URL: https://www.15below.com/
Submission: On February 09 via api from CA — Scanned from CA

Summary

This website contacted 25 IPs in 3 countries across 15 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3034::ac43:b571, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.15below.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.
This is the only time www.15below.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 52.85.61.102 16509 (AMAZON-02)
1 104.16.182.44 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 151.139.243.18 33438 (HIGHWINDS2)
1 52.85.61.27 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.28 16509 (AMAZON-02)
1 13.225.214.106 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
1 52.85.61.99 16509 (AMAZON-02)
1 52.4.197.241 14618 (AMAZON-AES)
2 34.242.49.190 16509 (AMAZON-02)
1 54.230.162.45 16509 (AMAZON-02)
1 52.16.248.108 16509 (AMAZON-02)
1 34.240.189.36 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
1 162.247.242.18 23467 (NEWRELIC-...)
68 25
Apex Domain
Subdomains
Transfer
38 15below.com
www.15below.com
download.15below.com
3 MB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1701
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 2981
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 2973
tracking.crazyegg.com — Cisco Umbrella Rank: 2994
30 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 574
script.hotjar.com — Cisco Umbrella Rank: 726
vars.hotjar.com — Cisco Umbrella Rank: 809
in.hotjar.com — Cisco Umbrella Rank: 1615
66 KB
3 canddi.com
cdns.canddi.com — Cisco Umbrella Rank: 124992
i.canddi.com — Cisco Umbrella Rank: 256844
37 KB
2 lfeeder.com
sc.lfeeder.com — Cisco Umbrella Rank: 15256
tr.lfeeder.com — Cisco Umbrella Rank: 14088
10 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 trackedweb.net
static.trackedweb.net — Cisco Umbrella Rank: 21441
r1.trackedweb.net — Cisco Umbrella Rank: 33147
3 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 559
322 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 306
14 KB
1 canddi.io
s.canddi.io — Cisco Umbrella Rank: 203217
441 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
439 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1464
35 KB
68 15
Domain Requested by
35 www.15below.com www.15below.com
4 script.crazyegg.com www.15below.com
script.crazyegg.com
3 download.15below.com www.15below.com
2 i.canddi.com cdns.canddi.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.15below.com
1 s.canddi.io cdns.canddi.com
1 in.hotjar.com script.hotjar.com
1 tr.lfeeder.com www.15below.com
1 tracking.crazyegg.com script.crazyegg.com
1 vars.hotjar.com static.hotjar.com
1 sc.lfeeder.com www.15below.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 cdns.canddi.com www.googletagmanager.com
1 r1.trackedweb.net static.trackedweb.net
1 static.hotjar.com www.15below.com
1 static.trackedweb.net www.15below.com
1 www.googletagmanager.com www.15below.com
1 fonts.googleapis.com www.15below.com
1 www.googleoptimize.com www.15below.com
68 25

This site contains links to these domains. Also see Links.

Domain
15below.com
twitter.com
en-gb.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-14 -
2022-07-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.trackedweb.net
Amazon
2021-07-01 -
2022-07-30
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
r1.trackedweb.net
Cloudflare Inc ECC CA-3
2021-08-04 -
2022-08-03
a year crt.sh
cdns.canddi.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-12 -
2022-10-13
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA
2020-07-26 -
2022-07-23
2 years crt.sh
*.lfeeder.com
Amazon
2021-08-08 -
2022-09-06
a year crt.sh
i.canddi.com
Amazon
2021-02-10 -
2022-03-11
a year crt.sh
s.canddi.io
Amazon
2022-01-09 -
2023-02-06
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-10-06 -
2022-11-07
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.15below.com/
Frame ID: 1C1C9D7914B9BA116F83D81C82E58454
Requests: 67 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 2C5B7AB3235063F2B3E4796CBE666EE3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Automated Passenger Communications for Travel; Disruption; Flight Status; Pre-Departure | 15below

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • js/_dmptv([\d.]+)\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

