www.wearfigs.com Open in urlscan Pro
18.66.248.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.friendbuy-mail.com/ls/click?upn=DioecEVLRrkPf3YyA6CWjGmynMpjX-2Fj2xJswi9gDUYY-3Deqor_YqVc2Q6TaxfIVY64HpFtF2HEMpFxgB...
Effective URL:
https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_sourc...
Submission: On March 25 via manual (March 25th 2022, 9:32:58 pm UTC) from US — Scanned from DE

Summary HTTP 291 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 106 IPs in 9 countries across 80 domains to perform 291 HTTP transactions. The main IP is 18.66.248.46, located in United States and belongs to AMAZON-02, US. The main domain is www.wearfigs.com. The Cisco Umbrella rank of the primary domain is 80079.
TLS certificate: Issued by Amazon on June 21st 2021. Valid for: a year.

This is the only time www.wearfigs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
1 1	54.177.67.226 54.177.67.226	16509 (AMAZON-02) (AMAZON-02)
1 9	52.52.88.197 52.52.88.197	16509 (AMAZON-02) (AMAZON-02)
3	18.66.248.46 18.66.248.46	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6810:1f3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2600:9000:206... 2600:9000:206f:800:4:6d29:5d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2600:9000:224... 2600:9000:224a:200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
22	2a04:4e42:400... 2a04:4e42:400::268	54113 (FASTLY) (FASTLY)
1	23.67.128.30 23.67.128.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	143.204.202.145 143.204.202.145	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:e43c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.40 108.157.4.40	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	143.204.98.53 143.204.98.53	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:4000:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:de00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206f:e200:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.7 65.9.66.7	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:224... 2600:9000:224a:4e00:f:ee6c:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	108.157.4.3 108.157.4.3	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:10:... 2606:4700:10::6816:156c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.215.79 143.204.215.79	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	65.9.58.181 65.9.58.181	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:7600:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:600:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1 2	54.217.99.203 54.217.99.203	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.215.95 143.204.215.95	16509 (AMAZON-02) (AMAZON-02)
1	44.196.158.29 44.196.158.29	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.16 108.157.4.16	16509 (AMAZON-02) (AMAZON-02)
3	99.86.7.25 99.86.7.25	16509 (AMAZON-02) (AMAZON-02)
4	34.201.179.84 34.201.179.84	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b130:4e1:d630:93b5:bb1d	14618 (AMAZON-AES) (AMAZON-AES)
1	54.235.15.197 54.235.15.197	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.51.233.122 52.51.233.122	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700:20:... 2606:4700:20::ac43:44a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.215.106 143.204.215.106	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.216.180.31 34.216.180.31	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3037::6815:46f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	52.48.97.146 52.48.97.146	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2.18.232.170 2.18.232.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	204.237.133.120 204.237.133.120	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2.22.32.24 2.22.32.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:a400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	52.215.125.248 52.215.125.248	16509 (AMAZON-02) (AMAZON-02)
1	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.158.142.150 35.158.142.150	16509 (AMAZON-02) (AMAZON-02)
1 2	34.246.109.130 34.246.109.130	16509 (AMAZON-02) (AMAZON-02)
1 1	54.234.50.35 54.234.50.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:6bbe:49e:bc45:59	14618 (AMAZON-AES) (AMAZON-AES)
1	52.8.175.250 52.8.175.250	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:b61c:5ded:72b6:ee33	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.21.142.210 2.21.142.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	52.55.166.42 52.55.166.42	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.157.5.251 108.157.5.251	16509 (AMAZON-02) (AMAZON-02)
2	99.86.1.96 99.86.1.96	16509 (AMAZON-02) (AMAZON-02)
5	95.100.153.98 95.100.153.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	159.203.152.57 159.203.152.57	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
11	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.18.233.9 2.18.233.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.21.58.221 104.21.58.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.7.101 99.86.7.101	16509 (AMAZON-02) (AMAZON-02)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:218... 2600:9000:2182:600:19:a49e:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	52.219.117.42 52.219.117.42	16509 (AMAZON-02) (AMAZON-02)
291	106

1 167.89.118.83 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

email.friendbuy-mail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.177.67.226 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-67-226.us-west-1.compute.amazonaws.com

fbuy.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.52.88.197 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-88-197.us-west-1.compute.amazonaws.com

redirect.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-46.dus51.r.cloudfront.net

www.wearfigs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:1f3d (United States)

ASN13335 (CLOUDFLARENET, US)

gepi.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webservices.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2600:9000:206f:800:4:6d29:5d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

magnolia.assets.prod.wearf1gs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:224a:200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a04:4e42:400::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.128.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-128-30.deploy.static.akamaitechnologies.com

a18274933994.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o241518.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-145.fra53.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

utils.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:e43c (United States)

ASN13335 (CLOUDFLARENET, US)

s3.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-40.dus51.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-53.fra50.r.cloudfront.net

container.pepperjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:4000:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:de00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn1.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:e200:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.afterpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-7.fra56.r.cloudfront.net

cdn.pbbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:4e00:f:ee6c:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.nosto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-3.dus51.r.cloudfront.net

pix.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:156c (United States)

ASN13335 (CLOUDFLARENET, US)

widget.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-79.fra53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-181.fra56.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7600:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:600:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.99.203 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-99-203.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.158.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-158-29.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-16.dus51.r.cloudfront.net

api-cf.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-25.fra6.r.cloudfront.net

www.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.201.179.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-179-84.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4e1:d630:93b5:bb1d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.15.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-15-197.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.233.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-233-122.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:44a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-34-216-180-31.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-106.fra53.r.cloudfront.net

tracker.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.180.31 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-180-31.us-west-2.compute.amazonaws.com

v4-api-34-216-180-31.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:46f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

privymktg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.97.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-97-146.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-170.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.120 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.32.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:a400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.125.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.142.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-142-150.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.109.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-109-130.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.234.50.35 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-50-35.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:6bbe:49e:bc45:59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.8.175.250 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-175-250.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:b61c:5ded:72b6:ee33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.166.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-166-42.compute-1.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.5.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-251.dus51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.1.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-96.fra6.r.cloudfront.net

djnf6e5yyirys.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.153.98 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-98.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.203.152.57 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rbqnb9ch.wearfigs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-9.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.58.221 (None, )

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-101.fra6.r.cloudfront.net

cdn1.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

wearfigs.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2182:600:19:a49e:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.friendbuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.219.117.42 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com

static-friendbuy-com.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	wearf1gs.com magnolia.assets.prod.wearf1gs.com — Cisco Umbrella Rank: 98079	686 KB
22	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2280	423 KB
19	friendbuy.com 1 redirects redirect.friendbuy.com cdn1.friendbuy.com — Cisco Umbrella Rank: 24878 ws.friendbuy.com — Cisco Umbrella Rank: 29562 cdn.friendbuy.com — Cisco Umbrella Rank: 193838	267 KB
17	global-e.com gepi.global-e.com — Cisco Umbrella Rank: 27104 web.global-e.com — Cisco Umbrella Rank: 24114 utils.global-e.com — Cisco Umbrella Rank: 22631 webservices.global-e.com — Cisco Umbrella Rank: 21908 s3.global-e.com — Cisco Umbrella Rank: 56278	110 KB
11	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1964 ekr.zdassets.com — Cisco Umbrella Rank: 2205	502 KB
9	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185 sslwidget.criteo.com — Cisco Umbrella Rank: 1650 dis.criteo.com — Cisco Umbrella Rank: 617	34 KB
9	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4327	4 MB
8	affirm.com cdn1.affirm.com — Cisco Umbrella Rank: 6344 api-cf.affirm.com — Cisco Umbrella Rank: 6457 www.affirm.com — Cisco Umbrella Rank: 6195 tracker.affirm.com — Cisco Umbrella Rank: 7068	202 KB
8	cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net djnf6e5yyirys.cloudfront.net	88 KB
8	wearfigs.com www.wearfigs.com — Cisco Umbrella Rank: 80079 rbqnb9ch.wearfigs.com — Cisco Umbrella Rank: 107418	49 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	120 KB
7	privy.com widget.privy.com — Cisco Umbrella Rank: 20397 api.privy.com — Cisco Umbrella Rank: 12968 assets.privy.com — Cisco Umbrella Rank: 20200 events.privy.com — Cisco Umbrella Rank: 20058	251 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	7 KB
6	adnxs.com 3 redirects acdn.adnxs.com — Cisco Umbrella Rank: 523 ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com — Cisco Umbrella Rank: 359	8 KB
5	amazonaws.com static-friendbuy-com.s3.amazonaws.com — Cisco Umbrella Rank: 158941	374 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 822	3 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1084	72 KB
5	b2c.com 1 redirects api-34-216-180-31.b2c.com v4-api-34-216-180-31.b2c.com	8 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6433	757 B
5	google.com www.google.com — Cisco Umbrella Rank: 2	757 B
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 971 trc.taboola.com — Cisco Umbrella Rank: 562 sync-t1.taboola.com — Cisco Umbrella Rank: 1233 trc-events.taboola.com — Cisco Umbrella Rank: 1670	19 KB
5	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3295 rp.liadm.com — Cisco Umbrella Rank: 2578 rp4.liadm.com — Cisco Umbrella Rank: 11187 i.liadm.com — Cisco Umbrella Rank: 467 i6.liadm.com — Cisco Umbrella Rank: 1591	13 KB
5	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2997 heapanalytics.com — Cisco Umbrella Rank: 2623	49 KB
4	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 816 sp.analytics.yahoo.com — Cisco Umbrella Rank: 779 ups.analytics.yahoo.com — Cisco Umbrella Rank: 268	2 KB
4	nosto.com connect.nosto.com — Cisco Umbrella Rank: 14995	89 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1636	67 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 google-analytics.com — Cisco Umbrella Rank: 24 ssl.google-analytics.com — Cisco Umbrella Rank: 243	37 KB
3	zendesk.com wearfigs.zendesk.com — Cisco Umbrella Rank: 116601	2 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	760 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 338	12 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 664 a18274933994.cdn.optimizely.com — Cisco Umbrella Rank: 114454 logx.optimizely.com — Cisco Umbrella Rank: 1013	87 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 687	19 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 626 cdn.stickyadstv.com — Cisco Umbrella Rank: 2067	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 630	853 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1730	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	737 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 281	596 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	429 B
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 10153	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 821	138 KB
1	getrockerbox.com getrockerbox.com — Cisco Umbrella Rank: 4031	672 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1102	7 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 652	418 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 727	457 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2123	220 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2186	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 935	427 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1682	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1661	336 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 698	241 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 469	784 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 554	671 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1130	426 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 720	476 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1664	232 B
1	privymktg.com 1 redirects privymktg.com — Cisco Umbrella Rank: 19827	950 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	9 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2052	257 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1433	157 B
1	pix.pub pix.pub — Cisco Umbrella Rank: 2759	410 B
1	pbbl.co cdn.pbbl.co — Cisco Umbrella Rank: 7877
1	afterpay.com js.afterpay.com — Cisco Umbrella Rank: 10798	57 KB
1	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 7566	936 B
1	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4615	375 B
1	pepperjam.com container.pepperjam.com — Cisco Umbrella Rank: 9154	9 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1376	8 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	83 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3100	37 KB
1	sentry.io o241518.ingest.sentry.io — Cisco Umbrella Rank: 94737	246 B
1	fbuy.me 1 redirects fbuy.me	204 B
1	friendbuy-mail.com 1 redirects email.friendbuy-mail.com	223 B
0	tvsciapi.com Failed pixel.tvsciapi.com Failed
291	80

