www.crystal-springs.com Open in urlscan Pro
3.234.93.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.crystal-springs.com/bottled-water-terms-and-conditions
Effective URL:
https://www.crystal-springs.com/terms-and-conditions
Submission: On August 23 via api (August 23rd 2023, 12:28:39 pm UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 105 HTTP transactions. The main IP is 3.234.93.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.crystal-springs.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 27th 2023. Valid for: a year.

This is the only time www.crystal-springs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	3.234.93.111 3.234.93.111	14618 (AMAZON-AES) (AMAZON-AES)
1 3	44.216.127.92 44.216.127.92	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.82.42 65.9.82.42	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.37.143.183 20.37.143.183	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100::1720:ee1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700::68... 2606:4700::6812:bbda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	34.197.248.129 34.197.248.129	14618 (AMAZON-AES) (AMAZON-AES)
16	146.75.118.49 146.75.118.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:24e... 2600:1f18:24e6:b902:cd23:8605:eb9b:f194	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:26d... 2600:9000:26da:3a00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.18.13.242 104.18.13.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.75.121.230 146.75.121.230	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
105	30

14 3.234.93.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-93-111.compute-1.amazonaws.com

www.crystal-springs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.216.127.92 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-127-92.compute-1.amazonaws.com

www.crystal-springs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-production.dss-aws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.82.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-82-42.ams1.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.37.143.183 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

test-api.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100::1720:ee1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:bbda (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.248.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-248-129.compute-1.amazonaws.com

api.ipstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 146.75.118.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.contentful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b902:cd23:8605:eb9b:f194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26da:3a00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

11674875.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.121.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	contentful.com cdn.contentful.com — Cisco Umbrella Rank: 9186	97 KB
15	crystal-springs.com 2 redirects www.crystal-springs.com	1 MB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 354	222 KB
9	typekit.net use.typekit.net — Cisco Umbrella Rank: 485 p.typekit.net — Cisco Umbrella Rank: 610	135 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	22 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 11674875.fls.doubleclick.net — Cisco Umbrella Rank: 437060 stats.g.doubleclick.net — Cisco Umbrella Rank: 93	6 KB
7	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2013 rs.fullstory.com — Cisco Umbrella Rank: 1975	92 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 100	1 KB
5	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3833	27 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 356	13 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6490	670 B
3	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6280
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	280 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	239 B
2	medallia.com resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 4432	86 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	157 KB
2	dss-aws.com api-production.dss-aws.com — Cisco Umbrella Rank: 199520	116 KB
1	kampyle.com udc-neb.kampyle.com — Cisco Umbrella Rank: 2406	318 B
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 9903	96 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1215	48 KB
1	ipstack.com api.ipstack.com — Cisco Umbrella Rank: 22889	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	2 KB
1	tokenex.com test-api.tokenex.com — Cisco Umbrella Rank: 233182	25 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1724	22 KB
105	24

	Domain	Requested by
16	cdn.contentful.com	www.datadoghq-browser-agent.com
15	www.crystal-springs.com	2 redirects www.crystal-springs.com
9	cdn.cookielaw.org	www.googletagmanager.com www.datadoghq-browser-agent.com cdn.cookielaw.org www.crystal-springs.com
7	use.typekit.net	www.crystal-springs.com use.typekit.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.datadoghq-browser-agent.com
5	images.ctfassets.net
4	bat.bing.com	www.crystal-springs.com bat.bing.com
4	11674875.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	rs.fullstory.com	www.datadoghq-browser-agent.com edge.fullstory.com
3	www.google.de
3	www.google.com
3	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
3	edge.fullstory.com	www.crystal-springs.com www.datadoghq-browser-agent.com rs.fullstory.com
3	www.googletagmanager.com	www.crystal-springs.com www.googleoptimize.com
2	www.facebook.com
2	adservice.google.com	11674875.fls.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	resources.digital-cloud-west.medallia.com	www.googletagmanager.com resources.digital-cloud-west.medallia.com
2	connect.facebook.net	www.crystal-springs.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	api-production.dss-aws.com	www.datadoghq-browser-agent.com
2	p.typekit.net	use.typekit.net
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	udc-neb.kampyle.com
1	cdn.resonate.com	www.crystal-springs.com
1	www.googleoptimize.com	www.crystal-springs.com
1	api.ipstack.com	www.datadoghq-browser-agent.com
1	cdnjs.cloudflare.com	www.crystal-springs.com
1	test-api.tokenex.com	www.crystal-springs.com
1	www.datadoghq-browser-agent.com	www.crystal-springs.com
105	30

This site contains links to these domains. Also see Links.

Domain
www.water.com
shop.water.com
careers.primowatercorp.com
twitter.com
www.facebook.com
www.instagram.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
crystal-springs.com Amazon RSA 2048 M02	`2023-04-27` - `2024-05-26`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
test-api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-01-31` - `2024-01-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-07-18` - `2023-10-16`	3 months	crt.sh
apilayer.net Amazon RSA 2048 M02	`2023-02-22` - `2023-11-08`	9 months	crt.sh
cdn.contentful.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.dss-aws.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-05`	10 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.digital-cloud-west.medallia.com SSL.com RSA SSL subCA	`2022-10-13` - `2023-11-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2023-03-29` - `2024-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.crystal-springs.com/terms-and-conditions
Frame ID: 776CAB1B9BF27F435107D04CF52C3ADB
Requests: 93 HTTP requests in this frame

Frame: https://11674875.fls.doubleclick.net/activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions
Frame ID: 2CCC5CFB4C67DE5695212A664D9482A2
Requests: 2 HTTP requests in this frame

Frame: https://11674875.fls.doubleclick.net/activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions
Frame ID: 3A1690A04C141D9E4279CFD5580DA720
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terms and ConditionsBack ButtonFilter Button

Page URL History Show full URLs

https://www.crystal-springs.com/bottled-water-terms-and-conditions HTTP 301
http://www.crystal-springs.com/terms-and-conditions HTTP 301
https://www.crystal-springs.com/terms-and-conditions Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

105
Requests

100 %
HTTPS

60 %
IPv6

24
Domains

30
Subdomains

30
IPs

4
Countries

2863 kB
Transfer

9464 kB
Size

23
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.water.com/myaccount
Title: www.water.com/myaccount

Search URL Search Domain Scan URL

URL: https://www.water.com/bottled-water-privacy-policy
Title: https://www.water.com/bottled-water-privacy-policy

Search URL Search Domain Scan URL

URL: https://shop.water.com/?referral_campaign=footer
Title: Buy Dispenser

Search URL Search Domain Scan URL

URL: https://careers.primowatercorp.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/DrinkCrystal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/crystalsprings

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crystalsprings_h2o

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.crystal-springs.com/bottled-water-terms-and-conditions HTTP 301
http://www.crystal-springs.com/terms-and-conditions HTTP 301
https://www.crystal-springs.com/terms-and-conditions Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://11674875.fls.doubleclick.net/activityi;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions HTTP 302
https://11674875.fls.doubleclick.net/activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions

Request Chain 74

https://11674875.fls.doubleclick.net/activityi;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions HTTP 302
https://11674875.fls.doubleclick.net/activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request terms-and-conditions Show response
www.crystal-springs.com/
Redirect Chain

https://www.crystal-springs.com/bottled-water-terms-and-conditions
http://www.crystal-springs.com/terms-and-conditions
https://www.crystal-springs.com/terms-and-conditions

6 KB
3 KB

160ms
160ms

Document
text/html

3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/terms-and-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: c284d2c4d928f9dfc116564aaf66a49161618f3afe07ae8a5a8372f551f796fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 12:28:20 GMT
etag: W/"1932-iSLHBdRVy1Hu4fJhHxxHl7GX2BM"
server: Apache
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Wed, 23 Aug 2023 12:28:20 GMT
Location: https://www.crystal-springs.com:443/terms-and-conditions
Server: awselb/2.0

GET
H2 200 datadog-rum-us.js Show response
www.datadoghq-browser-agent.com/ 64 KB
22 KB 117ms
17ms Script
application/javascript 65.9.82.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.82.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-82-42.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:01 GMT
content-encoding: gzip
via: 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jul 2021 12:21:10 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
age: 21
etag: W/"20e006a0c5730657dae04bb52a46d540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: VLh-xfHHPe1AkyWxsxly1KpYrITM1s6OtKAvs5CYYhuemxF6_4oNdQ==