68
Requests

97 %
HTTPS

42 %
IPv6

15
Domains

25
Subdomains

25
IPs

3
Countries

2914 kB
Transfer

21257 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.15below.com/
93 KB
18 KB
Document
General
Full URL
https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66ef9e8ec250e33ba12f6d30ce9a4d6e79efe7d0e2a42bfd95091d7a5002c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=2764800, public
x-drupal-dynamic-cache
UNCACHEABLE
link
<https://www.15below.com/>; rel="canonical", <https://www.15below.com/>; rel="shortlink" <https://www.15below.com/home>; rel="revision"
x-ua-compatible
IE=edge
content-language
en
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
permissions-policy
interest-cohort=()
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Wed, 02 Feb 2022 16:10:51 GMT
vary
Cookie,Accept-Encoding
x-drupal-cache
HIT
x-request-id
v-05e0d71c-89bd-11ec-9798-3b427ac771a6
x-ah-environment
prod
age
8202
via
varnish
x-cache
HIT
x-cache-hits
56
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7d7QoNz1Smn%2FOgbbD4hC5Q5MPNZ8Wfx2NdyGLTj8Motk6lMxz3K6XbWfRrzti6b%2FEZTZM5IwkRBv8XmN2IYagnnLpV7svCO%2BYRmhmrj9wmvZPQCGOaW4am%2FHM6r3XmWftc1hsDDjUzuhg6WMRU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6daee9eb5de47145-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
optimize.js
www.googleoptimize.com/
88 KB
35 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5NCL7HD
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f6ddd74a268b51fce1f2f931338edac050615e15893857acaff6f912c7c20c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35606
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 16:49:15 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Feb 2022 17:45:51 GMT
css2
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600&display=swap
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f92f6f2cf3f4dc48ba6cf0ddb4b26a977dc6486aa3eb64610b9a694678c4f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 16:24:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 17:45:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 17:45:51 GMT
css_q18vFNz3vVs9u-ltuWmTYJRXMPWg_xdBVF0VIqCopSU.css
www.15below.com/sites/default/files/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.15below.com/sites/default/files/css/css_q18vFNz3vVs9u-ltuWmTYJRXMPWg_xdBVF0VIqCopSU.css
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5f2f14dcf7bd5b3dbbe96db9699360945730f5a0ff1741545d1522a0a8a525
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f66c81e-89d0-11ec-8c0f-73f158cd82f5
last-modified
Wed, 02 Feb 2022 16:09:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6SAJOaG5aWwq4htouGXvDWez2Tw52uzAokQkc6QSUm%2B2hHCA6010KAgzeK6p4iq%2FN5Kp26LqQGZhMOB3cpnxszuei0HB4aYG%2Fal2eWpFOrXnmD5M394H7MEZUNkXWmXci0Joi0JqWPkNfMX52s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
6daee9eeaa3b7145-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
coherence-custom-stylesheet.min.css
www.15below.com/sites/default/files/cohesion/styles/base/
383 KB
31 KB
Stylesheet
General
Full URL
https://www.15below.com/sites/default/files/cohesion/styles/base/coherence-custom-stylesheet.min.css?r6oq7o
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00dd788893faf0771dc4a74b38dae2d3b29910b3c6c920a126a6f7b0ab0a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f66fb54-89d0-11ec-a929-f31443c51560
last-modified
Wed, 02 Feb 2022 16:09:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6MnWVQ%2BUsUEjnv5VbMeclfFb6NyLJdZDen%2FgU%2FowkQDHAqYbHbd7dIAlXvNfBJfLAxcg6RM0GGp3L9HTe%2FiNG%2FXYWpWuSGH9BcPzio5QLwPss9Ovx053q4vQdo9e5bv1AViyVuUfEJh4ioDvTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
6daee9eeaa3e7145-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
css_I3rhZsMPJd8ZRI_1PqdOFLfsvRUlICrb6E7neqLmkXw.css
www.15below.com/sites/default/files/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.15below.com/sites/default/files/css/css_I3rhZsMPJd8ZRI_1PqdOFLfsvRUlICrb6E7neqLmkXw.css
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237ae166c30f25df19448ff53ea74e14b7ecbd1525202adbe84ee77aa2e6917c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f683168-89d0-11ec-a91b-5f41ad9433dc
last-modified
Wed, 02 Feb 2022 16:10:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzmfxruY293OmvUrDnVTdh7UxIEGnO4K%2BfJYyVusiv5737kA9L1hPTHYNOhx%2BKZgGyHlhSFeWuwTJ5VY3VtxWMqTG2NQUxkwzGICaRzrMgmqm%2B2MJZJ4OcFB2sa8ugmK5ocqhJZEdZjdq438rWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
6daee9eeaa427145-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
coherence-custom-stylesheet.min.css
www.15below.com/sites/default/files/cohesion/styles/theme/
65 KB
8 KB
Stylesheet
General
Full URL
https://www.15below.com/sites/default/files/cohesion/styles/theme/coherence-custom-stylesheet.min.css?r6oq7o
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1089436a61ea38a95cf0ee5b50993505fa0166493adc85c38caf44de6be60d03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f678ede-89d0-11ec-9619-b7eb3994dab3
last-modified
Wed, 02 Feb 2022 16:09:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tZ3HyKDTLdy2WsDyS1lhRfQcHSTrq5din8eCNZ5Sc6oyRNNQGsXjxyAj%2BDXZMNyDmThMytGu%2FSuobH0YWKMWAgj90rJvUu179Pq%2BATNopNceKbIwjACEXAVo4IxuHm0gjl7edQtaUqIn03R8CY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
6daee9eeaa447145-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
css_Nwy5y7hwc9IB-YyTGeM6Nla9yB5fOQ-WXymjCtF5N8M.css
www.15below.com/sites/default/files/css/
79 B
409 B
Stylesheet
General
Full URL
https://www.15below.com/sites/default/files/css/css_Nwy5y7hwc9IB-YyTGeM6Nla9yB5fOQ-WXymjCtF5N8M.css
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370cb9cbb87073d201f98c9319e33a3656bdc81e5f390f965f29a30ad17937c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f683780-89d0-11ec-8680-5b946f8a9557
last-modified
Wed, 02 Feb 2022 16:10:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZGaD0xgSF4N1cJaFJVEkbrr9uL2tVGq%2FTD6zcs%2BnFoIzZo3cI5Uz74FdT0k%2FM6czT5md10EvrO4ZKPybPRnBLZRFgxG85LgCuQin75llGBiIphmDgf1qQRQvnl0m3cHsRSdzwj50qvQb85v6zw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
6daee9eeaa467145-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
css_44rm3XhcecooYfvZlW6vZTvpsogr5q-onkBrWi_iZ7s.css
www.15below.com/sites/default/files/css/
31 KB
5 KB
Stylesheet
General
Full URL
https://www.15below.com/sites/default/files/css/css_44rm3XhcecooYfvZlW6vZTvpsogr5q-onkBrWi_iZ7s.css
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e38ae6dd785c79ca2861fbd9956eaf653be9b2882be6afa89e406b5a2fe267bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f6984d2-89d0-11ec-8a99-6baadbb12cc0
last-modified
Wed, 02 Feb 2022 16:09:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVyeF3ZMgiSKFYNVjIpCvP%2B2aKhoTcE41ehrAxa5HeL8QSmiDvROu2B06zKomOCb2fAJQbrM%2BkzM4Y5iONB2zjFgJZDxAkouMKMevrvUk4pCi6PVMZjqwQWy2HPhd%2B2bkf6TZzXbIEF30vsc0%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1209600
cf-ray
6daee9eeaa487145-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
0111.js
script.crazyegg.com/pages/scripts/0012/
5 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0012/0111.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196515d1005ed4c7e5a6a3117e02c1f320bd9c7a797349ed529afb6802a6baf8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
90847
cf-polished
origSize=4899
cf-ray
6daee9f029277151-YUL
ce-version
11.1.376
last-modified
Tue, 08 Feb 2022 13:00:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
15-below-logox2.png
www.15below.com/sites/default/files/images/home/
15 KB
15 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/15-below-logox2.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6148928974c2e643543aa15d84ab16a12b9252f418f65960a5d3f4c9f58bfdbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14943
x-request-id
v-1f7f58ac-89d0-11ec-b102-7f00fc3395b2
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNW3fb0Zhbpt435kwYSb7rmLBaexC90zsJfl7PlzHctR1Z%2Bl9ZHyp0On%2FfTe8pwhvz4bewn3lMNbNFVLYk8ou8c%2BSLEl2naciiw5pXYCoORS8DojwZj9UuTMSgwh5WqouhgAQOXYJM2iKoJaM4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba3d4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Globe-%28on-transparent%29.png
www.15below.com/sites/default/files/images/home/
216 KB
217 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Globe-%28on-transparent%29.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0487101fe5b4a45d0f3bb68ac694de41e56de2d935efe8661fa6a67cb7e229
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
221578
x-request-id
v-1f7eb776-89d0-11ec-ab4b-73ed28e0587e
last-modified
Mon, 28 Jun 2021 09:23:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLELEOJpfUXcrrBZMsBDpRvyP2l25icezD%2F1xALLewXfldYQlZixjGWGK1iX5npOXIRs3lHnl2JKgNphjFzpTTtavHp%2FLN3rDoBS9vhOOm%2FV5%2FTkIjItolqYc18satL7i%2B8WZQIF%2Bd7YioM4ChM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba3e4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