	Domain	Requested by
41	magnolia.assets.prod.wearf1gs.com	www.wearfigs.com magnolia.assets.prod.wearf1gs.com gepi.global-e.com
22	cdn.shopify.com	www.wearfigs.com
10	static.zdassets.com	gepi.global-e.com static.zdassets.com
9	images.ctfassets.net	www.wearfigs.com
8	cdn.friendbuy.com	cdn1.friendbuy.com
8	ws.friendbuy.com	magnolia.assets.prod.wearf1gs.com
8	gepi.global-e.com	www.wearfigs.com gepi.global-e.com
7	cdn.cookielaw.org	gepi.global-e.com magnolia.assets.prod.wearf1gs.com
5	static-friendbuy-com.s3.amazonaws.com	cdn1.friendbuy.com static-friendbuy-com.s3.amazonaws.com
5	ct.pinterest.com	magnolia.assets.prod.wearf1gs.com
5	rbqnb9ch.wearfigs.com	gepi.global-e.com
5	analytics.tiktok.com	gepi.global-e.com analytics.tiktok.com
5	www.google.de
5	www.google.com
4	secure.adnxs.com	3 redirects
4	assets.privy.com	gepi.global-e.com
4	api-34-216-180-31.b2c.com	1 redirects gepi.global-e.com api-34-216-180-31.b2c.com
4	gum.criteo.com	3 redirects gepi.global-e.com
4	heapanalytics.com
4	googleads.g.doubleclick.net	gepi.global-e.com
4	connect.nosto.com	gepi.global-e.com magnolia.assets.prod.wearf1gs.com
4	s3.global-e.com
3	wearfigs.zendesk.com	static.zdassets.com
3	tr.snapchat.com	magnolia.assets.prod.wearf1gs.com
3	dis.criteo.com
3	www.affirm.com	magnolia.assets.prod.wearf1gs.com cdn1.affirm.com
3	cdn1.affirm.com	gepi.global-e.com www.affirm.com
3	d2hrivdxn8ekm8.cloudfront.net	gepi.global-e.com
3	bat.bing.com	gepi.global-e.com
3	webservices.global-e.com	gepi.global-e.com
3	www.wearfigs.com	magnolia.assets.prod.wearf1gs.com
2	cdn1.friendbuy.com	magnolia.assets.prod.wearf1gs.com djnf6e5yyirys.cloudfront.net
2	trc-events.taboola.com	magnolia.assets.prod.wearf1gs.com
2	djnf6e5yyirys.cloudfront.net	gepi.global-e.com
2	s.pinimg.com	gepi.global-e.com
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	fonts.googleapis.com	gepi.global-e.com
2	www.facebook.com
2	segment.prod.bidr.io	1 redirects
2	static.criteo.net	gepi.global-e.com
2	connect.facebook.net	gepi.global-e.com
2	unpkg.com	gepi.global-e.com
2	www.google-analytics.com	gepi.global-e.com magnolia.assets.prod.wearf1gs.com
1	ssl.google-analytics.com	cdn1.friendbuy.com
1	getrockerbox.com	gepi.global-e.com
1	ekr.zdassets.com	magnolia.assets.prod.wearf1gs.com
1	sc-static.net	gepi.global-e.com
1	d.turn.com	1 redirects
1	geolocation.onetrust.com	magnolia.assets.prod.wearf1gs.com
1	sync-criteo.ads.yieldmo.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	i.liadm.com	1 redirects
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	google-analytics.com
1	privymktg.com	1 redirects
1	events.privy.com	magnolia.assets.prod.wearf1gs.com
1	v4-api-34-216-180-31.b2c.com
1	sslwidget.criteo.com	gepi.global-e.com
1	cdnjs.cloudflare.com	cdn1.affirm.com
1	tracker.affirm.com	cdn1.affirm.com
1	mug.criteo.com
1	vc.hotjar.io	magnolia.assets.prod.wearf1gs.com
1	in.hotjar.com	magnolia.assets.prod.wearf1gs.com
1	ib.adnxs.com
1	api.privy.com	magnolia.assets.prod.wearf1gs.com
1	alb.reddit.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	trc.taboola.com	gepi.global-e.com
1	api-cf.affirm.com	magnolia.assets.prod.wearf1gs.com
1	logx.optimizely.com	magnolia.assets.prod.wearf1gs.com
1	vars.hotjar.com	gepi.global-e.com
1	d1lu3pmaz2ilpx.cloudfront.net	magnolia.assets.prod.wearf1gs.com
1	d330aiyvva2oww.cloudfront.net	magnolia.assets.prod.wearf1gs.com
1	dvqigh9b7wa32.cloudfront.net	magnolia.assets.prod.wearf1gs.com
1	stats.g.doubleclick.net	magnolia.assets.prod.wearf1gs.com
1	acdn.adnxs.com	gepi.global-e.com
1	script.hotjar.com	gepi.global-e.com
1	widget.privy.com	gepi.global-e.com
1	pix.pub
1	cdn.taboola.com	gepi.global-e.com
1	cdn.pbbl.co	gepi.global-e.com
1	js.afterpay.com	gepi.global-e.com
1	api.fouanalytics.com	gepi.global-e.com
1	cdn.attn.tv	gepi.global-e.com
1	b-code.liadm.com	gepi.global-e.com
1	static.hotjar.com	gepi.global-e.com
1	container.pepperjam.com	gepi.global-e.com
1	www.redditstatic.com	gepi.global-e.com
1	www.googleadservices.com	gepi.global-e.com
1	cdn.heapanalytics.com	gepi.global-e.com
1	www.googletagmanager.com	gepi.global-e.com
1	utils.global-e.com	www.wearfigs.com
1	web.global-e.com	gepi.global-e.com
1	www.datadoghq-browser-agent.com	magnolia.assets.prod.wearf1gs.com
1	o241518.ingest.sentry.io	magnolia.assets.prod.wearf1gs.com
1	a18274933994.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	www.wearfigs.com
1	redirect.friendbuy.com	1 redirects
1	fbuy.me	1 redirects
1	email.friendbuy-mail.com	1 redirects
0	pixel.tvsciapi.com Failed	gepi.global-e.com
291	125