GET
H2 200 vfp0dln.css
use.typekit.net/ 20 KB
2 KB 265ms
62ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vfp0dln.css

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5fbf2ec3d025fbd63deedab5cba25c5d43f6bf95998c11949ef644c898db5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 23 Aug 2023 12:28:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1695

GET
H2 200 wij6xgj.css
use.typekit.net/ 5 KB
1 KB 265ms
62ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wij6xgj.css

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

15e8e19319e2f8f78ae113b839065145699fbd8cb170c4f8b84ff8d4e6afca82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 23 Aug 2023 12:28:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 865

GET
H2 200 TokenEx-Lite.js Show response
test-api.tokenex.com/inpage/js/ 223 KB
25 KB 657ms
256ms Script
application/javascript 20.37.143.183
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://test-api.tokenex.com/inpage/js/TokenEx-Lite.js

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.37.143.183 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ddd985c202e199084974c10cc351e3966f20018bbdd3b94b7734c26f6e92a8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 23 Aug 2023 12:28:21 GMT
last-modified: Tue, 09 May 2023 14:43:10 GMT
etag: "05323938482d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 25358

GET
H2 200 bundle.37969408.css
www.crystal-springs.com/static/css/ 1 MB
90 KB 104ms
103ms Stylesheet
text/css 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/css/bundle.37969408.css
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 21e94b5f2f7be0b886fc91ef282f0cadac20118bf554a635dc70c463c95ae3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"101c3c-1899cfe2a50"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 sanitize.min.css
cdnjs.cloudflare.com/ajax/libs/10up-sanitize.css/8.0.0/ 3 KB
2 KB 57ms
23ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/10up-sanitize.css/8.0.0/sanitize.min.css

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

824df3f974e44f6ae3aef03170a0c0d79387e30d45b2cc84c27482dd69ca6d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1664685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1057
last-modified: Thu, 03 Aug 2023 19:17:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64cbe11a-421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmnK9Xq1sEr13J8ph8MKo38gumhSTn9jV8ovx8tkWWVLBF2hMzntX0eGk%2FZRvBcvl0LP1iJUMs1b9MQtWb%2FhcOEnPXHE1kwPFkpmKSYlhXZcwXMcmZrSIEHH5EOJlyz%2BXQjnHYWgaFhrt5g3Nhbvwlr%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb35ad78e57371a-FRA
expires: Mon, 12 Aug 2024 12:28:21 GMT

GET
H2 200 bundle.18e6399b.js Show response
www.crystal-springs.com/static/js/ 4 MB
1 MB 98ms
98ms Script
application/javascript 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: a60440909baad51aab3b48f2f13b60892cd8bfffeac56a281d04f0a444cf7529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"431428-1899cfe2a50"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 343 KB
102 KB 289ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7af3e7c94ef3d43c02095c557fb223f86f81f813c6fc7b848e4861c6af527785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103677
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 12:28:21 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 100ms
38ms Stylesheet
text/css 2a02:26f0:7100::1720:ee1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=wij6xgj&ht=tk&f=40488.40489.40490.40492.40493.40494.40496&a=107411129&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wij6xgj.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ee1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:21 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 97ms
36ms Stylesheet
text/css 2a02:26f0:7100::1720:ee1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vfp0dln&ht=tk&f=17265.17266.17267.17268.17269.17270.17271.17272.17273.17274.17275.17276.30804.30805.30806.30807.30808.30809.30810.30811.30812.30813.30814.30815.30816.30817.30818.30819&a=13939678&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfp0dln.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ee1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:21 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 75ms
20ms Script
application/javascript 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 55308
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:10:59 GMT
server: cloudflare
etag: 0x8DBA269973EC8AB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bd67f6c-c01e-006d-2268-d48dc8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb35adc4d9e3a3e-FRA

GET
H2 200 884ba2f6-c602-4a68-a168-7ae95856cdb8.json Show response
cdn.cookielaw.org/consent/884ba2f6-c602-4a68-a168-7ae95856cdb8/ 3 KB
2 KB 46ms
29ms XHR
application/x-javascript 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/884ba2f6-c602-4a68-a168-7ae95856cdb8/884ba2f6-c602-4a68-a168-7ae95856cdb8.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4513841cae3f2a2c5d51023a9cf7b44a5f6f2cfeab7c024f0784f91153d814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26932
content-md5: JKWif5BCuwzECfI75A0tLA==
content-length: 1439
x-ms-lease-status: unlocked
last-modified: Sun, 23 Jul 2023 15:44:10 GMT
server: cloudflare
etag: 0x8DB8B93A82A1839
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5a621525-a01e-0050-1480-bdc7ee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb35adc8f3b9b8f-FRA
expires: Thu, 24 Aug 2023 12:28:21 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/ 404 KB
98 KB 21ms
20ms Script
application/javascript 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec50412f5f4a206aa4525377add48f460c5e596a4aecaabecd56f15737fa8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +MbZ9DgpGaofE6OXFTKawA==
age: 78713
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99611
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:44 GMT
server: cloudflare
etag: 0x8DB834B4115B7B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0bcc9d45-f01e-00e9-2571-b524e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb35adcce403a3e-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/884ba2f6-c602-4a68-a168-7ae95856cdb8/12646662-9eba-40b1-9698-9b32a41d9769/ 42 KB
10 KB 30ms
30ms Fetch
application/x-javascript 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/884ba2f6-c602-4a68-a168-7ae95856cdb8/12646662-9eba-40b1-9698-9b32a41d9769/en.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a08560db868d4f24e5d194c5ec356517578f3d9085994bc206e8da9fa3832c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26932
content-md5: D6ODwDX7yZES6ik4JbwVhA==
content-length: 9999
x-ms-lease-status: unlocked
last-modified: Sun, 23 Jul 2023 15:44:12 GMT
server: cloudflare
etag: 0x8DB8B93A9E54346
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2d325f8f-b01e-00e5-1a80-bdca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb35add0fe79b8f-FRA
expires: Thu, 24 Aug 2023 12:28:21 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/assets/v2/ 62 KB
13 KB 22ms
21ms Fetch
application/json 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/assets/v2/otPcTab.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: b0f9u2VCQuP55PHsA7RjAw==
age: 26931
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13388
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:39 GMT
server: cloudflare
etag: 0x8DB834B3E6E9E67
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 778f3bfd-301e-0092-0aa7-bd4f50000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb35add58899b8f-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.2.0/assets/ 21 KB
4 KB 44ms
44ms Fetch
text/css 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.2.0/assets/otCommonStyles.css

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 26931
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jul 2023 02:45:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0e97e62a-901e-0053-6aa7-bdc4e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb35add588a9b8f-FRA

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
66 KB 58ms
12ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886

Request headers

Referer: https://www.crystal-springs.com/
Origin: https://www.crystal-springs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:17:17 GMT
content-encoding: br
age: 665
x-guploader-uploadid: ADPycduH72zkLCYaFs00gDcl3XtjUszBgEW2s_mRgYTqs5wk6od05DN8FcunkINVzw4HN-enIyLzEibA7ZmE1UaKUZopfHol1jCm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67382
last-modified: Thu, 17 Aug 2023 14:49:44 GMT
server: UploadServer
etag: "73ae3407fb422f1b2d35137c774b84b1"
vary: Accept-Encoding
x-goog-generation: 1692283784371563
x-goog-hash: crc32c=1E7iYA==, md5=c640B/tCLxstNRN8d0uEsQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67382
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 23 Aug 2023 13:17:17 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
512 B 22ms
21ms Fetch
image/svg+xml 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 26932
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:11:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5c51ae10-601e-005b-5efb-d400b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb35addc9499b8f-FRA

GET
H2 200 header-logo.png
cdn.cookielaw.org/logos/1839c678-1071-4e5e-8f3b-4fdc4ca251c7/3c6e049b-0b60-44b2-9cc4-7596cbaa9294/01981b29-2d4f-47a1-b01e-e39b235bb429/ 85 KB
85 KB 41ms
40ms Image
image/png 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/1839c678-1071-4e5e-8f3b-4fdc4ca251c7/3c6e049b-0b60-44b2-9cc4-7596cbaa9294/01981b29-2d4f-47a1-b01e-e39b235bb429/header-logo.png