disruption.png
www.15below.com/sites/default/files/images/home/
6 KB
7 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/disruption.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d47d9bd12a0155edd8f63af9855e0fb5b20a01580383677860b7440ac113ec2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6277
x-request-id
v-1f7f5596-89d0-11ec-860c-57e358898a68
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0cyyi98XvY1uU8XA5gkNjvXL7dlAulVrfqa2BHKTPCd%2FTUFs92do1Om4bOsSmpMrybm7DR%2B9Mm4SXbF%2BP39OOF4ur1zjbo6g4BR8Qbx9EV9dhm%2Bb7WF8rYnegOnh2Kq%2B2i%2BIjbKrx8pnUTsX0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba424bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Flight-travel-status.png
www.15below.com/sites/default/files/images/home/
5 KB
6 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Flight-travel-status.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d85d3d962e22b8a7d4ccf150b188514b55f84ce78ff460b50c3a0c571c0728
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5487
x-request-id
v-1f7feb8c-89d0-11ec-be79-4baba52ebcdd
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfgYYrD3NLwyHRcxq6qNWnsN7V%2FNRNRcfJREAA6SwjYaZKPzuHkszQJSpFEvAbL83GyG0oy%2F9SwITxmMg7EGJCTeuh%2FBTqjTE42vMWcA%2Ft%2BgRqdhhYLP9Zxzf%2FfhWg%2FTpk4%2Bz%2FmrzQyV%2Bc0RsQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba444bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Queue-mananger.png
www.15below.com/sites/default/files/images/home/
6 KB
6 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Queue-mananger.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed093e85af72f89856624b6aa01d74e7d253f3a63f72974f3209954055fd19d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5837
x-request-id
v-1f7fef9c-89d0-11ec-9e1c-df212fe51e2d
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT%2F4K2FVjxsigunUrTaOMfKpmzp6lhK2vk1W67cCyG7W4MGn8l2cmCSYqJ56MmN1SLZNd1M5aw4E6QoXobK9lz7d%2FQ6CkZdvM64GbC9aAVCLuDn%2BcsG7xomz7PeX%2F21IdFEsqd2QVibaTQspJjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba454bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Pre-departure.png
www.15below.com/sites/default/files/images/home/
6 KB
6 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Pre-departure.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06bcbdeb991b5204dfbb27caaad86e67b8c45b5dee3f41fc5df7c86a1c49daa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5726
x-request-id
v-1f7f57da-89d0-11ec-b099-df82a0e80d6c
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXvvQiFubSKU1EiTj%2FDIAqKTZlANkjzIxcVmMO9xOXhCpysm1w4BYMLlQU3dBqRGlzsOOqau5n%2F%2FHsuyKYiJAcB0wf1RDhm8aCRAKvvb7yvU0f2dWwkyttu7E2E83DPbSKPxzLPuKeHLAv4e46A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba464bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Itineraries.png
www.15below.com/sites/default/files/images/home/
4 KB
5 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Itineraries.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
066c0a6eff24db28e5f23ad683550cb7cc8a5b9e4dfe3f19d7876f70de8ca755
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4441
x-request-id
v-1f7fc864-89d0-11ec-91ea-6f7a9027de3e
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWgz0Lx%2Frl7F6KiTn2tXm%2BAYFy1FR20%2Fz8x2w4T43HBcuuAh5MFZoM%2FRQp8hAnBtVg0y%2BNsEsepF4DiLWrqDPGgQJ%2Bmb3%2Fn5QIXmpTic%2BWFTknTlZXFdc9lQQ2v90ORktByHdejeSceds0JOmzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba474bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Special-service-handling.png
www.15below.com/sites/default/files/images/home/
5 KB
6 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Special-service-handling.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0881e2438aace245603262dc595cc4606aafe9a31075150123210fa584e6407c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5578
x-request-id
v-1f7f5870-89d0-11ec-b7b5-674d075c5326
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKUpRrO%2BYFfPkttUKD%2B12ayCWVqNFuAWMS9Doog2S8h9emQUneCeAqwy%2FlOnJkO%2BJDh87s6sQ%2F6FlXqeDp5ft5I1SarB3vWDUjC9Ptc%2Fg8gFVqVGQnSXO08IzX6Gh9LK5T2n3G%2B6CazDaXjYCXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba4a4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Ticketing.png
www.15below.com/sites/default/files/images/home/
4 KB
5 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/Ticketing.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7cfba49b7fcab8df1bdb645217e33bb889b69cea424a5f44fd4157212e1091a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4256
x-request-id
v-1f7f7c7e-89d0-11ec-9a06-6fa059fbc8da
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6zsALR6%2FHJe8Y9tUBrnv%2BWTywROo%2BWBVFfuHUAa9L4Z312IDnuVeNa24ADvzxPeaKwDzBl4AUO5vnOuOF7YTBP%2BsT23IqD4Esp%2B2UBgNlaeaJ5t%2F2J9jKoml317fQ0NABXCwZBmJvoT09roadQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba4b4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
check-in.png
www.15below.com/sites/default/files/images/home/
5 KB
6 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/check-in.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
571576b57f2113a201b6911ed9f7deb6792e6578e2114ee956523cb3fe6bf887
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5131
x-request-id
v-1f7fa8fc-89d0-11ec-b970-cbcaf8bfa4d1
last-modified
Thu, 14 May 2020 12:42:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onWgPb67wMsfuPE3xZDlx1VkBBFfq5%2FA7YQ8nzWcxQIfwtjdHPR7MRZhfjMnJyGvCg1638Pv8l1XvIt2T5I6cn2VJNfvey0idZH5UhRcn7uIZiQUaLD5d8dcH0UuQc044kwnYVSeAr2sAgZi6GM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba4d4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
BA_450x300px.png
www.15below.com/sites/default/files/styles/600_x_400/public/images/customers/
23 KB
24 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/styles/600_x_400/public/images/customers/BA_450x300px.png?itok=OL9Hnre1
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ec599b2d5cf6528935139d5f51d63a0d781295fb58a92601badd4ecc00cfa8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23715
x-request-id
v-1f805496-89d0-11ec-ac26-93c56b5b7dba
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmDZ04lMNBAbBLqw%2B74A2Hf1aYz2IRbakYr4z2N6GcCe0d3HRHyIRBXTCPyZ5VwT4XDPkc4Ne2IOLlif0xq8HmWUVvku1dpuVLO3VuVnk1YjllH3roihDYGEzsg6%2Fp%2BzTKwYSRve%2B0tzj%2B4QKwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba4e4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
qantas_450x300px.png
www.15below.com/sites/default/files/images/customers/
12 KB
12 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/customers/qantas_450x300px.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361b53f4fdb816988e4f29af94ccd11b57dc9b37e1001a8e5f8ad86df9d58541
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12070
x-request-id
v-1f7f3ca0-89d0-11ec-a4fb-971b9680ac5b
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnhsV59kmuc3U5PQSRUUGWSnt5bxs5G3AJSN1JNroXH8d1JFbOs6rRHv67usoENRzkFijLGLXKzdXu4wVb1ZI4vIFv8y1ivf4IV6WG%2FzZrrZFqedoj9EI2tbrWlSzlXgbKh4cIi1Pr9sZey%2FyCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba4f4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
Cathay_Pacific_450x300.png
www.15below.com/sites/default/files/images/customers/
11 KB
11 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/customers/Cathay_Pacific_450x300.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4cf547017183c618fd77d500ff4791634dcdc103924996b118fa69b4b8feb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10866
x-request-id
v-1f7f68a6-89d0-11ec-b538-cbe22e4063c8
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVjRT5vkZV%2FYfjIclEhE6hZID47oH401DtboNrEQ0jFfHIeIuAwXH6ynjmwJ%2BwxlgHd4pxdhu54y6amcZYGp1yOV8Oq9CX83sjpZchFhwsDL2OGEYKEEe3QW8LqeNAzfSVzK4MK1rQYHiKncwWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba514bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
jetblue-600x400_0.png
www.15below.com/sites/default/files/images/customers/
10 KB
10 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/customers/jetblue-600x400_0.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3014e06c3f2b1ec8c8f87bf73b703c52295507aa7a8a3ea9bae8fed4c73bb1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9900
x-request-id
v-1f811282-89d0-11ec-94c6-07fc78e82cd6
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha8hMCx0WsM%2B3BNzs4eH%2FHiKEbeZHUUks9yRq0jDpPOgjvczvFkHEdDElT1B6QhvyZqOqIeHFMlqSL5Q9mom0omy8HKUBqq1MG%2FlZsWbjFAO4kCAQSRMeWpmk7cIWHLFtQ27XNB8MR%2B7lJk6IhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba524bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
ryanair_450x300px.png
www.15below.com/sites/default/files/images/customers/
9 KB
9 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/customers/ryanair_450x300px.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292b3c1826babcf5ac0bd2e11795c5b56198a11094111ed5969303f9d3009209