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.opera.com
www.apple.com
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.com
help.wearfigs.com
hello.wearfigs.com
wearfigs.attn.tv
ir.wearfigs.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
wearfigs.com Amazon	`2021-06-21` - `2022-07-20`	a year	crt.sh
*.global-e.com Sectigo RSA Organization Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
assets.prod.wearf1gs.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.ingest.sentry.io R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
utils.global-e.com GTS CA 1D4	`2022-01-26` - `2022-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.pepperjam.com Go Daddy Secure Certificate Authority - G2	`2022-01-29` - `2023-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-02` - `2022-04-02`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
cdn1.affirm.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.attn.tv Amazon	`2021-03-08` - `2022-04-06`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.afterpay.com DigiCert SHA2 High Assurance Server CA	`2020-03-16` - `2022-05-25`	2 years	crt.sh
*.pbbl.co Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
*.nosto.com Amazon	`2022-02-02` - `2023-03-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
pix.pub Amazon	`2022-01-11` - `2023-02-08`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
affirm.com Amazon	`2021-12-22` - `2023-01-18`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-21` - `2022-05-11`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
rbqnb9ch.wearfigs.com R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
getrockerbox.com Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-12`	a year	crt.sh
*.friendbuy.com Amazon	`2021-04-13` - `2022-05-12`	a year	crt.sh
wearfigs.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Frame ID: F81D813D1A96285D47415EB543B4EC9E
Requests: 224 HTTP requests in this frame

Frame: https://a18274933994.cdn.optimizely.com/client_storage/a18274933994.html
Frame ID: 0D810DE7CA150FD55724FB5EE3190657
Requests: 1 HTTP requests in this frame

Frame: https://webservices.global-e.com/shared/prefetcher/1021/US?cb=1648243969
Frame ID: F9C80847507E616FA13F75C93B7C3D3B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 3682476E08C4D9F7E1CDFA389072A0A4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.wearfigs.com&origin=onetag
Frame ID: 8795C33DC6D05EA0F4466E8D309D740B
Requests: 2 HTTP requests in this frame

Frame: https://www.affirm.com/apps/toast/
Frame ID: F9B16372DF3C388C991FD2751FC55FDD
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D32376732D7EBC314BA829DD8696F00B
Requests: 1 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=0aSXRxTqY_ZutZ4Hzb_usqW9WEFPRIeg
Frame ID: 303708BC1066587A2CACB8A5296EBB33
Requests: 30 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cfc785d1-a6c1-4b34-bdee-2b6334c192e8
Frame ID: E253028AC86E3177F09CE7D85B735354
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: FD204700DF2FC2D12DDC6AD234E734E6
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7087ba75b8c1e5e6f895.js
Frame ID: 6CE505EF6DF57E1D7418485DCC43EA32
Requests: 12 HTTP requests in this frame

Frame: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Frame ID: 8B4E54AB868F6C04BA46CBE018AE0D26
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FIGS Scrubs Official Site - Medical Uniforms & ApparelBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://email.friendbuy-mail.com/ls/click?upn=DioecEVLRrkPf3YyA6CWjGmynMpjX-2Fj2xJswi9gDUYY-3Deqor_YqVc2Q6Tax... HTTP 302
http://fbuy.me/tvBF3 HTTP 301
https://redirect.friendbuy.com/tvBF3 HTTP 301
https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_mediu... Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Global-e (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

web\.global-e\.com

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Nosto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

connect\.nosto\.\w+/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

291
Requests

94 %
HTTPS

40 %
IPv6

80
Domains

125
Subdomains

106
IPs

9
Countries

8374 kB
Transfer

16503 kB
Size

103
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/
Title: Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.opera.com/
Title: Opera

Search URL Search Domain Scan URL

URL: https://www.apple.com/safari/
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wearFIGS/
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/wearFIGS/
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wearFIGS/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wearFIGS/
Title: pinterest

Search URL Search Domain Scan URL

URL: https://help.wearfigs.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://hello.wearfigs.com/teams/
Title: Team Orders

Search URL Search Domain Scan URL

URL: https://wearfigs.attn.tv/p/8Nr/landing-page
Title: Sign up for Texts

Search URL Search Domain Scan URL

URL: https://help.wearfigs.com/hc/en-us/requests/new
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://ir.wearfigs.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.friendbuy-mail.com/ls/click?upn=DioecEVLRrkPf3YyA6CWjGmynMpjX-2Fj2xJswi9gDUYY-3Deqor_YqVc2Q6TaxfIVY64HpFtF2HEMpFxgBwVGswu0Si7MynkBi2cAUTNTIlglc4N3rwwu0M-2FFsDJqbS1rQMXpPiTuX-2F90ol5q4h3wBxNcxE9f5mJb1-2BF8OXD4pr4e6A9KACm6Wm0RwRib643ZJyNFsyBgWp3Yu-2F8Nl1gwzAJgbiHdT6-2FeiAkHpTX8O2QhQGgXWuwSreMvkOmfX43xq9Bkd8jDaCERKctaRd5KXKdjO1eAwSK1-2F22RESZ3iwBKskBn-2FC7iM1c-2Fryo9zfEB5Cky-2Fjd1R-2B4Y6Sgl5-2B6jLm8cXYZQ6PzwsL6Q96hz5PCwRQuvcyIAhSWMdJkkntl5sGFVuXxuA-3D-3D HTTP 302
http://fbuy.me/tvBF3 HTTP 301
https://redirect.friendbuy.com/tvBF3 HTTP 301
https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=809405384 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=809405384&_bee_ppp=1

Request Chain 136

https://rp.liadm.com/j?dtstmp=1648243969897&aid=a-04bo&se=e30&duid=c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9&tna=v2.3.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&wpn=lc-bundle&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIEZJR1MgZm9yIGNvbWZvcnRhYmxlIGRlc2lnbmVyIHNjcnVicyBhbmQgbWVkaWNhbCBhcHBhcmVsIHRoYXTigJlzIDEwMCUgYXdlc29tZS4gVG9ucyBvZiBjb2xvcnMgYW5kIGZhc2hpb25hYmxlIHN0eWxlcy4gR2V0IHJlYWR5IHRvIGxvdmUgeW91ciBzY3J1YnMhIj4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1648243969897&aid=a-04bo&se=e30&duid=c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9&tna=v2.3.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&wpn=lc-bundle&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIEZJR1MgZm9yIGNvbWZvcnRhYmxlIGRlc2lnbmVyIHNjcnVicyBhbmQgbWVkaWNhbCBhcHBhcmVsIHRoYXTigJlzIDEwMCUgYXdlc29tZS4gVG9ucyBvZiBjb2xvcnMgYW5kIGZhc2hpb25hYmxlIHN0eWxlcy4gR2V0IHJlYWR5IHRvIGxvdmUgeW91ciBzY3J1YnMhIj4&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true

Request Chain 156

https://gum.criteo.com/sid/json?origin=onetag&domain=wearfigs.com&sn=ChromeSyncframe&so=0&topUrl=www.wearfigs.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=2vdy8nw2dFlZdS9mU3ZlRXl2YWVvNXdLdWxLdk5mL01VNmgvNzhwTTU0WFE2RncxMVFzdWt1a3BKS1R6MXB2bklSU3FlVHZzUk92R1VMRjBOQ3JCektYYnJnaW1vMUo3dTNjbFRQamVDU2lOUko2VFhrRTdoMTU3NnU4M0d0dEN1cGhWdFlrczVrdnFNZ2xmdmJPTy9wd2RrRjlERmZFTlRCR3VuMm5VWTdTNDFQNEQzTC9xbHVZZW9UK2plOTlTbFowSjQ3N1hVaHJERUlWc2xiRzRZaWM0WU1Kd3RNOGlHQnc1WWNkYWN2QllqRUVnZDRLbHlBUkp3UjJDdHkyQlBlSHFvR3RZY0xFU1V3V2ZFSDdQc1dCZFQ5QT09fA&cppv=2