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a19cf8130d037ebc5d3ecb3eac6e9f01f4982ae3051cca4cd0bab136126f352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3AP6hTLbsgURLq+bapJWPQ==
content-length: 87040
x-ms-lease-status: unlocked
last-modified: Mon, 17 Jul 2023 18:22:22 GMT
server: cloudflare
etag: 0x8DB86F2C3C6F164
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: dad05d70-201e-00eb-6f7f-bd261a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fb35adddfb93a3e-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 20ms
19ms Image
image/svg+xml 2606:4700::6812:bbda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bbda , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 23 Aug 2023 12:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 58015
x-ms-lease-status: unlocked
last-modified: Mon, 21 Aug 2023 17:11:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 051cfcad-a01e-0019-445a-d4b938000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fb35adddfba3a3e-FRA

GET
H2 200 web Show response
edge.fullstory.com/s/settings/P46R1/v1/ 8 KB
3 KB 9ms
8ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/P46R1/v1/web
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bdfc5037c5e62d7f303ca6b89b63cec10a761d5b74486374be28da313e827822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:15 GMT
content-encoding: gzip
age: 7
x-guploader-uploadid: ADPycdveiWR7QkrsFxohoJH029uO9dzphIwK6jEAlteyHFCn0ERlBwCfVBA3F8fqg4wAUXwnqq-eaatKNkYtMpe68UKYeQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2279
last-modified: Wed, 23 Aug 2023 12:20:21 GMT
server: UploadServer
etag: "a073490e9f65a032d3d71cff62d6e99e"
x-goog-generation: 1692793221255191
x-goog-hash: crc32c=6wjWHw==, md5=oHNJDp9loDLT1xz/Ytbpng==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 2279
accept-ranges: bytes
content-type: application/json
expires: Wed, 23 Aug 2023 12:43:15 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 8 KB
3 KB 355ms
317ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d818bbd0eb04402125ad4d50f222a3f09dfa9a31c3cf73a3cf613d5c9a3799cc

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.crystal-springs.com
date: Wed, 23 Aug 2023 12:28:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 9 KB
9 KB 143ms
142ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=P46R1
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2ae6b334f6058de9352ac6d36e43f6d41e6051d2f4c906b96629c711248b5706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:22 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 42 KB
12 KB 24ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=P46R1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:01:50 GMT
content-encoding: gzip
age: 1592
x-guploader-uploadid: ADPycdu_TtXAV4aMDPcfbnuuR-ROul6kXpB13fqQhpPgQc7eYxhQDC4zZQh9LVOoJwKd-AkzAGG_Gkqk_MuTO6XcRGwUaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11918
last-modified: Thu, 03 Aug 2023 16:30:48 GMT
server: UploadServer
etag: "038e81eb121703e8bf798099bb4fb954"
x-goog-generation: 1691080248135238
x-goog-hash: crc32c=EPsiLQ==, md5=A46B6xIXA+i/eYCZu0+5VA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11918
accept-ranges: bytes
expires: Wed, 23 Aug 2023 13:01:50 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 3680ms
3662ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=P46R1&UserId=6587567300554752&SessionId=6080311295356928&PageId=4396190640346402666&Seq=1&PageStart=1692793702272&PrevBundleTime=0&LastActivity=862&IsNewSession=true
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0c557b67edf013e5eec9dd4be4dc35b44c6488215981c942cb9a56200be243eb

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.crystal-springs.com
date: Wed, 23 Aug 2023 12:28:23 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 LoadableModal.b0ecc058.chunk.css
www.crystal-springs.com/static/css/ 1 KB
762 B 101ms
101ms Stylesheet
text/css 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/css/LoadableModal.b0ecc058.chunk.css
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 7976f1492de7c2d0ce84f783f2fe84e68d6b7c6be96e782ac5ca3ed1f3eb1269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"4fc-1899cfe2a50"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 LoadableModal.0f48f625.chunk.js Show response
www.crystal-springs.com/static/js/ 4 KB
2 KB 99ms
99ms Script
application/javascript 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/js/LoadableModal.0f48f625.chunk.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 1f3a2e014c96c3b61e19eced33c082556b193cef07c46601489e4fa6195a5ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"e70-1899cfe2a50"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 loading.c5590569.svg
www.crystal-springs.com/static/media/ 2 KB
1 KB 135ms
135ms Image
image/svg+xml 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crystal-springs.com/static/media/loading.c5590569.svg
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 14a2ca44b4a9265b3e8cf3152cde9d7941d3c6e9ad44a658c3e029bf99f3d30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"8e2-1899cfe2a50"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H/1.1 200
OK check Show response
api.ipstack.com/ 930 B
1 KB 663ms
126ms XHR
application/json 34.197.248.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipstack.com/check?access_key=9f4cb51119cb6d3f0aab85640d0f2659
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.248.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-248-129.compute-1.amazonaws.com
Software: /
Resource Hash: cbeacfa1f7a55b22f7c3ff0a75e212f756ff80c9b4eabe5316ec6857f168d845

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
x-apilayer-transaction-id: e2128afc-245c-4eda-8886-085ef90251bd
transfer-encoding: chunked
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-request-time: 0.029
x-quota-limit: 4000000
access-control-allow-headers: *
x-increment-usage: 1
x-quota-remaining: 3386857

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 38 KB
16 KB 9ms
8ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=jsonData&fields.entryTitle%5Bin%5D=Acquisition%20%3E%20French&include=10&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

b7d4de0b04f56792a9876ce825ffbf76b415467cce3836df7d822fd8dfac12ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511070
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 15091
x-served-by: cache-ewr18180-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: d4916de8-b896-4387-8586-4d7448bae61c
cf-environment-id: production
server: Contentful
x-timer: S1692793714.513374,VS0,VE1
etag: W/"13723994515810427689"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 40, 1

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 2 KB
916 B 11ms
11ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?sys.id=5Yb812r4dC1Oc19T3UXS8m&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

97c2ac207ecd293b1c5178659be3883056ce86ad62713f1c1638cd4693f5fe8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511246
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 760
x-served-by: cache-ewr18130-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: 498ae574-7d06-428f-a980-08c4cd9f4c09
cf-environment-id: production
server: Contentful
x-timer: S1692793714.513484,VS0,VE2
etag: W/"13212670478011859978"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 67, 1

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 6 KB
1 KB 13ms
12ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=promotionLandingPagePaths&include=10&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

26014c8b5857083673ab49d389be2526a5e49cf69ba6763f26e1a042c4be7391

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511025
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 1054
x-served-by: cache-ewr18174-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: ab2a611f-2d09-4e86-b11d-acc5f364fd5a
cf-environment-id: production
server: Contentful
x-timer: S1692793714.513361,VS0,VE3
etag: W/"8287889470690132111"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 43, 1

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 124 KB
48 KB 315ms
24ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WCNX83Q

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b5c745cc10d54f140d3006c5be1954dee2e35806f078b78ab49195cbdfe86d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49082
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 12:28:33 GMT

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 130ms
8ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=jsonData&fields.entryTitle%5Bin%5D=Acquisition%20%3E%20French&include=10&locale=en-US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68306
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 612, 2
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: dff1a818-0d6e-420c-b7a1-6b33d76a7637
x-served-by: cache-ewr18180-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.504598,VS0,VE0

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 130ms
8ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?sys.id=5Yb812r4dC1Oc19T3UXS8m&locale=en-US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68306
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 1395, 2
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: e75173a5-df02-468d-a20b-521fd7a32761
x-served-by: cache-ewr18130-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.504732,VS0,VE1

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 130ms
8ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=promotionLandingPagePaths&include=10&locale=en-US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68306
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 718, 3
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: f106a95a-baca-486f-8769-c8a71c77c797
x-served-by: cache-ewr18174-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.504716,VS0,VE0

POST
H2 200 pub472cfad8cc0f5aa7fda7e5c0f0c09b35
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 735ms
209ms Ping
application/json 2600:1f18:24e6:b902:cd23:8605:eb9b:f194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub472cfad8cc0f5aa7fda7e5c0f0c09b35?ddsource=browser&ddtags=sdk_version%3A2.18.0&batch_time=1692793713500
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:cd23:8605:eb9b:f194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 10ms
9ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=jsonData&fields.entryTitle%5Bin%5D=Acquisition%20%3E%20Canada%20%3E%20English&include=10&locale=en-US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68306
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 604, 2
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: 44803820-4eb6-4620-a51b-96f6561590d9
x-served-by: cache-ewr18156-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.538468,VS0,VE0