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8822
x-request-id
v-1f572a4e-89d0-11ec-a1a1-bf89ee7da061
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8jQhSzjV1WigNf6kl9d6iLaLEz8XhhQ5zTxn0sIbjEs6bkYtHbkXOWiyymbQU04imiUT8GsK8hbM0DqnUWALN24TGDvbDFCYBFJjG51V057QKwax0d8KLc23hV9psISTusihxRNM%2FJRIuvaoaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba534bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
AeroMexico_400x300px.png
www.15below.com/sites/default/files/images/home/
28 KB
29 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/home/AeroMexico_400x300px.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29bdf3b52f962852dbef6a0fe88599e0de2aa989221f91ea41cc59cbcbf6d62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28878
x-request-id
v-1f81851e-89d0-11ec-bc76-33b3aac872ae
last-modified
Mon, 20 Sep 2021 12:14:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7o4G2YL%2BXDqMBS0rmH1nFsCw01BkFiwDnnM18rLd9IMSJXW9rCYDvb%2BA%2BH2Pphhc5sxNeSOrEYWgqrsChfjVQHL02sXOQc2pYCp9YqKdvPNxrq6kCVutPVW0%2FWJHikLXfhqgqCJ%2FPZdCBN9nqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba554bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
etihad-600x400.png
www.15below.com/sites/default/files/images/customers/
13 KB
13 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/customers/etihad-600x400.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35081c95a3cba9134a9d2ca77afb7c8a9d04a14eca2feb256a69d87c5ce933d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12835
x-request-id
v-1f820cfa-89d0-11ec-87fd-8b57f2008b12
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yauf%2Bdpj4RGIUF45nFplchn9mDb81q5%2B8AysQr6ot%2F2Y5%2Fltqu6yDxmAKoz9CI1xQv2JKzXIIJw%2BQTSwXW8QzVoG2SN6GWlljmCCuZ5LEQsPFcJzI6HRoZD2IkXQ5%2BtkoKn1YnS1C6RktnSRSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba564bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
TUI-600x400.png
www.15below.com/sites/default/files/images/customers/
4 KB
5 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/images/customers/TUI-600x400.png
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73799afebaff21e14fb94f308cecc77dd980a48f60c47fc13ae5bb2e823d6a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4261
x-request-id
v-1f81ad3c-89d0-11ec-96f7-6b937e1244af
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWuebssy430Xj1zt8P%2FGztNmdIrI9EX3xxUoPV3ek8KRB%2B%2BIvDpKNEDckt%2B7ggNefOlxUnh3XVzgBK%2Fp4xN1TtTpRhq2B%2BEetNBmtoyXfMlNq3ABVVQgNde80Q7dCPGlDAmvAscSdfhWnEa9q2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba574bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
claire-case-study-teaser.png
www.15below.com/sites/default/files/styles/600_x_400/public/images/article/2021-11/
319 KB
319 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/styles/600_x_400/public/images/article/2021-11/claire-case-study-teaser.png?itok=NXeNlXTp
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e3e1534fa9761bff21f2e327298d91dc2e44a1f7da56398dee7edf8c3b9410
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
326401
x-request-id
v-1f7f53c0-89d0-11ec-b9d8-9f2aa8d0eb24
last-modified
Tue, 23 Nov 2021 13:02:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psg3QFWMHShzKcj3UO7B6IUYjqekLwDlbQglcnZEJ7SrY0VwWn9zoYxefsh1W2igqPYD9iki8Aam9UdprtvQ0LXGBoEB7Qniy86bSyhjWmg37soctl7DhYJPJalDKHjZV5PfUeBY9i3CmY%2FHpi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba584bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
CDC-blog-teaser.png
www.15below.com/sites/default/files/styles/600_x_400/public/images/article/2021-11/
433 KB
433 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/styles/600_x_400/public/images/article/2021-11/CDC-blog-teaser.png?itok=RXotkFah
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85fc7c86164c80a2a4d89b89994d9e862a07a041b13c645ee8650b0fdb21764
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
443048
x-request-id
v-1f7fcbc0-89d0-11ec-b783-97dcc5d26bd9
last-modified
Tue, 16 Nov 2021 14:24:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2F9oB0ldz6pUc0peJw7L%2FlSq2sCNqDCY1dSZ51lgvYD46Tqq%2BU0db4cwej0u62V4V4irEalQGtuQNCbqvBY7gJpugPBHl%2FJmo8EPKvJrQg9c911emQWf%2BPmCBnP9OyLzObuyNc1Xw7qvpRW8te4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba594bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
SMS-gateway-teaser.png
www.15below.com/sites/default/files/styles/600_x_400/public/images/article/2021-07/
309 KB
310 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/styles/600_x_400/public/images/article/2021-07/SMS-gateway-teaser.png?itok=7E21mKRq
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903c72ad248efb9978229c679d25960e54a5a9c91e1529ef59e2aa79017c9dde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
316575
x-request-id
v-1f7f8a20-89d0-11ec-b572-3ffb345a2356
last-modified
Tue, 20 Jul 2021 13:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9o0XB1CEwQXqqy20Mydvg3jddLggoUOoPrbt8YJ1kVdAjR3A0wvx%2B1%2F%2BTt2%2FAtyMkAHhbtYZtd%2Bud7LdsWeHSgkWCCYztHlzO2DE1WLGFLrKER9t%2BypYbNDPwr6r0C6tOf5S8KHP9KHntOLUPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9efba5a4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
email-decode.min.js
www.15below.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.15below.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Feb 2022 10:43:21 GMT
server
cloudflare
etag
W/"62024949-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMb8CSDTINZY1L%2FPWU4rZ%2FqcdH5Mn5ndyWSz3Q%2BzbGHDFSeku7%2BEh9SxUPu%2BYoTAkfyaJZLN3XQADF%2FOF8p0s0W8cM4h7DGuT2yzcMTHx5PZNaWJ2hIn7ay0SEd6HDuCONYNLncsUIF1oeZR5TA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6daee9efaa374bbe-YUL
vary
Accept-Encoding
expires
Fri, 11 Feb 2022 17:45:51 GMT
js_2gQKTgvZNp8yEA-aQH3GBS9h24uXaJNFxBROt4FVFII.js
www.15below.com/sites/default/files/js/
97 KB
35 KB
Script
General
Full URL
https://www.15below.com/sites/default/files/js/js_2gQKTgvZNp8yEA-aQH3GBS9h24uXaJNFxBROt4FVFII.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da040a4e0bd9369f32100f9a407dc6052f61db8b97689345c4144eb781551482
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f80dce0-89d0-11ec-9569-b77832c08cb4
last-modified
Wed, 02 Feb 2022 16:10:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwAUOMNgjAOMNDsfWr8v3HP8U4REA53qc1a63uzC0TX%2FBDx6HdXkOPA7MOLY%2BRCjYmOREFAwyTJeNsKDoIwvdEHMpGLKd60gsrk2d5yVj%2BeRH54RQ3lB5VAgbsldvpfF7oTxMbpWZQfzAQ33l7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1209600
cf-ray
6daee9efba394bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
eu_cookie_compliance.js
www.15below.com/modules/contrib/eu_cookie_compliance/js/
58 KB
10 KB
Script
General
Full URL
https://www.15below.com/modules/contrib/eu_cookie_compliance/js/eu_cookie_compliance.js?v=1.19
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d4333dcb06732662dc11038f64c540376dd42f9ece747a2c9a4f22b6760821
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f8244e0-89d0-11ec-9593-8fc553349c65
last-modified
Thu, 28 Oct 2021 07:40:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt%2FYHCfqSe0NUdqIcm8fhofWR%2FBMmV5iSo2Vug36zT7l%2FXoAAfDZuMLAnkwG40G81U5dUJwa8t043VEqqL7Zgk4xtb0wC44hazjUjqzCbyCQ%2BmAe1CtN%2BXCAizCKe6vTtCUuIjjGaqncBYe4f5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
6daee9efba5c4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
js_i6f6QcuJX02ORcWY3Lr3L9j3GUgUz3JZQnQ4_VBHW3Q.js
www.15below.com/sites/default/files/js/
465 KB
112 KB
Script
General
Full URL
https://www.15below.com/sites/default/files/js/js_i6f6QcuJX02ORcWY3Lr3L9j3GUgUz3JZQnQ4_VBHW3Q.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba7fa41cb895f4d8e45c598dcbaf72fd8f7194814cf7259427438fd50475b74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
v-1f806814-89d0-11ec-8c62-4b7848e7bdbc
last-modified
Wed, 02 Feb 2022 16:10:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ku%2F%2FRdZhFcVU2b3N%2BqfFi2ixyh64%2B0Z34QX82oyd%2F2cY%2BrrBjYYWvapr15ZdL%2F78qdUL0exoGVmQw0JqJvqvCJe9Lce5tur4IfDHRSnaE5TnUpr9KO4twExhUaTBfSLlehSefiSgVb8c9HaFrck%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1209600
cf-ray
6daee9efba3b4bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
gtm.js
www.googletagmanager.com/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P42Q4ZL
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba2a93299981f0e4b78a771f519d106666a16bfa9d5fb4e9691281a87bf1796f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38414
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 16:49:15 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Feb 2022 17:45:51 GMT
_dmptv4.js
static.trackedweb.net/js/
5 KB
3 KB
Script
General
Full URL
https://static.trackedweb.net/js/_dmptv4.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209::7cef:4800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6ef47a02a474df3503c87e226199a1270cd834a7d8d54e9456fcd0d89521e81