Request Chain 165

https://api-34-216-180-31.b2c.com/api/x?NzY93fpJKKYEtCoQ$dXJsJDAkaHR0cHM6Ly93d3cud2VhcmZpZ3MuY29tLz91dG1fY2FtcGFpZ249UG9zdC1QdXJjaGFzZStPdmVybGF5Ky0rTWFyY2grMjAyMSZ1dG1fY29udGVudD1lbWFpbCZ1dG1fbWVkaXVtPXJlZmVycmFsJnV0bV9zb3VyY2U9RnJpZW5kYnV5JmZidXlfcmVmX2NvZGU9dHZCRjMiLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRldmljZU1lbW9yeSQxJDgiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDQiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIm5hdmlnYXRvci1oYXNoJDMkMjRhMTEwNTIiLCJuYXZpZ2F0b3ItdGltZSQzJDEuNyIsInNlbmRCZWFjb24kMyQxIiwiZm9udHJlbmRlciQ1MSQxIiwidGltZSQ1MSQxNjQ4MjQzOTcwMTQ3IiwidGltZXpvbmUkNTEkMCIsInBsdWdpbnMtdGltZSQ1MiQwLjEiLCJwbHVnaW5zJDUyJGI2ZDA1NTU4IiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ1MiQ0NC43IiwibWVtLXVzZWRKU0hlYXBTaXplJDUyJDMzLjEiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDUyJDM3NjAiLCJ0aW1lLWZldGNoU3RhcnQkNTIkMTQyNyIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkNTIkMTQyOCIsInRpbWUtZG9tYWluTG9va3VwRW5kJDUyJDE0NjEiLCJ0aW1lLWNvbm5lY3RTdGFydCQ1MiQxNDYxIiwidGltZS1jb25uZWN0RW5kJDUyJDE0ODkiLCJ0aW1lLXNlY3VyZUNvbm5lY3Rpb25TdGFydCQ1MiQxNDcwIiwidGltZS1yZXF1ZXN0U3RhcnQkNTIkMTQ4OSIsInRpbWUtcmVzcG9uc2VTdGFydCQ1MiQxNTEzIiwidGltZS1yZXNwb25zZUVuZCQ1MiQxNTU3IiwidGltZS1kb21Mb2FkaW5nJDUyJDE1MTYiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDUyJDE1NzIiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0JDUyJDIwOTIiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ1MiQyMDkyIiwidGltZS1kb21Db21wbGV0ZSQ1MiQyNDcwIiwidGltZS1sb2FkRXZlbnRTdGFydCQ1MiQyNDcwIiwidGltZS1sb2FkRXZlbnRFbmQkNTIkMjQ3MiIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ1MiQwIiwibmF2aWdhdGlvbi10eXBlJDUyJG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDY2JDAuMyIsImdsb2JhbHMkNjgkNGYxZTNkMmMiLCJkb2N1bWVudC10aW1lJDgyJDIuNCIsImRvY3VtZW50JDgyJDkwMmQwYmMzIiwiY29ubmVjdGlvbiQ4MiQiLCJkb3dubGlua01heCQ4MiQiLCJnZXRVc2VyTWVkaWEkODMkMiIsInBhZ2UtZnJhbWUtY291bnQkODMkNiIsInBhZ2UtZnJhbWUtbGlzdCQ4MyQweDAjYTE4Mjc0OTMzOTk0LmNkbi5vcHRpbWl6ZWx5LmNvbSAweDAjd2Vic2VydmljZXMuZ2xvYmFsLWUuY29tIDB4MCN2YXJzLmhvdGphci5jb20gMHgwI2d1bS5jcml0ZW8uY29tIDB4MCNub3N0by1zYW5kYm94IDF4MSN3d3cuYWZmaXJtLmNvbSIsInBhZ2UtaGFzaC10aW1lJDg3JDMuNSIsInBhZ2UtaGFzaCQ4NyRlODMxYWYwNSIsImZvbnQkMTEwJDEwMDAwMDAiLCJzdHlsZS1oYXNoJDExMSQzNGQ3NmEzMiIsInN0eWxlLXRpbWUkMTExJDAuNiIsImF1ZGlvLWNvZGVjJDExMSQyMjIxMiIsInZpZGVvLWNvZGVjJDExMiQyMjIwMDAiLCJjbG9jayQxMTkkNTUwNyIsInNvcnQkMTMwJDEwLjQiLCJzdGFjayQxMzEkMTM5ODAiLCJzdGFjay1lcnJvciQxMzEkUmFuZ2VFcnJvcjogTWF4aW11bSBjYWxsIHN0YWNrIHNpemUgZXhjZWVkZWQiLCJzdGFjay10aW1lJDEzMSQxLjEiLCJ3ZWJnbCQxMzgkMSIsIndlYmdsMiQxMzgkMSIsIndlYmdsLXZlbmRvciQxMzkkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDEzOSRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDEzOSRjNTM4MjBmZSIsIndlYmdsLXRpbWUkMTM5JDcuOSIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMTUxJHByb21wdCIsImJhdHRlcnkkMTUxJDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDE1MyRmN2U3MTJkOSIsImF1ZGlvY29udGV4dC10aW1lJDE1MyQzOC43IiwiaW50ZXJzZWN0aW9uLXNpemUkMTU0JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQxNTQkMjMiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkMTYxJHByb21wdCIsInBlcm1pc3Npb24tY2FtZXJhJDE2MSRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkMTYxJHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDE2MSRwcm9tcHQiLCJhZGJsb2NrJDE2NSQwIiwiZnJhbWVyYXRlJDI1NCQ3MA~~ HTTP 302
https://v4-api-34-216-180-31.b2c.com:444/api/4?NzY93fpJKKYEtCoQ

Request Chain 172

https://privymktg.com/collect?v=1&cid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=5435473398516186 HTTP 302
https://google-analytics.com/collect?v=1&cid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=5435473398516186

Request Chain 179

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=0aSXRxTqY_ZutZ4Hzb_usqW9WEFPRIeg

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1wc0ZoeTFHZ3lnRTN1bVo0Si1EY3p5Z3lYb0dwd3JVeV80LXBZdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 185

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-wYKQcFGgygE3umZ4J-DczygyXoFuwjRJ2_On-Q HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-wYKQcFGgygE3umZ4J-DczygyXoFuwjRJ2_On-Q&verify=true

Request Chain 189

https://secure.adnxs.com/setuid?entity=52&code=k-w_r741GgygE3umZ4J-DczygyXoFyua058AQD-Q&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-w_r741GgygE3umZ4J-DczygyXoFyua058AQD-Q%26seg%3D95287

Request Chain 191

https://eb2.3lift.com/xuid?mid=2711&xuid=k-UYxt01GgygE3umZ4J-DczygyXoHqzb2fHi-j-A&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-UYxt01GgygE3umZ4J-DczygyXoHqzb2fHi-j-A&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 193

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw&C=1

Request Chain 195

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-OdEJVVGgygE3umZ4J-DczygyXoEHyBSuuZw0Ew&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OdEJVVGgygE3umZ4J-DczygyXoEHyBSuuZw0Ew&expires=30&user_group=5

Request Chain 201

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tEC-xFGgygE3umZ4J-DczygyXoEBXwuRtV6Zeg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tEC-xFGgygE3umZ4J-DczygyXoEBXwuRtV6Zeg

Request Chain 202

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-813md1GgygE3umZ4J-DczygyXoEOAXj-RK8qBQ HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-813md1GgygE3umZ4J-DczygyXoEOAXj-RK8qBQ

Request Chain 205

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-CRRpQlGgygE3umZ4J-DczygyXoHOhA0vGxH4qQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 219

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/ifRkkq-Yi4JNjyA5U15JJ6Iuz3-__0d7/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3876476978028544413

Request Chain 220

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5689770396827558777

291 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wearfigs.com/
Redirect Chain

http://email.friendbuy-mail.com/ls/click?upn=DioecEVLRrkPf3YyA6CWjGmynMpjX-2Fj2xJswi9gDUYY-3Deqor_YqVc2Q6TaxfIVY64HpFtF2HEMpFxgBwVGswu0Si7MynkBi2cAUTNTIlglc4N3rwwu0M-2FFsDJqbS1rQMXpPiTuX-2F90ol5q4h...
http://fbuy.me/tvBF3
https://redirect.friendbuy.com/tvBF3
https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

281 KB
34 KB

85ms
24ms

Document
text/html

18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-46.dus51.r.cloudfront.net
Software: envoy / Next.js
Resource Hash: e71d05b1a18c2eb2e63ffb0cded3274181051008387342649d956a3de5a2450d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: max-age=0, s-maxage=600, public
etag: W/"46360-wvnMPM37xVfI0SuN/vBfzE3+iCU"
date: Fri, 25 Mar 2022 21:32:48 GMT
x-envoy-upstream-service-time: 607
server: envoy
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 0mclceMufLe5g5bnU82zH3IlPpoUAKA6XThBZ-wIQ3PEVmZk-OO5XQ==

Redirect headers

date: Fri, 25 Mar 2022 21:32:48 GMT
content-type: text/html; charset=utf-8
content-length: 543
location: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
server: nginx
cache-control: private; max-age=90
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"

GET
H2 200 1021 Show response
gepi.global-e.com/includes/js/ 219 KB
65 KB 128ms
67ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/includes/js/1021
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2abfb249f27ab0655daf7b3cfdb5da05968f0d715fc18988756b7cce06a86502

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:48 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
last-modified: Fri, 25 Mar 2022 19:59:27 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: GEM_JS, GEM_JS_1021
content-type: application/x-javascript; charset=utf-8
cf-cache-status: HIT
cache-control: public, max-age=1200
cf-ray: 6f1ac2e3cce5cc42-ZRH
expires: Fri, 25 Mar 2022 21:52:48 GMT

GET
H2 200 1021
gepi.global-e.com/includes/css/ 98 B
310 B 144ms
83ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/includes/css/1021
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c5162278b8ff0987662b06f616fbb47deebcc0a1f7cfffb4fb79cabdfcf026da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:48 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
edge-cache-tag: GEM_CSS, GEM_CSS_1021
pragma: no-cache
x-aspnetmvc-version: 4.0
last-modified: Fri, 25 Mar 2022 21:32:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-store
cf-polished: origSize=121
cf-ray: 6f1ac2e3cce4cc42-ZRH
cf-bgj: minify