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 3 KB
2 KB 15ms
15ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=jsonData&fields.entryTitle%5Bin%5D=Acquisition%20%3E%20Canada%20%3E%20English&include=10&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

c07912745d65c430ddcfda09bd82ee56e17f21248cabe122ab656ebba23a776f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511181
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 1315
x-served-by: cache-ewr18156-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: f822eb1f-909e-452e-84a7-51ff945dd61a
cf-environment-id: production
server: Contentful
x-timer: S1692793714.551133,VS0,VE1
etag: W/"3612489871067790858"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 47, 1

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 10ms
10ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?sys.id=5coHCEQ6FD1ECzrYSD44kE&locale=en-US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68306
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 645, 2
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: d7a105c9-1201-43b9-96bd-50cb70844b77
x-served-by: cache-ewr18142-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.541611,VS0,VE0

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 128 KB
18 KB 17ms
17ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?sys.id=5coHCEQ6FD1ECzrYSD44kE&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

5f840aeedacc6d63f658aa3733ce0da2ec4084c5831a3365841028091e6b6f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511236
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 18018
x-served-by: cache-ewr18142-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: c83ea2ae-0b23-4b98-9e09-369e2456def8
cf-environment-id: production
server: Contentful
x-timer: S1692793714.556010,VS0,VE1
etag: W/"5313774089031105723"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 72, 1

GET
H2 200 TermsAndConditions.084d4f6c.chunk.js Show response
www.crystal-springs.com/static/js/ 474 B
705 B 106ms
106ms Script
application/javascript 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/js/TermsAndConditions.084d4f6c.chunk.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 7b3756bb48adc7496142ee2095b58594c3d70bc525845c27eb1198b1f8e96721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"1da-1899cfe2a50"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 474

GET
H2 200 l
use.typekit.net/af/be76d4/00000000000000003b9b3129/27/ 30 KB
30 KB 114ms
57ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/be76d4/00000000000000003b9b3129/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfp0dln.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ec99fd2eb421e11a2dd61cfbf4d37138366767ea31a49c5e18692c401f39c4c7

Request headers

Referer: https://use.typekit.net/vfp0dln.css
Origin: https://www.crystal-springs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
server: nginx
etag: "18a7816e99543f8e340d228f839292cb118a8b9d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30836

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 4 KB
2 KB 22ms
22ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=jsonData&fields.entryTitle%5Bin%5D=Acquisition%20%3E%20English&include=10&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

d68c296961e332e965584552b1cbfa77ac1b214879275116f0d4ff9ec2fbd0f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511132
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 1344
x-served-by: cache-ewr18121-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: 4f05cab0-46f4-487b-b7d6-d0991826c78c
cf-environment-id: production
server: Contentful
x-timer: S1692793714.611014,VS0,VE5
etag: W/"1999630857725139338"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 44, 1

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 14ms
14ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=jsonData&fields.entryTitle%5Bin%5D=Acquisition%20%3E%20English&include=10&locale=en-US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68306
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 588, 2
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: 65d885be-bb0d-435c-a35e-7a83f151eb1a
x-served-by: cache-ewr18121-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.594664,VS0,VE0

GET
H2 200 LandingPage.73f1ab23.chunk.js Show response
www.crystal-springs.com/static/js/ 4 KB
2 KB 101ms
101ms Script
application/javascript 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/js/LandingPage.73f1ab23.chunk.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: dfbc49fd57ddb895613cade115d26e3ec11befb14fd4420a843f38460a889727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"fdd-1899cfe2a50"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 284 KB
57 KB 334ms
333ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=page&fields.slug=terms-and-conditions&fields.site.sys.contentType.sys.id=domain&fields.site.fields.slug=acquisition-unified&include=10&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

fcb0396c4daa421374c1b7718ab46878a01c24ca44a8ef96614950b5b7eae664

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 0
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 57930
x-served-by: cache-ewr18142-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: 451aa5c1-9b62-478b-acf2-638fb3ac13aa
cf-environment-id: production
server: Contentful
x-timer: S1692793714.987509,VS0,VE324
etag: W/"11332744673750182570"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 1, 0

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 312ms
312ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 0
date: Wed, 23 Aug 2023 12:28:33 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 2, 0
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: 00095fd1-6bf6-4b03-922d-6e2542192259
x-served-by: cache-ewr18142-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.674409,VS0,VE90

GET
H2 200 openapi.json Show response
api-production.dss-aws.com/v1/ 115 KB
116 KB 575ms
372ms Fetch
application/json 44.216.127.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-production.dss-aws.com/v1/openapi.json
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.127.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-127-92.compute-1.amazonaws.com
Software: / Express
Resource Hash: 73b7424fea4e23e7144e2bb02784bf5016415d0eeb1a2f066fe6ebf6f5a0dec2

Request headers

Accept: application/json, application/yaml
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
x-powered-by: Express
etag: W/"1cc43-jKS2s9Ij4Ce3OwpiOlbnn9tFehc"
access-control-max-age: 604800
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.crystal-springs.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 117827

GET
H2 200 PromotionAppliedDialog.95402ab9.chunk.css
www.crystal-springs.com/static/css/ 707 B
928 B 98ms
98ms Stylesheet
text/css 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/css/PromotionAppliedDialog.95402ab9.chunk.css
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 9b6f2c71c6ecb655d7f40648b5abe99bfa1784d67fb8dc9d0f204e7cd6741a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"2c3-1899cfe2a50"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 707

GET
H2 200 PromotionAppliedDialog.5dae01fb.chunk.js Show response
www.crystal-springs.com/static/js/ 3 KB
2 KB 229ms
228ms Script
application/javascript 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crystal-springs.com/static/js/PromotionAppliedDialog.5dae01fb.chunk.js
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 03e18d6a6daf1b1ffa0c1e4e549700faf0fabef48fe7f7bf1bd602d9da5d1382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"b6f-1899cfe2a50"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 loading.c5590569.svg
www.crystal-springs.com/static/media/ 2 KB
1 KB 229ms
228ms Image
image/svg+xml 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crystal-springs.com/static/media/loading.c5590569.svg
Requested by: Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/static/js/bundle.18e6399b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 14a2ca44b4a9265b3e8cf3152cde9d7941d3c6e9ad44a658c3e029bf99f3d30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"8e2-1899cfe2a50"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 Primo-CrystalSprings_lockup.svg
images.ctfassets.net/x1vbd41hpla5/378KAaZzgnugOye95v5d13/761b14b513048fa0aed82e2392e641da/ 39 KB
12 KB 303ms
34ms Image
image/svg+xml 2600:9000:26da:3a00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/x1vbd41hpla5/378KAaZzgnugOye95v5d13/761b14b513048fa0aed82e2392e641da/Primo-CrystalSprings_lockup.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:3a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 569d20b880a8a1ecbaa973daa43fc1159d567adda299cec5f5d9f70581dd08ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:33:59 GMT
content-encoding: gzip
via: 1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 21:44:53 GMT
server: Contentful Images API
x-amz-cf-pop: MUC50-P4
age: 64476
etag: W/"3c39eac7bb13a9c80e870f00a45fd59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: RR7wKUTowSFN-V3SWRkk1pppWljjBWdOZCixzoLxH4-wlX8wX73-ag==

GET
H2 200 Account-New.b71ac79f.svg
www.crystal-springs.com/static/media/ 5 KB
2 KB 187ms
186ms Image
image/svg+xml 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crystal-springs.com/static/media/Account-New.b71ac79f.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: fd189c34f9e86d2a7b3cd21084c6bc719ed929081eb8c6495fec7f14efa95fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"15fe-1899cfe2a50"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 Cart.a4cb220b.svg
www.crystal-springs.com/static/media/ 2 KB
1 KB 188ms
187ms Image
image/svg+xml 3.234.93.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crystal-springs.com/static/media/Cart.a4cb220b.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.93.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-93-111.compute-1.amazonaws.com
Software: Apache / Express
Resource Hash: 6c74ab1d46a760a16ca1c98034825bf95a1eea27b1217015b8b566b10057adcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/terms-and-conditions
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Jul 2023 14:54:10 GMT
server: Apache
x-powered-by: Express
etag: W/"953-1899cfe2a50"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H2 200 Crystal_Springs_blue.svg
images.ctfassets.net/x1vbd41hpla5/4JEgnkbEau4JJQHiosVPBG/18fe23228cac3b974a26fd86562e6f65/ 29 KB
12 KB 286ms
18ms Image
image/svg+xml 2600:9000:26da:3a00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/x1vbd41hpla5/4JEgnkbEau4JJQHiosVPBG/18fe23228cac3b974a26fd86562e6f65/Crystal_Springs_blue.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:3a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c4cf9f8144142f06620107e7c797b191a568f8901b08f6f0d60c9cf289f7d818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
via: 1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 22:13:42 GMT
server: Contentful Images API
x-amz-cf-pop: MUC50-P4
age: 13844
etag: W/"6dc223b4d3a94ebc56d7ac137e40204c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: whNFJkXY9ZDCoKwTefbE7e0sCNfMX_NG2wFmaqCBx2zbqJ6rh455kA==

