to 'wss://ql.mymedmeninterface.com/graphql' failed: Error during WebSocket handshake: Unexpected response code: 403
network	error	URL: https://medmen.com/static/js/bundle.12e21ab4.js(Line 1) Message: WebSocket connection to 'wss://ql.mymedmeninterface.com/graphql' failed: Error during WebSocket handshake: Unexpected response code: 403
network	error	URL: https://medmen.com/static/js/bundle.12e21ab4.js(Line 1) Message: WebSocket connection to 'wss://ql.mymedmeninterface.com/graphql' failed: Error during WebSocket handshake: Unexpected response code: 403

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8869459.fls.doubleclick.net
acsbapp.com
acuityplatform.com
adservice.google.com
adservice.google.de
az416426.vo.msecnd.net
bat.bing.com
beacon.krxd.net
bk.adprimemedia.net
bs.serving-sys.com
c.bing.com
c.clarity.ms
cdn.acsbapp.com
cdn.krxd.net
cdn.surfside.io
col.surfside.io
consumer.krxd.net
dc.services.visualstudio.com
edge.surfside.io
fonts.googleapis.com
googleads.g.doubleclick.net
insight.adsrvr.org
maps.googleapis.com
match.adsrvr.org
medmen.com
medmen.netmng.com
pixel-a.basis.net
pixel.mathtag.com
pixel.sitescout.com
pubads.g.doubleclick.net
ql.mymedmeninterface.com
region1.analytics.google.com
script.hotjar.com
secure-ds.serving-sys.com
segment.prod.bidr.io
static.hotjar.com
stats.g.doubleclick.net
up.pixel.ad
w.clarity.ms
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
ql.mymedmeninterface.com
13.32.99.125
151.101.194.133
151.101.2.133
154.59.122.74
178.79.242.16
18.214.218.48
18.66.97.10
193.0.160.52
2001:4860:4802:32::36
216.58.212.166
23.50.131.81
23.96.124.156
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:1cc
2606:4700:10::ac43:b9b
2606:4700::6812:1c81
2606:4700::6812:1fe8
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
34.226.103.242
35.157.124.148
35.71.131.137
52.19.234.142
52.222.236.122
52.223.40.198
52.236.186.217
52.4.143.156
63.32.134.67
68.219.88.97
95.101.148.198
98.98.134.242
00243e5921179da41a732324adf3d9804520742ca821ed729370dd5b1ffb397e
02740213cf74a960d502d0cf348791c0e5e1cff1d3b902149c35387deb75bcee
02b4fc6761b678ef44cd3d021c75f64f2823c2efe75d375656693b8bec0b6b77
036a5f3009d3cb2bed0ba3de1e5bec6b23d7aacfaa2f6de9d5ae7bf9c9201224
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
096cbfd786af3b2f84a5afc07008707949c7f1b2c1e845053aea1f95834efb8b
158d8ab2dd5173ff28b9ee1510bed85974e13ab28350c3886b401bc8d58902c3
18dc1cd9106790d35010a07c84ac0c109adb16f6d1cef61f9eab1ef0a643c664
1d1ef128acbbfdc0850ab9a1d26fcb6e2b01c6dc85777b73e98d8162699885fe
1eb5a28919967c713f79430f3d4ca950ff1c79072ce4806a552ca11c221042ec
21d7fc503db5e58915ced447c70c1743ae04ba01b5114c67bef1ea89d082653a
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374fb059a4d9ccaf1db21f8a110f9553a4abb8c07ae54635837c9b666c828dc1
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
3f1debe1ac6066919736837125f1f35a225efcd0f56c5cf0a9a9b86b537d656a
477ca53e13838ea2855ca04d80d39abda8ce89588323d6115bf0d6a926487bf9
48f15b53d21b43ca1bbdd33f3439c0d1c2b0fff4ff76e649f4738a89306e527e
4a33a7ca802f81c0e575ece9dff80f979078619a7bbf3b52610b4e370d343329
4a7a5d4f049d91dffe0d9af472204b7bb6b11d797db45ee3e56331e466179478
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5c0e54eb231761b71cc395a56777b1ed95598acf839f47c79e8983e9a62dae1b
60b491a8cce7b7be1fa924e6bb2ddaa9f656c4d9e830ba3456564ba6b11eaa49