GET
H2 200 747cc78aba831d72ce3e.css
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/css/ 3 KB
1 KB 82ms
10ms Stylesheet
text/css 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/css/747cc78aba831d72ce3e.css
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0f50cd7363d3fcd7e2eac30723a0be9e2e45c480d782a2f0a95bd384fdb5eba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:14 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85114
etag: W/"9bd8d0322109b80409d728c3ff546b6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TXflRuD7Zgw7HLXhh1bW5O6Xz0yjcpmGpPGQRycReBQvBfqO6lGfPw==

GET
H2 200 18267933827.js Show response
cdn.optimizely.com/js/ 278 KB
85 KB 66ms
21ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/18267933827.js

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f95c1b63d886d244ae289d6b80164c8f94c32ef15a664c0d4476b7696609b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: e88acdwGOvlq5uezJNTd.qO1GJqFlcuH
content-encoding: gzip
etag: "0921d58c9d90022dab3e9b631bb68d4f"
x-amz-request-id: 5S0BVVCGYJ40ZMEC
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1722
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 86219
x-amz-id-2: nkhkOOzpOLH2eHikYnSSFJhQUL/H0XYurKAg4PWAF3EDWuYjPxOIk+GvSj6hqsWainBfSjhcDVU=
last-modified: Fri, 25 Mar 2022 19:51:09 GMT
server: AmazonS3
date: Fri, 25 Mar 2022 21:32:48 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 webpack-cafabf09e1b08d414c6b.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 5 KB
3 KB 78ms
11ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/webpack-cafabf09e1b08d414c6b.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e18d5f85e55d9c0cbc7ad63fe4119c8253568d04808b49006b198e0c966cdd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:15 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85114
etag: W/"ffdcec9c7195e9511fcf1217eb27e056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Mh1BSeOYFTD0oB_FOzrdLXHRi2iMkReA-WNrOo24hZGcZ8FxP-I2iA==

GET
H2 200 framework-56dc96a11889c53d8326.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 129 KB
42 KB 85ms
17ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/framework-56dc96a11889c53d8326.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f014938ebbd05d00c25169f07c093462dc62e647febdd9dd714177f7ced808c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:15 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:51 GMT
server: AmazonS3
age: 85114
etag: W/"ee0da923d485822696a0ebd95a38c8d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ef1pkXq9xYrc33gr2HdfIN4I_7EhurQcoLPjYejcwO7vc286P_QlVA==

GET
H2 200 main-729500de806b09c80051.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 90 KB
27 KB 79ms
12ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 660fd4ca089d5f9e52f8abdb62d8b1ca98ad2fe554364a6b6e6d01a38ef98bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:15 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85114
etag: W/"95a847beb56efa1978875cee89673bd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dcK2b3KZlH8K15qkfBmkklY5rSJTc5Fmbl2in6XQqTwDWTGmqXcs9A==

GET
H2 200 _app-8a0d38a7d72811db31ca.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/ 1 MB
370 KB 89ms
22ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 890c8e84e55b1f2d6d0f617f7b6cf6fa8cfc6ea5c55bfdf78081b6252f3cb815

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:15 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:44 GMT
server: AmazonS3
age: 85114
etag: W/"14248e9e3df5801b649f07249ebe19d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9tRixZ0xjDNeTg-2j-5exy7G6g7FeYPD1b0T8Ox6tXp6dZ_qN779HA==

GET
H2 200 8671-19dd63b47f9ea92b050b.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 15 KB
6 KB 78ms
11ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/8671-19dd63b47f9ea92b050b.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a91836e2644510e44cd3a91b1a217ce771c2c93870ee8009ecc23a97bc445f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:16 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:51 GMT
server: AmazonS3
age: 85113
etag: W/"b530436bb74cc5945c95dce1a3e57863"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VGUd4yThebck6UoWA0RmBbRO1aRKBbdYaeOk-8gQp5cTugvetuEZ_w==

GET
H2 200 8402-9e9027b8fcd5e53c9234.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 54 KB
14 KB 30ms
27ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/8402-9e9027b8fcd5e53c9234.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd2c8e1d3d26b9d29dfa282199888f576f0780be4b5f4b7d6470f843c63c3a98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:35 GMT
server: AmazonS3
age: 84986
etag: W/"f1824e3169af6246a5e1660c3da0cbb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: PLoMRh_cYo4VHD04e9hW6fiCJ_SWUZF3d7EGPz5ZRNH8E6kJI1LJOw==

GET
H2 200 5491-3ce3312ee466d55d366d.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 8 KB
3 KB 36ms
33ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/5491-3ce3312ee466d55d366d.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0967f621628c8edb4d931628c455e028d645ade5e6240b2bc3c220587b2b09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:16 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:52 GMT
server: AmazonS3
age: 85113
etag: W/"b5a79ddd4d5f5c7c319227478a47310d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ZPsITkQlXbJPKEfsehMzXOI7x43-gjhZHvl1CKwK_jZ6X8CaYllvHw==

GET
H2 200 354-3cdc56cf3526973cc893.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 34 KB
10 KB 29ms
26ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/354-3cdc56cf3526973cc893.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2da008ebd641a93284e17c469057184fb945eefd4ad51748aed3c6f966e68746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:17 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85112
etag: W/"ea794b309ae862b9ca0edf7d5e96073b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: oc0yQH8_ih0OQHbUljyuiSDieJlP73Qfm026-Aul-5coe0py6TNUyQ==

GET
H2 200 4695-0582cc9e3bcab971520b.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 20 KB
8 KB 30ms
27ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/4695-0582cc9e3bcab971520b.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4550040dff4d38f29c36a8173f35de1058faefea0eafeb81d3e3d8fe592b8e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:28 GMT
server: AmazonS3
age: 84986
etag: W/"e155d913648a023fd1a69b337bb398b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: RRQHpTtz3vYFr91QCJxrgFVzthSYbEYTS3Zey1FX2BQ2OyxJDe30CQ==

GET
H2 200 9227-43c8088e98bcb97a6c0e.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 15 KB
5 KB 31ms
29ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9227-43c8088e98bcb97a6c0e.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0ecc46fb9529c0f1532af342f2b995054af937e89c3d50287be79c43fe3fa20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85111
etag: W/"16a6ae00f3cd1702b1237fea69a342ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9w8WRKExf5d1SMS4IknWwPLDJwHFzYyLOaxbCBAGinlWlDhvXpx_Dg==

GET
H2 200 9448-403ab03fe0613be46336.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 14 KB
5 KB 36ms
33ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9448-403ab03fe0613be46336.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abf908f7d6a6b5b8d35e3df43f8be5916b2a17681335f7c77a34e4af9c833648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:52 GMT
server: AmazonS3
age: 84987
etag: W/"7424ca68a5827550e3560b3e101ab4c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: QNLjRhqXPChXtugwIWTjGUbRAOwzCGACbtww2_H30vHUwCo8THO48A==

GET
H2 200 8977-2729eefa40158d02c85a.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 13 KB
5 KB 36ms
34ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/8977-2729eefa40158d02c85a.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 599c262e13c82a1420c4737037ff9892052291e1985baa2045602b7b5a2331d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 84987
etag: W/"3f03302887751a56fba6833a33337f5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: IM_VlTqw2D2LOBfa1sF3mA0Nk1SakRAEC1R4z4TIQU6czuoASXI-Lg==

GET
H2 200 296-dc54b54b073e47dcb25a.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 64 KB
16 KB 37ms
34ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/296-dc54b54b073e47dcb25a.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfacd297a4b7d3007e838ccdde45577f226e95a498106340cdbdfbb442e359cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 84987
etag: W/"840f33fe173e4ccd63bac9b6c7a6ef11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: m6d0Ba3TGrWpyzJP_n-9zSuMEF07_4eR917pP1mjDJMcZ1yLHZQnuA==

GET
H2 200 index-c451bf28e79713b9a8f9.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/ 3 KB
2 KB 38ms
35ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/index-c451bf28e79713b9a8f9.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8847672baccea591de6001e791a489aa1b5ada49f5668d2b162d4de6816511e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:36 GMT
server: AmazonS3
age: 84986
etag: W/"c04e3cbf2147a92e3b72dc32603daf5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fcXiDPPurayQOVNueOx8SwU6nYZB_Fu9sHG1JLMxd-VM_ps9PT9QMg==

GET
H2 200 _buildManifest.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/1DTu-BRmHGj9owwqrQLxz/ 4 KB
2 KB 37ms
35ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/1DTu-BRmHGj9owwqrQLxz/_buildManifest.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8898f2bb55652fd7cdb07c22932f854f8f41ff50eb66ae01a78930f8c71f9f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85110
etag: W/"3e768807ffadabc869d9d20d4cb3b536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: lr8v1BNja52GHh_uks725nk1CDxdWtNSznMmeUjovnRCOr56-e7ZiQ==

GET
H2 200 _ssgManifest.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/1DTu-BRmHGj9owwqrQLxz/ 77 B
461 B 37ms
35ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/1DTu-BRmHGj9owwqrQLxz/_ssgManifest.js
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:19 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 23:43:26 GMT
server: AmazonS3
age: 85110
etag: "b6652df95db52feb4daf4eca35380933"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 77
x-amz-cf-id: R-Ivh0ceTGCGYZbFFnwc2PWTAk6ExMGGNDgxt9htlpCSlq-2MbMxug==