GET
H2 200 twitter.svg
images.ctfassets.net/x1vbd41hpla5/67UAoBmPZuC6RRYWSBicRQ/75c1c0e108e4a89d128b27083db27e7f/ 679 B
1 KB 284ms
17ms Image
image/svg+xml 2600:9000:26da:3a00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/x1vbd41hpla5/67UAoBmPZuC6RRYWSBicRQ/75c1c0e108e4a89d128b27083db27e7f/twitter.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:3a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4e522e2f705aac23445e06ec40498dac538c103c73a2e31d448ba693bff2f740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:10:47 GMT
via: 1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jan 2020 15:53:23 GMT
server: Contentful Images API
x-amz-cf-pop: MUC50-P4
age: 19068
etag: "8536ef20aa1d328a718d9e6575148826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 679
x-amz-cf-id: ia5q3wfATb9J2HxGr1qAeFFHiyP5uaW7gO0mvdnSOkBtH_M0Fpyzww==

GET
H2 200 Facebook.svg
images.ctfassets.net/x1vbd41hpla5/53ibHQXHgQer8t1uUPu3V4/4a0519cc60ca61203aec7be8eaf74b03/ 558 B
949 B 277ms
9ms Image
image/svg+xml 2600:9000:26da:3a00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/x1vbd41hpla5/53ibHQXHgQer8t1uUPu3V4/4a0519cc60ca61203aec7be8eaf74b03/Facebook.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:3a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c0e8e50dc4765e80f01bacc04e05706ccd3770bb3c2ec14fedac46bb9237eec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 16:07:11 GMT
via: 1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jan 2020 15:55:35 GMT
server: Contentful Images API
x-amz-cf-pop: MUC50-P4
age: 73284
etag: "a2fa7a5234249f6d391752a6826bf36c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 558
x-amz-cf-id: GQwWOpH3pujx05WEE2A7lYL1tciv4qypJMDjDWBmJUlTMqSrjP5Tng==

GET
H2 200 Instagram.svg
images.ctfassets.net/x1vbd41hpla5/4vHgJRjfrTaJDpwfqt3obH/0988274b90e2fb16d085a8ef792f8196/ 860 B
1 KB 301ms
33ms Image
image/svg+xml 2600:9000:26da:3a00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/x1vbd41hpla5/4vHgJRjfrTaJDpwfqt3obH/0988274b90e2fb16d085a8ef792f8196/Instagram.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:3a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: eac506047e4d7c901855e23310a1d58041b779389e8a3c7fcbd2bc694cb68a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 11:55:55 GMT
via: 1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jan 2020 15:56:01 GMT
server: Contentful Images API
x-amz-cf-pop: MUC50-P4
age: 1960
etag: "a4a8b33bb0ebfe8ffe47654e436c1d3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 860
x-amz-cf-id: L60BAmrlzWoD0cPO6zxpcFhkeG-MOt5eMGgNFpEKvbjEV5mkBewPIA==

GET
H2 200 entries Show response
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ 3 KB
1 KB 11ms
11ms XHR
application/vnd.contentful.delivery.v1+json 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/entries?content_type=productCategory&fields.home=true&select=fields.name%2Cfields.urlName%2Cfields.sequence%2Csys&include=10&locale=en-US

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

e8e6a96c87afe8c993ca9d946ea83f5fe519b2faa931fb23319dd964c1cad7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization: Bearer cf3168c0ee897739bce0402d2f429692c4665d61293847d9fcbdd9c8ca373210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
contentful-api: cda
age: 511173
cf-organization-id: 318dpZgapLtktOYVg7Ol3V
cf-environment-uuid: 320ecf9a-dc18-4cf4-9baf-ce512df209c0
x-cache: HIT
cf-space-id: x1vbd41hpla5
content-length: 704
x-served-by: cache-ewr18162-EWR, cache-fra-eddf8230125-FRA
x-contentful-request-id: 426fc3c9-8f7f-4136-86e9-10d611f6996c
cf-environment-id: production
server: Contentful
x-timer: S1692793714.467839,VS0,VE1
etag: W/"10685121826043441953"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
access-control-allow-origin: *
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 16, 1

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/x1vbd41hpla5/environments/production/ Frame 0
0 9ms
9ms Preflight 146.75.118.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://www.crystal-springs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 68307
date: Wed, 23 Aug 2023 12:28:34 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 536, 2
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: bf1cb0b1-36a0-4894-b590-13525f3da506
x-served-by: cache-ewr18162-EWR, cache-fra-eddf8230125-FRA
x-timer: S1692793714.457835,VS0,VE0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 310ms
274ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2331
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 13:49:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/634239029/ 3 KB
2 KB 121ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/634239029/?random=1692793714462&cv=11&fst=1692793714462&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&hn=www.googleadservices.com&frm=0&tiba=Terms%20and%20Conditions&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99e31c4b0908daaaea6432c50358079567b6eeec9c36f1e54ece23ed20b2aa51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/de34bd/00000000000000003b9b312d/27/ 30 KB
30 KB 15ms
14ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/de34bd/00000000000000003b9b312d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfp0dln.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fdc5538331e57fd93ad03a6c5d194915d149de1bb7d63ce07c786e6e613e55c5

Request headers

Referer: https://use.typekit.net/vfp0dln.css
Origin: https://www.crystal-springs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
server: nginx
etag: "6f55d6593168cb9c256bf07db27a348d246502a3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30624

GET
H2 200 l
use.typekit.net/af/964cfd/00000000000000003b9b312b/27/ 30 KB
30 KB 19ms
18ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/964cfd/00000000000000003b9b312b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfp0dln.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 004c8929b9b9882caeb6e634ccfc5475ef349d39a2b4d33152b80e9ed3e5eaca

Request headers

Referer: https://use.typekit.net/vfp0dln.css
Origin: https://www.crystal-springs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
server: nginx
etag: "2a23bd3520420279bd62c27b62d7c81ad001a39c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30680

GET
H2 200 l
use.typekit.net/af/3e4147/00000000000000007735b8fb/30/ 18 KB
19 KB 22ms
22ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3e4147/00000000000000007735b8fb/30/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wij6xgj.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7a84fecb4e494f9b45957c7802b0feafd96dfdcaeeeb019a99765eaaf81fa20f

Request headers

Referer: https://use.typekit.net/wij6xgj.css
Origin: https://www.crystal-springs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
server: nginx
etag: "01b13f6fe4982dd02d406d9fe3ca846ea521ff21"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18752

GET
H2 200 l
use.typekit.net/af/42930b/00000000000000007735b8f6/30/ 22 KB
22 KB 48ms
47ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/42930b/00000000000000007735b8f6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wij6xgj.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb

Request headers

Referer: https://use.typekit.net/wij6xgj.css
Origin: https://www.crystal-springs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
server: nginx
etag: "eded4f04a82d452a8cbdbd77cbfeb2827dc8164b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22596

GET
H2

200

activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u... Show response
11674875.fls.doubleclick.net/ Frame 2CCC
Redirect Chain

https://11674875.fls.doubleclick.net/activityi;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
https://11674875.fls.doubleclick.net/activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l...