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:20:03 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 12:23:01 GMT
server
AmazonS3
age
5148
etag
W/"184cc0c19c7e693e3ecae790f52a3ea3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
EeTlIPkryNVqn3iuZd5sv92Ctv79rc1v_q8FZuhshAaBgtRZAYnVMQ==
hotjar-1342829.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1342829.js?sv=6
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-102.ewr53.r.cloudfront.net
Software
/
Resource Hash
80fc1a22e233f7bbcb5a56c1e09dbb5bfd610d3ac5e87509632fc0beb3222ce2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-P1
x-cache-hit
1
etag
W/aca27bfa0cb58589ddabaf2a344de667
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
2035
via
1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-amz-cf-id
EtujiY2DKKpTHWXcQNoB9rEzRX0F3uJmvgM83z_ABMeUpV2AJTxZhg==
26088971-hd.mov
download.15below.com/
188 KB
0
Media
General
Full URL
https://download.15below.com/26088971-hd.mov
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.15below.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 02 Feb 2022 11:40:52 GMT
server
cloudflare
etag
"317dbbbb2918d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95P%2Fh6TN5gpfIFhNyv%2BQ5UDr3oZz12P2dZ3iP4LOFk3APdMYjIaxTL0iQCyuBnMxmgZvLdlShmbxkDaUYyGHcwKWpVvE0c3fxI2ZTdUxJR3VObJJqDJIy2TObLDKOFuxVvOGxgvBg4%2BVPLevG97JOLrS1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/quicktime
Content-Range
bytes 0-17260049/17260050
accept-ranges
bytes
cf-ray
6daee9efcbc17145-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
17260050
pagevisit
r1.trackedweb.net/
43 B
281 B
Ping
General
Full URL
https://r1.trackedweb.net/pagevisit?accountID=DM-3362079473-01&page_url=https%3A%2F%2Fwww.15below.com%2F&page_title=Automated%20Passenger%20Communications%20for%20Travel%3B%20Disruption%3B%20Flight%20Status%3B%20Pre-Departure%20%7C%2015below&page_time=2022-02-09T17:45:51&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/98.0.4758.80%20Safari/537.36&dm_i=undefined&utm_medium=undefined&utm_source=undefined&utm_campaign=undefined&recordID=a0047601-9d68-43b9-95b2-d6a58a616cf5&sessionID=e882f708-a614-4196-8a53-3b615d81699b
Requested by
Host: static.trackedweb.net
URL: https://static.trackedweb.net/js/_dmptv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.182.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
*
cf-ray
6daee9f0cda7544f-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
0111.json
script.crazyegg.com/pages/data-scripts/0012/
53 KB
3 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/0111.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/0111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba39f98ad1d793ca3e07680931eeee618391ae990f9870c1ecdc7b96926644b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
90847
ce-version
11.1.376
content-length
2735
timing-allow-origin
*
last-modified
Tue, 08 Feb 2022 13:00:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6daee9f0b950ecf2-YUL
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P42Q4ZL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4895
date
Wed, 09 Feb 2022 16:24:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 09 Feb 2022 18:24:16 GMT
99e09a878ccff3945bfb05a2db8314ed.js
cdns.canddi.com/p/
89 KB
35 KB
Script
General
Full URL
https://cdns.canddi.com/p/99e09a878ccff3945bfb05a2db8314ed.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P42Q4ZL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.243.18 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
7cabb81aa89b471a763338ec5484848a1eea9b52226249a65f443a58bae24e0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 17:45:51 GMT
server
nginx
vary
Accept-Encoding, Accept
x-cache
MISS
p3p
policyref="https://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
cache-control
max-age=1800, public
x-server
dashboard-api-nginx-deployment-7479bf7c5b-lxdkv
strict-transport-security
max-age=15724800
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 09 Feb 2022 18:15:51 GMT
modules.acfce7141cd3503e3221.js
script.hotjar.com/
235 KB
62 KB
Script
General
Full URL
https://script.hotjar.com/modules.acfce7141cd3503e3221.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1342829.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-27.ewr53.r.cloudfront.net
Software
/
Resource Hash
6568a8a9578cfdd55945b329b1ac8901849f56d9867b6aff7c01102b117cf9aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:27:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
195524
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62580
access-control-allow-origin
*
last-modified
Mon, 07 Feb 2022 11:26:47 GMT
etag
"bf840f14bd6880d7ed369487d067cc3a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
PGo5VgsNwfmpm0NVlHgRxv1WpfIKgQo-jODaRcL179-lBCq1r1EYYA==
11.1.376.js
script.crazyegg.com/pages/versioned/common-scripts/
71 KB
23 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/0111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 17:45:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:25:17 GMT
server
cloudflare
age
103705
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6daee9f0fa247151-YUL
content-length
23366
opt-multiple-devicesskinny.jpg
www.15below.com/sites/default/files/styles/1600px_width/public/images/home/
354 KB
355 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/styles/1600px_width/public/images/home/opt-multiple-devicesskinny.jpg?itok=PSWPctNm
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8bdf38518405a2c7c970b1dd9686912bc9899a97060bd9743050b26344e2f3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
362838
x-request-id
v-1fa1f286-89d0-11ec-a1a7-9f6d72e8456a
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhQ06BwFgwvJOXF4sqzG%2BRcqIsCNKAD%2B%2BdSyjlsTpyLovsZE4ZL1WhJ96tbPkicwLwfh8JDcZfOiGxIdlld%2B3ff34g%2FtsrQyNqLYJxcjVtq08MXtuAS7yl1R%2B2WTlBlJw1Boz3ABQPjmlVmrTgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9f11c224bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
opt-iStock_000028193904XLarge33.jpg
www.15below.com/sites/default/files/styles/1600px_width/public/images/home/
489 KB
490 KB
Image
General
Full URL
https://www.15below.com/sites/default/files/styles/1600px_width/public/images/home/opt-iStock_000028193904XLarge33.jpg?itok=NZ03rWmA
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b19c0137b96ffc4edb56e7139b3cb6f3dbc8926d1db3b2eee0c850633a8160f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
501229
x-request-id
v-1f79c5ea-89d0-11ec-bf45-eb19b99a2606
last-modified
Thu, 14 May 2020 12:42:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYv%2FsRjqi5IzuAXDDUzXQaDVtzADP7eiUJwvMOju%2Fg1cz3ofrgp7psTECC0EVVlJQVgaL0qq19oco1GfJZjzlewiBDpghvNe7G7ur2z2Aooe6rgnFEVImOhlVl0Y6GKUYaEHdEgdC33FrRni8Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9f12c244bbe-YUL
expires
Wed, 23 Feb 2022 17:45:51 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=175058586&t=pageview&_s=1&dl=https%3A%2F%2Fwww.15below.com%2F&ul=en-us&de=UTF-8&dt=Automated%20Passenger%20Communications%20for%20Travel%3B%20Disruption%3B%20Flight%20Status%3B%20Pre-Departure%20%7C%2015below&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=221165490&gjid=1208297886&cid=310741146.1644428752&tid=UA-31975552-1&_gid=1410405493.1644428752&_r=1&gtm=2wg270P42Q4ZL&z=1338267276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.15below.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 17:45:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.15below.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
26088971-hd.mov
download.15below.com/
24 KB
24 KB
Media
General
Full URL
https://download.15below.com/26088971-hd.mov
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3acd129a10b6a5323a62e0796f5b05856b6099c12aa2360bc7794fb8d3319c