GET
H2 200 DESKTOP_HP_HWFits_2880x1440_W__1_.gif
images.ctfassets.net/5j6wpslh72e4/7sfEubJt1hgLQarzUZHpYb/68ecab49a92b8f4991e22c7fdc1989c8/ 3 MB
3 MB 43ms
11ms Image
image/gif 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/7sfEubJt1hgLQarzUZHpYb/68ecab49a92b8f4991e22c7fdc1989c8/DESKTOP_HP_HWFits_2880x1440_W__1_.gif
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6e505bbf6bc061310c8e5b19928446e375898a377287196d378ade76a5bea397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 06:59:14 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 18:14:47 GMT
server: Contentful Images API
age: 52415
etag: "75b2e95a46c980dc6b4a2381735309a6"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 2800177
x-amz-cf-id: hp9nvZs_R3QjKIje4fCvW-79F1xKMQegQE4ixhRdzCzLhrBMGzCWlg==

GET
H2 200 fb.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 275 B
889 B 90ms
19ms Image
image/svg+xml 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/fb.svg?v=1625598562

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

4b9823efcf399e051dbe0b59db5b8737ac18c4bae25e297ae3eef9e7565f1013

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
fastly-original-body-size: 275
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.456,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 198
x-xss-protection: 1; mode=block
x-request-id: bd5a811ca55028e211c92faad4709a51
x-served-by: cache-lga21967-LGA, cache-mxp6940-MXP
x-cdn: Fastly, http2
server: cache-mxp6940-MXP
x-timer: S1648243969.648605,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/fb.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 twitter.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 920 B
1 KB 88ms
17ms Image
image/svg+xml 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/twitter.svg?v=1625598562

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

f5902d035a83bac762333f76a73e62b8918674ada53374fb5dfccd6abba6ad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.064,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 485
x-xss-protection: 1; mode=block
x-request-id: 94140002d13705cd326f3e274e0623a0
x-served-by: cache-lga13627-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243969.648620,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/twitter.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 ig.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 1 KB
700 B 39ms
18ms Image
image/svg+xml 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/ig.svg?v=1625598562

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

6d4f572bac358d523c32e30153af5aee1775e20c95fc5c362db33985599923dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.033,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 474
x-xss-protection: 1; mode=block
x-request-id: 6409aba2bf779fc00b9ca031e321120e
x-served-by: cache-lga21928-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243969.648728,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/ig.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 pin.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 795 B
655 B 41ms
19ms Image
image/svg+xml 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/pin.svg?v=1625598562

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

f0f213fd458997140528cb457fd532c1d1f28a00e17ce4deedc50618e5f02a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.992,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 426
x-xss-protection: 1; mode=block
x-request-id: 6d0d0e565934abbce7ab663cc52c3ca9
x-served-by: cache-lga21933-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243969.649333,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/pin.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 youtube.svg
cdn.shopify.com/s/files/1/3101/9164/files/ 609 B
561 B 35ms
18ms Image
image/svg+xml 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/3101/9164/files/youtube.svg?v=1625598562

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

66bb4cd150935b5a45caeb0f53bfd21a78b087fad6c507b810e5d5d84072d37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.011,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 317
x-xss-protection: 1; mode=block
x-request-id: 09e7b4b12f0674d43f9097ff39e68f91
x-served-by: cache-lga21938-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243969.649118,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/3101/9164/files/youtube.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 flag-globe-icon.png
cdn.shopify.com/s/files/1/0139/8942/files/ 3 KB
3 KB 34ms
19ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/flag-globe-icon.png?v=1607119990

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

f6e2e0851d638a37167523b684920a0c68c6b9d89b8f354b2395eb2bdb107ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.021,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 3146
x-xss-protection: 1; mode=block
x-request-id: b3723c7bd29715ba8cdc1b8740a02fe0
x-served-by: cache-lga21969-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243969.649236,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/flag-globe-icon.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 a18274933994.html Show response
a18274933994.cdn.optimizely.com/client_storage/ Frame 0D81 2 KB
1 KB 38ms
8ms Document
text/html 23.67.128.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a18274933994.cdn.optimizely.com/client_storage/a18274933994.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18267933827.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.128.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-128-30.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a08308f74ad2a0d91ec29b62ea2a2dab894b47f5e8fa133e414c7626a5a3ac8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

x-amz-id-2: e4ZsBr3R++5OYEOfevsF+NBOY9PtSq0iFrWqM0p8RWIZ1NxVrkKGEZdgiNmBqidz6OwlVslh1X0=
x-amz-request-id: TZXNW68JMNKKENJZ
x-amz-replication-status: COMPLETED
last-modified: Fri, 25 Mar 2022 19:51:06 GMT
etag: "cc9bf3277ad7e1069a08cc245c5bb698"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: 81zYnLinHKnZTbyo4uDW7BNa7L1O36VC
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
content-length: 807
vary: Accept-Encoding
cache-control: max-age=120
date: Fri, 25 Mar 2022 21:32:48 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="23.67.128.30";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
o241518.ingest.sentry.io/api/5200726/envelope/ 2 B
246 B 40ms
9ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o241518.ingest.sentry.io/api/5200726/envelope/?sentry_key=48863dea23f74fc882b8e2020709283d&sentry_version=7

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:32:48 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.wearfigs.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
62 KB 58ms
23ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2?v=1608583712

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6953-MXP /

Resource Hash

374df3dfdc8e680a5b78dbd2317d40fa2b6e4e7021dd2383d72d0441e4d49d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
fastly-original-body-size: 62848
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.062,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 62848
x-xss-protection: 1; mode=block
x-request-id: df91fec17c9264ff18b4fad96b62545b
x-served-by: cache-lga21931-LGA, cache-mxp6953-MXP
x-cdn: Fastly, http2
server: cache-mxp6953-MXP
x-timer: S1648243969.873802,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Bold_8df06299-5e95-4d39-9df9-7d7e79f77a0d.woff2>; rel="canonical"
x-cache-hits: 3, 1

GET
H2 200 FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
61 KB 74ms
39ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2?v=1608583712

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6953-MXP /

Resource Hash

b7e477e5b8b86ca6b1358fbeb87736615204866bded195fc73b9f054529910ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
fastly-original-body-size: 61980
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.145,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 61980
x-xss-protection: 1; mode=block
x-request-id: da5eee7c6f6d0ccbc6fb84421800166a
x-served-by: cache-lga21924-LGA, cache-mxp6953-MXP
x-cdn: Fastly, http2
server: cache-mxp6953-MXP
x-timer: S1648243969.873925,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-SemiBold_0d6ce5d3-5bf1-463b-986e-ea3416e24fad.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 59 KB
59 KB 74ms
40ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2?v=1608583712

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6953-MXP /

Resource Hash

c359ca086a363b7c2aedef74522528f2b70f37cec4059e0c3ee9d7b12f9d5609

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
fastly-original-body-size: 59988
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.859,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 59988
x-xss-protection: 1; mode=block
x-request-id: 1af0009c13dff131bd995ade057f4b3e
x-served-by: cache-lga13623-LGA, cache-mxp6953-MXP
x-cdn: Fastly, http2
server: cache-mxp6953-MXP
x-timer: S1648243969.874158,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Regular_c51c1dfd-7310-441e-a64c-87119b4c4c0f.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 61 KB
62 KB 74ms
40ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2?v=1608583712

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6953-MXP /

Resource Hash

2207492a2cc099f6c61e6f89b630cb4d3c4b0604ca481a0bb83389d9341ac52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.013,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 62948
x-xss-protection: 1; mode=block
x-request-id: 1ea82c184d9a81d0e3f13bf6c55cc451
x-served-by: cache-lga21966-LGA, cache-mxp6953-MXP
server: cache-mxp6953-MXP
x-timer: S1648243969.873930,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-ExtraBold_e661ec5a-1be6-45af-86c0-d32321b0e195.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2
cdn.shopify.com/s/files/1/0139/8942/files/ 57 KB
58 KB 100ms
66ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2?v=1608583712

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6953-MXP /

Resource Hash

815ff4c9b8b41e38d4db9628ba39f07ca3ce2da7efb4fad31c25ac54160b85db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.052,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 58580
x-xss-protection: 1; mode=block
x-request-id: bf13319145d1583f2dd5becae81ce61c
x-served-by: cache-lga21949-LGA, cache-mxp6953-MXP
server: cache-mxp6953-MXP
x-timer: S1648243969.874074,VS0,VE1
date: Fri, 25 Mar 2022 21:32:48 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/FIGS-Medium_e3541d50-e32c-42f5-a78f-ba92fa2395b6.woff2>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 HPCAROUSEL_NightSky.jpg
images.ctfassets.net/5j6wpslh72e4/4ZfDmRpkJSLKTOfbh1Zwe4/2e6aa604fada075b6f0a297b1c270574/ 66 KB
66 KB 13ms
11ms Image
image/jpeg 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/4ZfDmRpkJSLKTOfbh1Zwe4/2e6aa604fada075b6f0a297b1c270574/HPCAROUSEL_NightSky.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ada737477de9c9476e7c9a1ab98cd7874020b726d68038b13616de7661d367bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 02:35:26 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Fri, 11 Mar 2022 19:08:17 GMT
server: Contentful Images API
age: 68242
etag: "9c16234d4f9de54aae710ff7edda5707"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 67627
x-amz-cf-id: iAlzWgUdVIuCLEHRDHMcGaARJwa0YK90txM_3isf6rKmysfgPmTHzA==