498 B
627 B

121ms
120ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11674875.fls.doubleclick.net/activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e25f22182b2ed1066c282f737cb1c2742fdecf4816fdb849c687da5079935535

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crystal-springs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 12:28:34 GMT
expires: Wed, 23 Aug 2023 12:28:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 12:28:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11674875.fls.doubleclick.net/activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
90 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1SWZKBWG6E&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WCNX83Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21c608208e0baa027d0604ad232bab89b30a5860895d641ffd204bdbd5ec0edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 12:28:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 38ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PY5QMNXT1Y&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WCNX83Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e13cb0da743c64b2316496f08a738e768f9bc2b7a312b16fcf948fc76a11d562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 12:28:34 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 283ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 23 Aug 2023 12:28:34 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 618DA341949C4B848422F9BB11A1E234 Ref B: FRA31EDGE0506 Ref C: 2023-08-23T12:28:34Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 273ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 12:28:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: Owmjm5ovpuPiHMWzkOZbZLgWt1vSgcTFf52x2qcwyxnoFo+xDnFVURW/6PZwWItuJXgAAsjb5z36489RgSiNdQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/101146313/ 0
96 B 282ms
13ms Script
text/plain 104.18.13.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/101146313/analytics.min.js

Requested by

Host: www.crystal-springs.com
URL: https://www.crystal-springs.com/terms-and-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:28:34 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7fb35b2d5bae4d73-FRA
vary: Accept-Encoding

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/634239029/ 3 KB
1 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/634239029/?random=1692793714546&cv=11&fst=1692793714546&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&hn=www.googleadservices.com&frm=0&tiba=Terms%20and%20Conditions&auid=1007585469.1692793714&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ddbca3389af4fc4f182b27091114d0b9596a2c7b32cec71b06e5daf956eea28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;... Show response
11674875.fls.doubleclick.net/ Frame 3A16
Redirect Chain

https://11674875.fls.doubleclick.net/activityi;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
https://11674875.fls.doubleclick.net/activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38...

499 B
584 B

322ms
322ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11674875.fls.doubleclick.net/activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

b216f53e1dca1d710139fea1502c4b596258fc676fc460a1ab99945b216b3fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crystal-springs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 12:28:34 GMT
expires: Wed, 23 Aug 2023 12:28:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 12:28:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11674875.fls.doubleclick.net/activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/458143/onsite/ 1 KB
991 B 55ms
11ms Script
application/javascript 146.75.121.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/458143/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ9P6JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6014326b2a354b1becbd8637b13bed32589763083c1728637b3064f00c05fd41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 4yvMU4rG0UtPHpEGaeEy6XPJvIeEA5XR
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 12:28:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 7AM2TZB2ZM3HMV6K
age: 1143708
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 532
x-amz-id-2: 447lrLdZRJr0mi/1uby1DUSk4KJQXhvVqDmpOdwvAuiJQKqgc7CfX4vaBmQOzUce7b5vycV+LAk=
x-served-by: cache-fra-etou8220100-FRA
last-modified: Thu, 10 Aug 2023 06:18:57 GMT
server: AmazonS3
x-timer: S1692793715.616387,VS0,VE1
etag: "fe84d5cecc272304d1863d85b4d6f1be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 38ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1SWZKBWG6E&gtm=45je38l0&_p=1290511554&gdid=dYWJhMj&cid=616845806.1692793715&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&sid=1692793714&sct=1&seg=0&dt=Terms%20and%20Conditions&en=page_view&_fv=1&_nsi=1&_ss=1&ep.unaltered_landing_query=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1SWZKBWG6E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crystal-springs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PY5QMNXT1Y&gtm=45je38l0&_p=1290511554&gdid=dYWJhMj&cid=616845806.1692793715&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&sid=1692793714&sct=1&seg=0&dt=Terms%20and%20Conditions&en=page_view&_fv=1&_ss=1&ep.unaltered_landing_query=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PY5QMNXT1Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crystal-springs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/634239029/ 42 B
455 B 47ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/634239029/?random=1692793714462&cv=11&fst=1692792000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&frm=0&tiba=Terms%20and%20Conditions&fmt=3&is_vtc=1&random=2711332317&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/634239029/ 42 B
455 B 43ms
20ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/634239029/?random=1692793714462&cv=11&fst=1692792000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&frm=0&tiba=Terms%20and%20Conditions&fmt=3&is_vtc=1&random=2711332317&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub472cfad8cc0f5aa7fda7e5c0f0c09b35
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 147ms
147ms Ping
application/json 2600:1f18:24e6:b902:cd23:8605:eb9b:f194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub472cfad8cc0f5aa7fda7e5c0f0c09b35?ddsource=browser&ddtags=sdk_version%3A2.18.0&batch_time=1692793714686
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:cd23:8605:eb9b:f194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/634239029/ 42 B
108 B 22ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/634239029/?random=1692793714546&cv=11&fst=1692792000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&frm=0&tiba=Terms%20and%20Conditions&fmt=3&is_vtc=1&random=3121369329&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/634239029/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/634239029/?random=1692793714546&cv=11&fst=1692792000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&frm=0&tiba=Terms%20and%20Conditions&fmt=3&is_vtc=1&random=3121369329&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic1691648336071.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/458143/onsite/ 393 KB
85 KB 11ms
11ms Script
application/javascript 146.75.121.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/458143/onsite/generic1691648336071.js

Requested by

Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/458143/onsite/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.121.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb5af5910fac15e61531d21af2b9cce28f031605cfe3a63468380b67721aac9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: fWBnVVUtbjdBcbb97Ex3fu6vLCWb.rHA
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 12:28:34 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 7AMCEGSWP85GB41X
age: 1143708
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 86974
x-amz-id-2: T2zCxw59vR42W6xEnNzJrKH/4ww/NfRNBTYJnlHhbe5q9X13UG1lL7cBDDEDTMcndUUJp5Tj7ns=
x-served-by: cache-fra-etou8220100-FRA
last-modified: Thu, 10 Aug 2023 06:18:57 GMT
server: AmazonS3
x-timer: S1692793715.719473,VS0,VE1
etag: "f12484d11e74fbcfc6a7ab56c3046ed4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 140ms
105ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNi4wLjU4NDUuMTEwIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJUZXJtcyBhbmQgQ29uZGl0aW9ucyIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LmNyeXN0YWwtc3ByaW5ncy5jb20vdGVybXMtYW5kLWNvbmRpdGlvbnMiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY5Mjc5MzcxNDc1OCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDIsInVzZXJfaWQiOiAiMThhMjI1ZTM4M2Y0OTctMDI0NGYxYWU3YjE0NTQtNjUzYjUyNWItMWQ0YzAwLTE4YTIyNWUzODQwMTNkZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC13ZXN0IiwiYWNjb3VudElkIjogMzY5OTQ1LCJ1cmwiOiAiaHR0cHM6Ly93d3cuY3J5c3RhbC1zcHJpbmdzLmNvbS90ZXJtcy1hbmQtY29uZGl0aW9ucyIsIndlYnNpdGVJZCI6IDQ1ODE0MywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYTUzNi0wOTMwLTI2NGEtM2QxZC01YzkyLWRmNDAtZGRhYS04YTNkIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2OTI3OTM3MTQ3NTYiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAwNCwia2FtcHlsZV92ZXJzaW9uIjogIjIuNTIuMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNTIuMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY5Mjc5MzcxNDc1OCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-jgnr
date: Wed, 23 Aug 2023 12:28:34 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 23 Aug 2023 13:00:25 GMT

GET
H2 200 dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=*;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https...
adservice.google.com/ddm/fls/z/ Frame 2CCC 42 B
401 B 141ms
117ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=*;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions

Requested by

Host: 11674875.fls.doubleclick.net
URL: https://11674875.fls.doubleclick.net/activityi;dc_pre=CMOspoDk8oADFeoDaAgdDQgKFg;src=11674875;type=pagev0;cat=primo003;ord=355077037562;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11674875.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1551676395230603 Show response
connect.facebook.net/signals/config/ 384 KB
110 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1551676395230603?v=2.9.124&r=stable&domain=www.crystal-springs.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f671879baa28ef10ed560beafec8b4d8fa9d1b0c7c6b9622fc13112099bf8f7d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 23 Aug 2023 12:28:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: eI0obywOj4txjSIlQGavvwAGsGGw5IuIrjjkAli6cN5Jalc/uoymkgJuSKf8JXWxvWxcu2J76eJ3THEH/Rd9+g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 148009413.js Show response
bat.bing.com/p/action/ 0
118 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148009413.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 23 Aug 2023 12:28:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD789B49D6224B86919EED98381D667B Ref B: FRA31EDGE0506 Ref C: 2023-08-23T12:28:34Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
230 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148009413&Ver=2&mid=2704685a-c0fc-4b13-ab6b-23f61a5ff364&sid=9403124041b011ee9ce29512c62fc671&vid=940354f041b011ee8a022330e89caaf8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Terms%20and%20Conditions&p=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&r=&lt=13466&evt=pageLoad&sv=1&rn=228078