Request headers

Referer
https://www.15below.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=17235968-

Response headers

date
Wed, 09 Feb 2022 17:45:51 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 02 Feb 2022 11:40:52 GMT
server
cloudflare
etag
"317dbbbb2918d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5B8tU37jcyw962i5UeRPKrg2laVxEBcN0kNYH%2BdEUEnE6utVIB7eJP%2B4DXUqHgOVXovgvMgkW5tKKEQSOVYJ4qmm68SxBc1r5qwSirwVtnZYOFr4I%2BmvdTTp6JqijjTWvHIdSEKU8lI11tnku7OokBijA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/quicktime
Content-Range
bytes 17235968-17260049/17260050
accept-ranges
bytes
cf-ray
6daee9f19ccb4bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
24082
collect
stats.g.doubleclick.net/j/
1 B
439 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31975552-1&cid=310741146.1644428752&jid=221165490&gjid=1208297886&_gid=1410405493.1644428752&_u=YEBAAEAAAAAAAC~&z=62076557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.15below.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 09 Feb 2022 17:45:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.15below.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.15below.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:45:22 GMT
x-content-type-options
nosniff
age
97229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 14:45:22 GMT
icomoon.woff2
www.15below.com/sites/default/files/cohesion/
79 KB
80 KB
Font
General
Full URL
https://www.15below.com/sites/default/files/cohesion/icomoon.woff2
Requested by
Host: www.15below.com
URL: https://www.15below.com/sites/default/files/cohesion/styles/base/coherence-custom-stylesheet.min.css?r6oq7o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0683d591591b0d70d61b297dbc144787be466fb9e78ffc7451278105918169ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.15below.com/sites/default/files/cohesion/styles/base/coherence-custom-stylesheet.min.css?r6oq7o
Origin
https://www.15below.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81356
x-request-id
v-1fb87682-89d0-11ec-acfc-1f6bb2a7f844
last-modified
Thu, 28 Oct 2021 08:44:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FM%2FcPGrvk6LjkPZVQ7WrtPqF7ECp8O0JIx9Q6kTjpBEDWTQq1J%2FhW6wM9%2BksIx6I3arh%2FNrbQMwVSfG0id%2BfGrc8%2Br6xaw7%2BXm%2BGqum4EG6ddqLbzLOxeJAu4HAyGz29ZI3ZLfB0Nh8RBOg3S8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
6daee9f1fd104bbe-YUL
expires
Wed, 23 Feb 2022 17:45:52 GMT
26088971-hd.mov
download.15below.com/
16 MB
0
Media
General
Full URL
https://download.15below.com/26088971-hd.mov
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b571 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.15below.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=163840-

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 02 Feb 2022 11:40:52 GMT
server
cloudflare
etag
"317dbbbb2918d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHij%2BTw14qwbXXdIGBDYZfgj9SeaDl0%2BiUDIIrofDut%2Fdq756aybgBw1fij2V8v2qH2kp6IKeZOlUnDe2Cyib0IJhQ5jSpXep8Yx2HonuCAhmNsg6vD3bhb6nQ0AUFBkivvHg2K%2BNpCODHFPqabIDymuLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/quicktime
Content-Range
bytes 163840-17260049/17260050
accept-ranges
bytes
cf-ray
6daee9f42fb34bbe-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
17096210
0111.json
script.crazyegg.com/pages/sampling-data-scripts/0012/
4 KB
1 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0012/0111.json?t=456785
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a940f7a825ee218192d1d706ebe2123b22d6cbbee64d6c35d9dfe1614968490