GET
H2 200 HPCAROUSEL_VaporBlue.jpg
images.ctfassets.net/5j6wpslh72e4/4KSryjHmUPQPEx3pXNeQYs/1e4dcd118eb6adbdde356217230bdf74/ 78 KB
78 KB 39ms
37ms Image
image/jpeg 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/4KSryjHmUPQPEx3pXNeQYs/1e4dcd118eb6adbdde356217230bdf74/HPCAROUSEL_VaporBlue.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a57b2b4d8769daebf7627bc18efb149ee0304b59f4d68a4850f7e1672451273c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 02:01:53 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Fri, 11 Mar 2022 19:08:17 GMT
server: Contentful Images API
age: 70255
etag: "dc7f521f95161197f734279c49cd0649"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 79768
x-amz-cf-id: 4cxYQgxOdIbhPrcgzkhyrNF6uUr4nwdBVpGGPek-od1ftTBsQRnSlw==

GET
H2 200 HPCAROUSEL_Electric_Orchid.jpg
images.ctfassets.net/5j6wpslh72e4/5iY6r4tWvecmgcbWqFayWX/586440f345644f16a96927ae9d4b4907/ 89 KB
89 KB 40ms
38ms Image
image/jpeg 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/5iY6r4tWvecmgcbWqFayWX/586440f345644f16a96927ae9d4b4907/HPCAROUSEL_Electric_Orchid.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e985f03de7fa9c3aefff70b377ba367d8584b08a76afd86c74d7b98b60f498fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:22:15 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Fri, 11 Mar 2022 19:08:17 GMT
server: Contentful Images API
age: 51033
etag: "fc16feb9178e18895b0ebf13d69cdbef"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 90680
x-amz-cf-id: MPo3FkF_8R8NHhPrZArozV7rO1goWZuDIyqBY5Px4vwGq7lEK-yu-Q==

GET
H2 200 20220315_Launch_NightSky_VaporBlueSD_ElectricOrchid_Homepage_Module_U.jpg
images.ctfassets.net/5j6wpslh72e4/7IECjbpQmE8hZzr1QHZTFs/2d0ace120c98a215e679737c541e55f6/ 110 KB
110 KB 45ms
44ms Image
image/jpeg 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/7IECjbpQmE8hZzr1QHZTFs/2d0ace120c98a215e679737c541e55f6/20220315_Launch_NightSky_VaporBlueSD_ElectricOrchid_Homepage_Module_U.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6734701534dd9b07ad96dc61d39fa3bdd0297d27cf81c732359f97db9b56efbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 07:13:14 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 22:10:04 GMT
server: Contentful Images API
age: 51574
etag: "606fcac951cc44689d00a9b7e924e140"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 112648
x-amz-cf-id: F1ct5OMFn94Cn_5CS_MVNNBhINRWwAtwadpHxlksSKulsL55jAp-VA==

GET
H2 200 HP_Banner_IWD_1200x950.gif
images.ctfassets.net/5j6wpslh72e4/64UvcRkeYEUNrmCnOrkJpL/bbd51c88a972d57e5e3d949801eb1ff0/ 468 KB
468 KB 41ms
40ms Image
image/gif 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/64UvcRkeYEUNrmCnOrkJpL/bbd51c88a972d57e5e3d949801eb1ff0/HP_Banner_IWD_1200x950.gif
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3a20a1d6569961073b2e6222fbae1a5cf82108cc2322d7925327c227394c4ccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 05:41:02 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Thu, 10 Mar 2022 18:54:52 GMT
server: Contentful Images API
age: 57107
etag: "60d301e01eca97cfb09b4bafa175ff53"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 478804
x-amz-cf-id: 6MbD8WNKuMY7QuDBrQAzT4L9eRgpBreN5ILyCrIdahMGgackUyak5Q==

GET
H2 200 HP_Banner_ImpactReport_750x592.gif
images.ctfassets.net/5j6wpslh72e4/7nmu7Y3fLCCC3LxJd3Av3D/45128e32d6568446781c56046c558f62/ 660 KB
661 KB 43ms
42ms Image
image/gif 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/7nmu7Y3fLCCC3LxJd3Av3D/45128e32d6568446781c56046c558f62/HP_Banner_ImpactReport_750x592.gif
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4508a14fd9b91a0151131e44b5f7b004eb34eb36e8790dc2a62b0c94ff93ac6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 05:37:17 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 17:57:24 GMT
server: Contentful Images API
age: 57332
etag: "59c21e001cd3a80838eb77f32208583e"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 675532
x-amz-cf-id: zEfyahYJc93ZXVsrsAg7qORbh8flAFHNCQOoedQUj54cBRQ8bhHHVw==

GET
H2 200 datadog-rum-v3.js Show response
www.datadoghq-browser-agent.com/ 115 KB
37 KB 39ms
8ms Script
application/javascript 143.204.202.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-145.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:24 GMT
content-encoding: br
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
age: 48
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: B1ogjFp0DMkYfyqRZGz32PsYzJ8wOmeyfGXlXE3ZqS9eAJGhUpKgGg==

GET
H2 200 9699-4a655f33df94a431ab5f.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 36 KB
12 KB 9ms
9ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9699-4a655f33df94a431ab5f.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/webpack-cafabf09e1b08d414c6b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce8178eb9e93bffce9bd40c17d020c1b5c87c5e89fab86c07e8a90aa0e5f0467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:23 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:51 GMT
server: AmazonS3
age: 84986
etag: W/"02d8b4c1e83cd535a71bcb5e0e46478f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ew-13aXzz5J3YwxkjMDPgWxZxgZtC4Zl4F27jDX0AZVUDMV19lijrg==

GET
H2 200 3698.717719c95d2a4d38e28b.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 7 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/3698.717719c95d2a4d38e28b.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/webpack-cafabf09e1b08d414c6b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a1752cedf2e35539a01db6f6663a8aecb259ed8238170dcf2187301b78503f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:23 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 84986
etag: W/"af4507204120fd6f306c23fa5e74c44f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ITBylEy2zsvbudnZcRovOUhLWyoDAw6UzfSFVSrTmkbpf6fC5Nb7qw==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 flag-us-icon.png
cdn.shopify.com/s/files/1/0139/8942/files/ 3 KB
4 KB 22ms
22ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/files/flag-us-icon.png?v=1607119686

Requested by

Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

43ea8b401e51f01eced458a6876140f366e7342fdcdadabab65fdb63f6f338c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.662,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 2992
x-xss-protection: 1; mode=block
x-request-id: b87c894ed668dd6ec49cea68448341ae
x-served-by: cache-lga13625-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243969.098326,VS0,VE1
date: Fri, 25 Mar 2022 21:32:49 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/files/flag-us-icon.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 HPCAROUSEL_BLACK-1.jpg
images.ctfassets.net/5j6wpslh72e4/2MY5zBHfQxrCaIuHHVZKMN/e969927c598da1a567cca1c84b189d21/ 33 KB
34 KB 11ms
10ms Image
image/jpeg 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/2MY5zBHfQxrCaIuHHVZKMN/e969927c598da1a567cca1c84b189d21/HPCAROUSEL_BLACK-1.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6d192931840b5846cdd202ac4888c640d2be647332313394807c76adde0f47bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 04:25:51 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 18:27:51 GMT
server: Contentful Images API
age: 61618
etag: "1f4359a13247de25fd073542f46ef7dc"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 34163
x-amz-cf-id: 7maTLnbDvICD1qJtywAH8wL6RKSS0Lno0WJmgzS-OWKdZcDVKKTIMw==

GET
H2 200 HPCAROUSEL_NAVY.jpg
images.ctfassets.net/5j6wpslh72e4/5T6MZFafj9P8kCZJ4kSHpq/64113ecfa7afdbb737f9a9ae54bc0a71/ 18 KB
18 KB 11ms
11ms Image
image/jpeg 2600:9000:224a:200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/5j6wpslh72e4/5T6MZFafj9P8kCZJ4kSHpq/64113ecfa7afdbb737f9a9ae54bc0a71/HPCAROUSEL_NAVY.jpg?fl=progressive&fm=jpg&q=90
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2e10acc8d39f64adea961a82e6ba5d1865108ea71ea16dedc4807ac8aa17e205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 02:01:53 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
last-modified: Sat, 12 Mar 2022 21:24:57 GMT
server: Contentful Images API
age: 70256
etag: "b6014bb9c736ca58b9c6feb162408219"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
content-length: 18349
x-amz-cf-id: TeJwp9UK15-9jjxbv0IUHMQxLN2a0l3bBrh1WG4Ekcuy1M7dWuuIIg==