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 12:28:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB23C8E0AC6D4D01A748B1C060D9F8A5 Ref B: FRA31EDGE0506 Ref C: 2023-08-23T12:28:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
287 B 32ms
32ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=148009413&Ver=2&mid=2704685a-c0fc-4b13-ab6b-23f61a5ff364&sid=9403124041b011ee9ce29512c62fc671&vid=940354f041b011ee8a022330e89caaf8&vids=1&msclkid=N&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 12:28:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B499A7F2758241539F830331072D549A Ref B: FRA31EDGE0506 Ref C: 2023-08-23T12:28:34Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 17ms
17ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1290511554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&dp=%2Fterms-and-conditions&ul=en-us&de=UTF-8&dt=Terms%20and%20Conditions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjAAAAACgAI~&jid=2082192769&gjid=542956494&cid=616845806.1692793715&tid=UA-157282588-5&_gid=1063003763.1692793715&_r=1&_slc=1&gtm=45He38l0n81WQ9P6JQ&z=1661227921

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crystal-springs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 16ms
16ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1290511554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&dp=%2Fterms-and-conditions&ul=en-us&de=UTF-8&dt=Terms%20and%20Conditions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACEAjBAAAACgAMAC~&jid=1077621590&gjid=920986036&cid=616845806.1692793715&tid=UA-157282588-1&_gid=677598705.1692793715&_r=1&_slc=1&gtm=45He38l0n81WQ9P6JQ&cd3=&z=1096352603

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crystal-springs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1290511554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&dp=%2Fterms-and-conditions&ul=en-us&de=UTF-8&dt=Terms%20and%20Conditions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACEAjBAAAACgAMAC~&jid=&gjid=&cid=616845806.1692793715&tid=UA-157282588-5&_gid=1063003763.1692793715&gtm=45He38l0n81WQ9P6JQ&z=1850360672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 10:21:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7641
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1290511554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&dp=%2Fterms-and-conditions&ul=en-us&de=UTF-8&dt=Terms%20and%20Conditions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACEAjBAAAACgAMAC~&jid=&gjid=&cid=616845806.1692793715&tid=UA-157282588-1&_gid=677598705.1692793715&gtm=45He38l0n81WQ9P6JQ&cd3=&z=65692690

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 10:21:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7641
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub472cfad8cc0f5aa7fda7e5c0f0c09b35
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 141ms
141ms Ping
application/json 2600:1f18:24e6:b902:cd23:8605:eb9b:f194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub472cfad8cc0f5aa7fda7e5c0f0c09b35?ddsource=browser&ddtags=sdk_version%3A2.18.0&batch_time=1692793714865
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:cd23:8605:eb9b:f194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 74ms
33ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-157282588-1&cid=616845806.1692793715&jid=1077621590&gjid=920986036&_gid=677598705.1692793715&_u=aCjACEAjBAAAACgAMAC~&z=2033850399

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Aug 2023 12:28:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.crystal-springs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-157282588-1&cid=616845806.1692793715&jid=1077621590&_u=aCjACEAjBAAAACgAMAC~&z=1076237599

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-157282588-1&cid=616845806.1692793715&jid=1077621590&_u=aCjACEAjBAAAACgAMAC~&z=1076237599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 46ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1551676395230603&ev=PageView&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&rl=&if=false&ts=1692793714968&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692793714965.1005403705&cs_est=true&it=1692793714830&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 12:28:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=*;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=http...
adservice.google.com/ddm/fls/z/ Frame 3A16 42 B
107 B 123ms
122ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=*;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions

Requested by

Host: 11674875.fls.doubleclick.net
URL: https://11674875.fls.doubleclick.net/activityi;dc_pre=CP7SpoDk8oADFcqZnwodU78M7Q;src=11674875;type=pagev0;cat=primo003;ord=8432222654329;auiddc=1007585469.1692793714;u2=Crystal%20Springs;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11674875.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 90403 Show response
api-production.dss-aws.com/v1/brands/ 12 B
549 B 101ms
101ms Fetch
application/json 44.216.127.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-production.dss-aws.com/v1/brands/90403?source=TDB%204

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.127.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-127-92.compute-1.amazonaws.com

Software

Resource Hash

ba01c8cffd99e8e9a24b8d56ca248e3d43113b2a12476c4aa52aa8b9d399a37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 12:28:35 GMT
x-content-type-options: nosniff
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-branch-code: GAR
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.crystal-springs.com
access-control-expose-headers: X-Total-Count, X-Branch-ID, X-Brands, X-Water-Types, X-Branch-Id, X-Branch-Code
x-branch-id: 831
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1551676395230603&ev=Microdata&dl=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&rl=&if=false&ts=1692793716475&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Terms%20and%20Conditions%22%2C%22meta%3Adescription%22%3A%22null%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.124&r=stable&ec=1&o=30&fbp=fb.1.1692793714965.1005403705&it=1692793714830&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crystal-springs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 23 Aug 2023 12:28:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 267ms
142ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=P46R1&UserId=6587567300554752&SessionId=6080311295356928&PageId=4396190640346402666&Seq=2&PageStart=1692793702272&PrevBundleTime=1692793703737&LastActivity=14862&IsNewSession=true
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d117425fde9e1549bad4e1ed10190247419b625d50bc9895e40fcfe76694d21d