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-ray
6daee9f45da8ecf2-YUL
ce-version
11.1.376
content-length
1046
last-modified
Wed, 09 Feb 2022 16:48:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
healthcheck
pagestates-tracking.crazyegg.com/
19 B
420 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-28.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:52:46 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
4333987
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
19
x-amz-cf-id
7sI8YMSZZEh9xi-A2sfkgGdjSRJ_FfSuTEocuXUti9GFLYr_kOmUbA==
healthcheck
assets-tracking.crazyegg.com/
19 B
418 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-106.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 07:13:57 GMT
via
1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
2370716
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
-6lcoN1TmtTfQIqf5-87whk5MYssIw3qiTRmHGh6sU5cUNvCF6BYJg==
lftracker_v1_kn9Eq4R9xVJ7RlvP.js
sc.lfeeder.com/
25 KB
9 KB
Script
General
Full URL
https://sc.lfeeder.com/lftracker_v1_kn9Eq4R9xVJ7RlvP.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:da00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a081dfc96bc01cdd1ce99cce0c221597c735e8573e89bf857a256a72972886d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
HLSyzsujdnwuGaOxd7_QY6nND3dFV5wL
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 08:54:45 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"bbae0c6590f5361a4c72b608fd4ba097"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 09 Feb 2022 17:45:53 GMT
x-amz-cf-id
dNy96KFBXAyG0FGtZ1CuKNHW6vZDXCp96pYr937exf68Jix4KNySog==
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 2C5B
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1342829.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-99.ewr53.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
4hjfgJDWmcccZ8wVvg62ZQFvtqp0SWCVzuEbW0N38fke5SVf8AmOfA==
age
464026
b9db0bd6-a1f4-4cc9-8f8b-3d051b02d551
https://www.15below.com/
53 B
0
Other
General
Full URL
blob:https://www.15below.com/b9db0bd6-a1f4-4cc9-8f8b-3d051b02d551
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
clock
tracking.crazyegg.com/
28 B
135 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1644428752407
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.197.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-197-241.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
47abe48d2f723a04be041c7c375bc5640b718e339e2a1fa465dcdb7d87cfdaf2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Feb 2022 17:45:52 GMT
cache-control
no-store
server
awselb/2.0
content-length
28
content-type
text/plain
i.js
i.canddi.com/
193 B
772 B
Script
General
Full URL
https://i.canddi.com/i.js
Requested by
Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/99e09a878ccff3945bfb05a2db8314ed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.49.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-49-190.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
65742f591a0cafe7dc90b8613221d6b8b91de9672b6b29e0e4bc7e93aa2970af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:45:52 GMT
Last-Modified
Wed, 09 Feb 2022 17:45:52 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
P3P
policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control
max-age=94608000, private
Connection
keep-alive
Content-Type
application/javascript
Content-Length
193
Expires
Sat, 08 Feb 2025 17:45:52 GMT
/
tr.lfeeder.com/
43 B
292 B
Image
General
Full URL
https://tr.lfeeder.com/?sid=kn9Eq4R9xVJ7RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTMxOTc1NTUyLTEiXSwiZ2FDbGllbnRJZHMiOlsiMzEwNzQxMTQ2LjE2NDQ0Mjg3NTIiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi4zNS40In0sInBhZ2VVcmwiOiJodHRwczovL3d3dy4xNWJlbG93LmNvbS8iLCJwYWdlVGl0bGUiOiJBdXRvbWF0ZWQgUGFzc2VuZ2VyIENvbW11bmljYXRpb25zIGZvciBUcmF2ZWw7IERpc3J1cHRpb247IEZsaWdodCBTdGF0dXM7IFByZS1EZXBhcnR1cmUgfCAxNWJlbG93IiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiIyOWI4YTU1NTA2ZGJlYmI3IiwiY2xpZW50VGltZXN0YW1wIjoiMjAyMi0wMi0wOVQxNzo0NTo1Mi40NDdaIiwiY2xpZW50VGltZXpvbmUiOjAsInNjcmlwdElkIjoia245RXE0Ujl4Vko3Umx2UCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5mZjA4OGYyYzkxNmNmZWExLjE2NDQ0Mjg3NTI0NDYiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlfQ==
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-45.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
via
1.1 df1151801209e878a7d395961b098b20.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
Gr2mUPJjaVNrgMAuQ0P-P2iddakAKHej943ggV6o3Z__yHL9CC-lmw==
visit-data
in.hotjar.com/api/v2/client/sites/1342829/
146 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1342829/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.acfce7141cd3503e3221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.248.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-248-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer
https://www.15below.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 09 Feb 2022 17:45:52 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1483ab6b-067d-492a-be48-42984768d48a
https://www.15below.com/
218 B
0
Other
General
Full URL
blob:https://www.15below.com/1483ab6b-067d-492a-be48-42984768d48a
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
218
Content-Type
text/javascript
s.js
i.canddi.com/s/99e09a878ccff3945bfb05a2db8314ed/
134 B
739 B
Script
General
Full URL
https://i.canddi.com/s/99e09a878ccff3945bfb05a2db8314ed/s.js
Requested by
Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/99e09a878ccff3945bfb05a2db8314ed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.49.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-49-190.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f849af4dfc76aba13b01cb2f00fcd0c11ef03d1cea986270a7adc3bfa6af2ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 09 Feb 2022 17:45:52 GMT
Last-Modified
Wed, 09 Feb 2022 17:45:52 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
P3P
policyref="http://www.canddi.com/w3c/p3p.xml", CP="ADMa PSAa PSDa IVAo IVDo CONi TELi OUR IND DSP ALL COR"
Cache-Control
max-age=3600, private
Connection
keep-alive
Content-Type
application/javascript
Content-Length
134
Expires
Wed, 09 Feb 2022 19:45:52 GMT
s.js
s.canddi.io/
79 B
441 B
Script
General
Full URL
https://s.canddi.io/s.js?Id={%22B%22:%22d291b6e0e3d19526278750e15ef58fd9%22}&S={%22SId%22:%22eeb4b9038f69eebc6c4d67b7cbf2add7%22,%20%22TId%22:%2299e09a878ccff3945bfb05a2db8314ed%22,%20%22GNo%22:%221%22}&G-GT=&G-P=&G-T=QXV0b21hdGVkIFBhc3NlbmdlciBDb21tdW5pY2F0aW9ucyBmb3IgVHJhdmVsOyBEaXNydXB0aW9uOyBGbGlnaHQgU3RhdHVzOyBQcmUtRGVwYXJ0dXJlIHwgMTViZWxvdw%3D%3D&G-U=aHR0cHM6Ly93d3cuMTViZWxvdy5jb20v&G-V=GET&G-TA=%5B%5D&G-TR=%5B%5D&Ref=&v=12.2.0&rand=97416191
Requested by
Host: cdns.canddi.com
URL: https://cdns.canddi.com/p/99e09a878ccff3945bfb05a2db8314ed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.189.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-189-36.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
75f0ec54aa0eb7780c79d1e8863574d1da46f010c662d3bfdd9042cd3b45a9cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 17:45:53 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, max-age=0
Connection
keep-alive
Content-Length
79
Expires
Wed, 09 Feb 2022 17:45:54 GMT
nr-1215.min.js
js-agent.newrelic.com/
36 KB
14 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1215.min.js
Requested by
Host: www.15below.com
URL: https://www.15below.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding
gzip
etag
"615035bb6557b191e767e19087efabaf"
x-amz-request-id
CR73YSP0N20HT0PN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13666
x-amz-id-2
NoWBwQTkKh67aBB4iTYIly42rNEwyiVE5qw3jwmo6VA6Sg0OGdWUYY+6hsRACVKmocvUwKdWqMs=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 24 Jan 2022 22:13:53 GMT
server
AmazonS3
x-timer
S1644428753.387293,VS0,VE0
date
Wed, 09 Feb 2022 17:45:53 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4398
NRJS-5142ab424a605d8624b
bam.nr-data.net/1/
57 B
322 B
Script
General
Full URL
https://bam.nr-data.net/1/NRJS-5142ab424a605d8624b?a=522131571&v=1215.1253ab8&to=MlEEbUVZCkZTWhdaCQsbJ1pDUQtbHUkCVAM6VwdaX10%3D&rst=2930&ck=1&ref=https://www.15below.com/&ap=36&be=805&fe=2873&dc=1565&perf=%7B%22timing%22:%7B%22of%22:1644428750482,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:85,%22c%22:85,%22s%22:103,%22ce%22:127,%22rq%22:128,%22rp%22:624,%22rpe%22:625,%22dl%22:628,%22di%22:1563,%22ds%22:1564,%22de%22:1627,%22dc%22:2872,%22l%22:2872,%22le%22:2876%7D,%22navigation%22:%7B%7D%7D&fp=1238&fcp=1238&at=HhYHGw1DGUg%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.15below.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| google_tag_manager object| dataLayer object| google_optimize string| dmtrackingobjectname function| dmPt function| hj object| _hjSettings object| NREUM object| newrelic function| __nr_require boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| GoogleAnalyticsObject function| ga object| google_tag_data object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| gaplugins object| gaGlobal object| gaData object| CE2BH function| CE_URL_FINGERPRINT function| $ function| jQuery object| drupalSettings object| Drupal object| Cookies function| _extends function| _typeof function| LazyLoad object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| PointerEventsPolyfill object| ldfdr function| fnSetupCANDDi object| canddiOut boolean| canFrameLoaded function| CANDDiInitFingerprint object| _canEvents object| canddi boolean| canCoreLoaded object| __gaConnectorEventsEmitted object| CAN_arr string| CAN_BId string| CAN_SId object| xmlHttp