65a758fadbc5054761bae84b65ae5c7da83c8b257f1f7d8ca07e6c6bf4991d43
66e6898217713686929b425b23d7a4037e4d2639cbd5f0191a2495d01fc3511a
671a4b1a48d02018ac096ede0243f23b03988b915459215d18b61741fc9190e4
67945f239be12624d8f67a31a6743530bde14f078cd6a2a07eda0dc1d7681c01
6a5aaaf6429f866bd377690684cce5b71b9f897c13ade5ab2915a5527ac60bf2
6efd985fedef5f7532910c44029eee2f8a321161f45f63a1f58f7af95de3d573
73ddca1d5c05c6cc15bafa1e66f73de96d9768271e9b7c85d39b055665761d23
769e4e838034e05d5ec90c655dfec2600cab746d9b727a1dd5599b9e84a1c27b
7bccbf4fac8c424d82fcdcf7cce8771cafd3d205591d7195a27d91e62002c4c2
847ced341e460ec43012f8c38c591165bac938facc323f54837722e9c7f0a3b7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8944804f8b087dd71c08772e9562404edc0d219400193648d0b70b7c728d19f4
8b96f015b28dc932a27e52af5498f940c72eb5eb4bb9f0cb5c7c1c7459c2c244
8cd188b7fc7dc7a076321c42b891a52ef55377655ca9e9f9829f3bc7ef2fb4b3
8cf2c7d8af5c7956d251f5e8f2da1cf4b4b1caae90c833fe0975b14c1d55b0e6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e727dbf54f63c36592eea21725f4b4f870120cd825f2046732d99df5ae98799
930f30b7f705805e09f223377ae0381cc427084e96b877b9299f7672b694028f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1454f94371ba5d171b5e0460fc61d78f5744c1ad229f7e28470319506a9b544
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1ce6ee9230efeb04a3e32ac6d6e564ea192399e6b1e815c516a895e27a3817f
b227c1e78229c326ff643903227c9598ad89e5e0a3d9aeb8ff7e91221125e7de
b484297db1860824af2c3e1051d368886c4fe823d64f78543c3f4e5e88ae936e
b69e30289715aeff61f0e88e1ae3d6dec6d5899142385f99920c20969d024b66
b7844d240d400c2e9c62cf3ec3a2381ced604a9a3d99793399a8ca315efad7ad
ba79951c53d48a290dbd1710bfd609fe56deb1f19a0ec0ceea4a908bb40ef4db
bbc9e4d3b9f0b1230c4dea72ebd07c3c30665e70f0d5740691810a4757b1850e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9389308a294f1aa4b8e85da093d2fb1e86f89688a1cf39b5983e0d8d6ecb86
cf37fd7526504ca335add058018dad5637e125322e2523deafa7b86175bbdabc
d1872ace7c3af8a214bec239d58ad3d4f3e0d5eee7a18bb416aa9cd28fff233d
d7def70856ea78116825d8ddc9f3a81561da30078d018db98ca148e39a0e9662
dc3abfa81bf126b2f141735f1c0f78feb649ce3d483a216a5245766ff243ad10
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedee6e70297233e91a014c13bb6955dd93c8dd89b22c61ece172ca2e5380c55
e2928858da99fb4e62826a3ae19a8d26d7e7209c35ac928235ce188f7652d794
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42048e96fe1b87763d5f243e27eafab238f7644be6e002c9ab1ed331aa9c31c
eaf051b76081a3dee52055b3ab7cb6052c224a20f2c571b5c010b9cd56481a3c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12f409f9231abe69a8829577da175f173930cefebcb9aedaaf75b9a870848ca
f3c02783bc9896b00e03474081aac7cb0d260a801d42e0f0f782b0e6f128f922
ff90cc4ac0935612385a6962684ec5b4c94efb7607357dcd93d3b0147932d76c

medmen.com Open in urlscan Pro 2606:4700::6812:1c81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

93 %HTTPS

47 %IPv6

26 Domains

45 Subdomains

42 IPs

5 Countries

2867 kBTransfer

9771 kBSize

38 Cookies

1 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

medmen.com Open in urlscan Pro
2606:4700::6812:1c81 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

93 %
HTTPS

47 %
IPv6

26
Domains

45
Subdomains

42
IPs

5
Countries

2867 kB
Transfer

9771 kB
Size

38
Cookies

115 HTTP transactions
0 data transactions