Request headers

Referer: https://www.crystal-springs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.crystal-springs.com
date: Wed, 23 Aug 2023 12:28:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.crystal-springs.com/	1969-12-31 23:59:59	Name: 9385f55ebf720fc75a292454fd0772d6 Value: 8009297fe653018b6e4a92bc3b04cc17
www.crystal-springs.com/	1970-01-20 14:13:14	Name: _dd_s Value: rum=1&id=343849bb-fcdc-416b-ae99-3cdec30d0163&created=1692793701147&expire=1692794601147
.crystal-springs.com/	1970-01-20 22:58:49	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Aug+23+2023+14%3A28%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=202306.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.crystal-springs.com%2Fterms-and-conditions&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CSSPD_BG%3A1%2CC0004%3A1
.crystal-springs.com/	1970-01-20 22:58:49	Name: fs_uid Value: #P46R1#6587567300554752:6080311295356928:::#/1724329702
.crystal-springs.com/	1970-01-20 16:22:49	Name: _gcl_au Value: 1.1.1007585469.1692793714
.crystal-springs.com/	1970-01-20 23:49:13	Name: _ga_1SWZKBWG6E Value: GS1.1.1692793714.1.0.1692793714.0.0.0
.crystal-springs.com/	1970-01-20 23:49:13	Name: _ga_PY5QMNXT1Y Value: GS1.1.1692793714.1.0.1692793714.0.0.0
www.crystal-springs.com/	1970-01-20 22:58:49	Name: mdLogger Value: false
www.crystal-springs.com/	1970-01-20 22:58:49	Name: kampyle_userid Value: a536-0930-264a-3d1d-5c92-df40-ddaa-8a3d
www.crystal-springs.com/	1970-01-20 22:58:49	Name: kampyleUserSession Value: 1692793714756
www.crystal-springs.com/	1970-01-20 22:58:49	Name: kampyleUserSessionsCount Value: 1
www.crystal-springs.com/	1970-01-20 22:58:49	Name: kampyleSessionPageCounter Value: 1
.crystal-springs.com/	1970-01-20 23:49:13	Name: _ga Value: GA1.2.616845806.1692793715
.crystal-springs.com/	1970-01-20 14:14:40	Name: _gid Value: GA1.2.1063003763.1692793715
.crystal-springs.com/	1970-01-20 14:14:40	Name: _uetsid Value: 9403124041b011ee9ce29512c62fc671
.crystal-springs.com/	1970-01-20 23:34:49	Name: _uetvid Value: 940354f041b011ee8a022330e89caaf8
.crystal-springs.com/	1970-01-20 14:13:13	Name: _gat_UA-157282588-5 Value: 1
.crystal-springs.com/	1970-01-20 23:49:13	Name: _rollupGa Value: GA1.2.616845806.1692793715
.crystal-springs.com/	1970-01-20 14:14:40	Name: _rollupGa_gid Value: GA1.2.677598705.1692793715
.crystal-springs.com/	1970-01-20 14:13:13	Name: _gat_UA-157282588-1 Value: 1
.bing.com/	1970-01-20 23:34:49	Name: MUID Value: 17AF65FB3F8B62A917D8768D3E006321
.crystal-springs.com/	1970-01-20 16:22:49	Name: _fbp Value: fb.1.1692793714965.1005403705
.doubleclick.net/	1970-01-20 23:34:49	Name: IDE Value: AHWqTUlhCt7r2iZYcAkegnK-AQVUBvVYJ5WqBI9ITRUgCNgE25-FxGBYXEDPLxW-8dA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11674875.fls.doubleclick.net
adservice.google.com
api-production.dss-aws.com
api.ipstack.com
bat.bing.com
cdn.contentful.com
cdn.cookielaw.org
cdn.resonate.com
cdnjs.cloudflare.com
connect.facebook.net
edge.fullstory.com
googleads.g.doubleclick.net
images.ctfassets.net
p.typekit.net
region1.google-analytics.com
resources.digital-cloud-west.medallia.com
rs.fullstory.com
rum-http-intake.logs.datadoghq.com
stats.g.doubleclick.net
test-api.tokenex.com
udc-neb.kampyle.com
use.typekit.net
www.crystal-springs.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
104.18.13.242
142.250.181.230
146.75.118.49
146.75.121.230
20.37.143.183
2001:4860:4802:32::36
2600:1f18:24e6:b902:cd23:8605:eb9b:f194
2600:9000:26da:3a00:12:94b3:c380:93a1
2606:4700::6811:190e
2606:4700::6812:bbda
2620:1ec:c11::200
2a00:1450:4001:810::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9d
2a02:26f0:480:f::213:7ec6
2a02:26f0:7100::1720:ee1b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.234.93.111
34.197.248.129
35.186.194.58
35.201.112.186
35.241.45.82
44.216.127.92
65.9.82.42
004c8929b9b9882caeb6e634ccfc5475ef349d39a2b4d33152b80e9ed3e5eaca
03e18d6a6daf1b1ffa0c1e4e549700faf0fabef48fe7f7bf1bd602d9da5d1382
0c557b67edf013e5eec9dd4be4dc35b44c6488215981c942cb9a56200be243eb
0ec50412f5f4a206aa4525377add48f460c5e596a4aecaabecd56f15737fa8f3
0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df
14a2ca44b4a9265b3e8cf3152cde9d7941d3c6e9ad44a658c3e029bf99f3d30c
15e8e19319e2f8f78ae113b839065145699fbd8cb170c4f8b84ff8d4e6afca82
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f3a2e014c96c3b61e19eced33c082556b193cef07c46601489e4fa6195a5ada
21c608208e0baa027d0604ad232bab89b30a5860895d641ffd204bdbd5ec0edd
21e94b5f2f7be0b886fc91ef282f0cadac20118bf554a635dc70c463c95ae3e4
26014c8b5857083673ab49d389be2526a5e49cf69ba6763f26e1a042c4be7391
2ae6b334f6058de9352ac6d36e43f6d41e6051d2f4c906b96629c711248b5706
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
32a8c8c75e0574d43215424909195c56e950e04c0839abec5e7cf5b0c0ac4282
39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c
3a19cf8130d037ebc5d3ecb3eac6e9f01f4982ae3051cca4cd0bab136126f352
4ddbca3389af4fc4f182b27091114d0b9596a2c7b32cec71b06e5daf956eea28
4e522e2f705aac23445e06ec40498dac538c103c73a2e31d448ba693bff2f740
569d20b880a8a1ecbaa973daa43fc1159d567adda299cec5f5d9f70581dd08ce
5f840aeedacc6d63f658aa3733ce0da2ec4084c5831a3365841028091e6b6f37
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbf2ec3d025fbd63deedab5cba25c5d43f6bf95998c11949ef644c898db5729
6014326b2a354b1becbd8637b13bed32589763083c1728637b3064f00c05fd41
63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6c74ab1d46a760a16ca1c98034825bf95a1eea27b1217015b8b566b10057adcd
73b7424fea4e23e7144e2bb02784bf5016415d0eeb1a2f066fe6ebf6f5a0dec2
7976f1492de7c2d0ce84f783f2fe84e68d6b7c6be96e782ac5ca3ed1f3eb1269
7a84fecb4e494f9b45957c7802b0feafd96dfdcaeeeb019a99765eaaf81fa20f
7af3e7c94ef3d43c02095c557fb223f86f81f813c6fc7b848e4861c6af527785
7b3756bb48adc7496142ee2095b58594c3d70bc525845c27eb1198b1f8e96721
824df3f974e44f6ae3aef03170a0c0d79387e30d45b2cc84c27482dd69ca6d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97c2ac207ecd293b1c5178659be3883056ce86ad62713f1c1638cd4693f5fe8a
99e31c4b0908daaaea6432c50358079567b6eeec9c36f1e54ece23ed20b2aa51
9b5c745cc10d54f140d3006c5be1954dee2e35806f078b78ab49195cbdfe86d8
9b6f2c71c6ecb655d7f40648b5abe99bfa1784d67fb8dc9d0f204e7cd6741a57
9e4513841cae3f2a2c5d51023a9cf7b44a5f6f2cfeab7c024f0784f91153d814
a08560db868d4f24e5d194c5ec356517578f3d9085994bc206e8da9fa3832c70
a60440909baad51aab3b48f2f13b60892cd8bfffeac56a281d04f0a444cf7529
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b216f53e1dca1d710139fea1502c4b596258fc676fc460a1ab99945b216b3fae
b7d4de0b04f56792a9876ce825ffbf76b415467cce3836df7d822fd8dfac12ff
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
ba01c8cffd99e8e9a24b8d56ca248e3d43113b2a12476c4aa52aa8b9d399a37a
bdfc5037c5e62d7f303ca6b89b63cec10a761d5b74486374be28da313e827822
c07912745d65c430ddcfda09bd82ee56e17f21248cabe122ab656ebba23a776f
c0e8e50dc4765e80f01bacc04e05706ccd3770bb3c2ec14fedac46bb9237eec8
c284d2c4d928f9dfc116564aaf66a49161618f3afe07ae8a5a8372f551f796fc
c4cf9f8144142f06620107e7c797b191a568f8901b08f6f0d60c9cf289f7d818
cbeacfa1f7a55b22f7c3ff0a75e212f756ff80c9b4eabe5316ec6857f168d845
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d117425fde9e1549bad4e1ed10190247419b625d50bc9895e40fcfe76694d21d
d15c48611b9c47c0e2f62ccde572a3925911ee9bbbbd47a2f686d294594d07fb
d68c296961e332e965584552b1cbfa77ac1b214879275116f0d4ff9ec2fbd0f0
d818bbd0eb04402125ad4d50f222a3f09dfa9a31c3cf73a3cf613d5c9a3799cc
ddd985c202e199084974c10cc351e3966f20018bbdd3b94b7734c26f6e92a8cb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbc49fd57ddb895613cade115d26e3ec11befb14fd4420a843f38460a889727
e13cb0da743c64b2316496f08a738e768f9bc2b7a312b16fcf948fc76a11d562
e25f22182b2ed1066c282f737cb1c2742fdecf4816fdb849c687da5079935535
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e6a96c87afe8c993ca9d946ea83f5fe519b2faa931fb23319dd964c1cad7ab
eac506047e4d7c901855e23310a1d58041b779389e8a3c7fcbd2bc694cb68a6f
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ec99fd2eb421e11a2dd61cfbf4d37138366767ea31a49c5e18692c401f39c4c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f671879baa28ef10ed560beafec8b4d8fa9d1b0c7c6b9622fc13112099bf8f7d
fb5af5910fac15e61531d21af2b9cce28f031605cfe3a63468380b67721aac9e
fcb0396c4daa421374c1b7718ab46878a01c24ca44a8ef96614950b5b7eae664
fd189c34f9e86d2a7b3cd21084c6bc719ed929081eb8c6495fec7f14efa95fa2
fdc5538331e57fd93ad03a6c5d194915d149de1bb7d63ce07c786e6e613e55c5

www.crystal-springs.com Open in urlscan Pro 3.234.93.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

60 %IPv6

24 Domains

30 Subdomains

30 IPs

4 Countries

2863 kBTransfer

9464 kBSize

23 Cookies

9 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.crystal-springs.com Open in urlscan Pro
3.234.93.111 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

60 %
IPv6

24
Domains

30
Subdomains

30
IPs

4
Countries

2863 kB
Transfer

9464 kB
Size

23
Cookies

105 HTTP transactions
0 data transactions