14 Cookies

Domain/Path Name / Value
.15below.com/ Name: recordID
Value: a0047601-9d68-43b9-95b2-d6a58a616cf5
.15below.com/ Name: dmSessionID
Value: e882f708-a614-4196-8a53-3b615d81699b
.15below.com/ Name: _ga
Value: GA1.2.310741146.1644428752
.15below.com/ Name: _gid
Value: GA1.2.1410405493.1644428752
.15below.com/ Name: _gat_UA-31975552-1
Value: 1
.15below.com/ Name: _lfa
Value: LF1.1.ff088f2c916cfea1.1644428752446
.15below.com/ Name: _hjSessionUser_1342829
Value: eyJpZCI6ImJmMDFkMThlLTUzNTQtNTU2MS1hMTliLTI3OTUzNTM2NzBkNCIsImNyZWF0ZWQiOjE2NDQ0Mjg3NTE1ODUsImV4aXN0aW5nIjpmYWxzZX0=
.15below.com/ Name: _hjFirstSeen
Value: 1
www.15below.com/ Name: _hjIncludedInSessionSample
Value: 1
.15below.com/ Name: _hjSession_1342829
Value: eyJpZCI6IjkyZDA1MmFlLTUyMGEtNGI2Yy1hYzlkLWY5NGY1NTA1YTQzYyIsImNyZWF0ZWQiOjE2NDQ0Mjg3NTI0NjUsImluU2FtcGxlIjp0cnVlfQ==
www.15below.com/ Name: _hjIncludedInPageviewSample
Value: 1
.15below.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.15below.com/ Name: _ce.s
Value: v11.rlc~1644428752519
.nr-data.net/ Name: JSESSIONID
Value: 77b028a72917558e

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
bam.nr-data.net
cdns.canddi.com
download.15below.com
fonts.googleapis.com
fonts.gstatic.com
i.canddi.com
in.hotjar.com
js-agent.newrelic.com
pagestates-tracking.crazyegg.com
r1.trackedweb.net
s.canddi.io
sc.lfeeder.com
script.crazyegg.com
script.hotjar.com
static.hotjar.com
static.trackedweb.net
stats.g.doubleclick.net
tr.lfeeder.com
tracking.crazyegg.com
vars.hotjar.com
www.15below.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
104.16.182.44
13.225.214.106
151.101.66.137
151.139.243.18
162.247.242.18
2600:9000:2209::7cef:4800:93a1
2600:9000:2209:da00:1f:f723:6fc0:93a1
2606:4700:3034::ac43:b571
2606:4700::6813:9408
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::2008
2607:f8b0:4023:1407::9b
34.240.189.36
34.242.49.190
52.16.248.108
52.4.197.241
52.85.61.102
52.85.61.27
52.85.61.28
52.85.61.99
54.230.162.45
066c0a6eff24db28e5f23ad683550cb7cc8a5b9e4dfe3f19d7876f70de8ca755
0683d591591b0d70d61b297dbc144787be466fb9e78ffc7451278105918169ec
0881e2438aace245603262dc595cc4606aafe9a31075150123210fa584e6407c
1089436a61ea38a95cf0ee5b50993505fa0166493adc85c38caf44de6be60d03
12d4333dcb06732662dc11038f64c540376dd42f9ece747a2c9a4f22b6760821
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
196515d1005ed4c7e5a6a3117e02c1f320bd9c7a797349ed529afb6802a6baf8
237ae166c30f25df19448ff53ea74e14b7ecbd1525202adbe84ee77aa2e6917c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
292b3c1826babcf5ac0bd2e11795c5b56198a11094111ed5969303f9d3009209
2a081dfc96bc01cdd1ce99cce0c221597c735e8573e89bf857a256a72972886d
2d47d9bd12a0155edd8f63af9855e0fb5b20a01580383677860b7440ac113ec2
361b53f4fdb816988e4f29af94ccd11b57dc9b37e1001a8e5f8ad86df9d58541
370cb9cbb87073d201f98c9319e33a3656bdc81e5f390f965f29a30ad17937c3
47abe48d2f723a04be041c7c375bc5640b718e339e2a1fa465dcdb7d87cfdaf2
4a0487101fe5b4a45d0f3bb68ac694de41e56de2d935efe8661fa6a67cb7e229
4b19c0137b96ffc4edb56e7139b3cb6f3dbc8926d1db3b2eee0c850633a8160f
4b3acd129a10b6a5323a62e0796f5b05856b6099c12aa2360bc7794fb8d3319c
4f92f6f2cf3f4dc48ba6cf0ddb4b26a977dc6486aa3eb64610b9a694678c4f72
52e3e1534fa9761bff21f2e327298d91dc2e44a1f7da56398dee7edf8c3b9410
571576b57f2113a201b6911ed9f7deb6792e6578e2114ee956523cb3fe6bf887
6148928974c2e643543aa15d84ab16a12b9252f418f65960a5d3f4c9f58bfdbe
6568a8a9578cfdd55945b329b1ac8901849f56d9867b6aff7c01102b117cf9aa
65742f591a0cafe7dc90b8613221d6b8b91de9672b6b29e0e4bc7e93aa2970af
66ef9e8ec250e33ba12f6d30ce9a4d6e79efe7d0e2a42bfd95091d7a5002c808
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6ddd74a268b51fce1f2f931338edac050615e15893857acaff6f912c7c20c6
75f0ec54aa0eb7780c79d1e8863574d1da46f010c662d3bfdd9042cd3b45a9cd
7a940f7a825ee218192d1d706ebe2123b22d6cbbee64d6c35d9dfe1614968490
7ba39f98ad1d793ca3e07680931eeee618391ae990f9870c1ecdc7b96926644b
7cabb81aa89b471a763338ec5484848a1eea9b52226249a65f443a58bae24e0d
7e3014e06c3f2b1ec8c8f87bf73b703c52295507aa7a8a3ea9bae8fed4c73bb1
80fc1a22e233f7bbcb5a56c1e09dbb5bfd610d3ac5e87509632fc0beb3222ce2
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba7fa41cb895f4d8e45c598dcbaf72fd8f7194814cf7259427438fd50475b74
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
903c72ad248efb9978229c679d25960e54a5a9c91e1529ef59e2aa79017c9dde
91ec599b2d5cf6528935139d5f51d63a0d781295fb58a92601badd4ecc00cfa8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a73799afebaff21e14fb94f308cecc77dd980a48f60c47fc13ae5bb2e823d6a1
ab5f2f14dcf7bd5b3dbbe96db9699360945730f5a0ff1741545d1522a0a8a525
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29bdf3b52f962852dbef6a0fe88599e0de2aa989221f91ea41cc59cbcbf6d62
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027
b6ef47a02a474df3503c87e226199a1270cd834a7d8d54e9456fcd0d89521e81
ba2a93299981f0e4b78a771f519d106666a16bfa9d5fb4e9691281a87bf1796f
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
c06bcbdeb991b5204dfbb27caaad86e67b8c45b5dee3f41fc5df7c86a1c49daa
c8bdf38518405a2c7c970b1dd9686912bc9899a97060bd9743050b26344e2f3b
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ccf00dd788893faf0771dc4a74b38dae2d3b29910b3c6c920a126a6f7b0ab0a9
d35081c95a3cba9134a9d2ca77afb7c8a9d04a14eca2feb256a69d87c5ce933d
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97
d85fc7c86164c80a2a4d89b89994d9e862a07a041b13c645ee8650b0fdb21764
da040a4e0bd9369f32100f9a407dc6052f61db8b97689345c4144eb781551482
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e38ae6dd785c79ca2861fbd9956eaf653be9b2882be6afa89e406b5a2fe267bb
e7cfba49b7fcab8df1bdb645217e33bb889b69cea424a5f44fd4157212e1091a
e7d85d3d962e22b8a7d4ccf150b188514b55f84ce78ff460b50c3a0c571c0728
ed093e85af72f89856624b6aa01d74e7d253f3a63f72974f3209954055fd19d2
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f849af4dfc76aba13b01cb2f00fcd0c11ef03d1cea986270a7adc3bfa6af2ed4
fc4cf547017183c618fd77d500ff4791634dcdc103924996b118fa69b4b8feb5