GET
H2 200 8671-19dd63b47f9ea92b050b.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
6 KB 10ms
9ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/8671-19dd63b47f9ea92b050b.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:16 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:51 GMT
server: AmazonS3
age: 85114
etag: W/"b530436bb74cc5945c95dce1a3e57863"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: p1ILtx7grv1bi_aaH6-As05RxkOss6Ipja3tNf96_djlHEBVj9ncUg==

GET
H2 200 5491-3ce3312ee466d55d366d.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
3 KB 10ms
9ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/5491-3ce3312ee466d55d366d.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:16 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:52 GMT
server: AmazonS3
age: 85114
etag: W/"b5a79ddd4d5f5c7c319227478a47310d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: gNNogahYoSBnyE71gFAZ6nJhdcCpIy_UEBUbgsNpRh1tUPV1LzMncg==

GET
H2 200 354-3cdc56cf3526973cc893.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
10 KB 9ms
8ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/354-3cdc56cf3526973cc893.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:17 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85113
etag: W/"ea794b309ae862b9ca0edf7d5e96073b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6lhrN5nfcEWJ-vHXqBaCjXXnrZy54ayTo80u-v6XOc7xg-pUPG9rCA==

GET
H2 200 204-04392468aa74286fdd7a.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
5 KB 10ms
10ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/204-04392468aa74286fdd7a.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:17 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:34 GMT
server: AmazonS3
age: 85113
etag: W/"428143f2b037a0831e0513dfa39442df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6cAANzNWD9JG79b2pzqQBcBG2qWFm1ExBInUYsvT4ZTRtsLL3puWHw==

GET
H2 200 9424-7082aaab534e32c04652.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
5 KB 9ms
9ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9424-7082aaab534e32c04652.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:26 GMT
server: AmazonS3
age: 85112
etag: W/"a51459d21c0dfe93e0a200f7f257f8b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xsfHOIJY0tKkPmIEJStppMStavuVgZrvAfoFm-LOIDgFlrsHj5d4EA==

GET
H2 200 9227-43c8088e98bcb97a6c0e.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
5 KB 17ms
17ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9227-43c8088e98bcb97a6c0e.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 85112
etag: W/"16a6ae00f3cd1702b1237fea69a342ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: DBKLPm-rJucAkw89hfNXwzmgPmK9MaZG97feT4i8Fd_Cq0d8kIBuMw==

GET
H2 200 5117-b6a3577cdfe851faec73.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
16 KB 17ms
16ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/5117-b6a3577cdfe851faec73.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:36 GMT
server: AmazonS3
age: 85112
etag: W/"8ae25dba1bb8085077a8750920069728"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: K8RKIP4pwa6LcB3q_eRqwxQgMhVEATe8OgUCGe3i351QIP1yLsOEtw==

GET
H2 200 3764-55cfd45da7d595a413aa.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
9 KB 17ms
16ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/3764-55cfd45da7d595a413aa.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:51 GMT
server: AmazonS3
age: 85112
etag: W/"80502b327f3633aae4b2f02c352a8454"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 1Dmv3kyaOqzr1bkdWLbCGnmwbP_jdTiwkCgFYvpphbxgJthhTJYC4g==

GET
H2 200 %5Bhandle%5D-464f17b638e7313808a2.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/collections/ 0
3 KB 17ms
16ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/collections/%5Bhandle%5D-464f17b638e7313808a2.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:36 GMT
server: AmazonS3
age: 85112
etag: W/"c5532622dfc77978596e4f47b5f3e31f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: s2u1BoBNlCZbJ31o_CTFdaQIe_EFB4wcEG7amXvLlnzSy05e3ln82g==

GET
H2 200 8402-9e9027b8fcd5e53c9234.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
14 KB 19ms
18ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/8402-9e9027b8fcd5e53c9234.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:35 GMT
server: AmazonS3
age: 84987
etag: W/"f1824e3169af6246a5e1660c3da0cbb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9vZ6RL1PhVEnDp4LBwoU5QwJhW10PFZPDnK8-FZD7ePCEcIYnE4CwQ==

GET
H2 200 4695-0582cc9e3bcab971520b.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
8 KB 17ms
17ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/4695-0582cc9e3bcab971520b.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:28 GMT
server: AmazonS3
age: 84987
etag: W/"e155d913648a023fd1a69b337bb398b9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ruSkNWX6VBL5MGfHfcL2mQflNvqSGXYh8K4yKmrvbbjMXq56r-H1_w==

GET
H2 200 9448-403ab03fe0613be46336.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
5 KB 20ms
19ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9448-403ab03fe0613be46336.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:52 GMT
server: AmazonS3
age: 84988
etag: W/"7424ca68a5827550e3560b3e101ab4c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vM7l-SDS3HBbxQfXC6p-XtzCoX_sJbkgRD4_C7j54UfEIkJETjYxEQ==

GET
H2 200 8977-2729eefa40158d02c85a.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
5 KB 19ms
19ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/8977-2729eefa40158d02c85a.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 84988
etag: W/"3f03302887751a56fba6833a33337f5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: MBMAdISseGzrJ3DONG8wJULxNr1BbhsEMV8lunbYAeD3vJxZOdCoXw==

GET
H2 200 296-dc54b54b073e47dcb25a.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 0
16 KB 19ms
19ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/296-dc54b54b073e47dcb25a.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:27 GMT
server: AmazonS3
age: 84988
etag: W/"840f33fe173e4ccd63bac9b6c7a6ef11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: u50P9whBYK9Pr4eILHKARsETrz_bYhn2vDUhnM6vswLgvP0-4Nr3aA==

GET
H2 200 %5Bhandle%5D-b9faa75a9431738814f4.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/pages/ 0
2 KB 19ms
18ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/pages/%5Bhandle%5D-b9faa75a9431738814f4.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:24 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:44 GMT
server: AmazonS3
age: 84986
etag: W/"4cd1635ba42e35fb1138e857a3c466f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: StMXWtqr9pju8_nOI7spDJUI3oq5OK50QgjisNCF64WhZO4O2i2TKw==

GET
H2 200 hDOncxeMFCg%3d Show response
gepi.global-e.com/Configurations/GetMerchantConfigurations/ 11 KB
4 KB 29ms
29ms Script
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Configurations/GetMerchantConfigurations/hDOncxeMFCg%3d?WebStoreCode=www.wearfigs.com&WebStoreInstanceCode=www.wearfigs.com&jsoncallback=callback_GetConfigurations
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a9e8ca627ff9d3bd0892d6e749366cf5390c49154d5b1efd84af3fe445b5719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Mar 2022 23:41:27 GMT
server: cloudflare
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: GEM_MerchantConfigurations, GEM_MerchantConfigurations_1021
content-type: application/json; charset=utf-8
cache-control: public, max-age=600, s-maxage=86400
cf-ray: 6f1ac2e768b7cc42-ZRH
x-aspnet-version: 4.0.30319

GET
H2 200 1021 Show response
web.global-e.com/merchant/clientsdk/ 94 KB
29 KB 64ms
34ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.global-e.com/merchant/clientsdk/1021?dominify=false
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4defeaae93287f1dafca22c3024edacc37f79539fc1f78aaa663117fb00e2c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
edge-cache-tag: clientsdk_1021,clientsdk
content-length: 29585
last-modified: Fri, 25 Mar 2022 18:42:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 6f1ac2e798e1cc42-ZRH
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Fri, 25 Mar 2022 21:52:49 GMT

GET
H2 200 index-c451bf28e79713b9a8f9.js
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/ 0
2 KB 8ms
8ms Other
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/index-c451bf28e79713b9a8f9.js
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/main-729500de806b09c80051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:22 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:36 GMT
server: AmazonS3
age: 84987
etag: W/"c04e3cbf2147a92e3b72dc32603daf5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xbdJMPgieI9UIBpbEE6_UPLl-2dAN91UKBbo60V5gTGxJfo5AJl3Vg==

GET
H2 200 hDOncxeMFCg%3d Show response
gepi.global-e.com/Localize/SetLocalize/ 142 B
563 B 74ms
74ms Script
application/javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Localize/SetLocalize/hDOncxeMFCg%3d?&cacheBuster=1648243969254&jsoncallback=callback_SetLocalize
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3d2b3b7fa6250edcc3bd1a5688ae4fb61a69e51a5788c7d96213522c2dadd278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: MISS
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
edge-cache-tag: GEM_SetLocalize, GEM_SetLocalize_1021
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-length: 226
x-aspnetmvc-version: 4.0
last-modified: Fri, 25 Mar 2022 21:32:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 6f1ac2e7e939cc42-ZRH
expires: Fri, 25 Mar 2022 21:52:49 GMT

GET
H2 200 204-04392468aa74286fdd7a.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 12 KB
5 KB 10ms
9ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/204-04392468aa74286fdd7a.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbb57fd2543a9ddc252d8d6b174e13dc7a0baafc1a5e1509af83fdb9643fcc46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:17 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:34 GMT
server: AmazonS3
age: 85113
etag: W/"428143f2b037a0831e0513dfa39442df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: u3dA6SW9JYwAmeKX4qgVXfANMUVOg50USKc3Zo_VHOT0ZHRNyyIRuQ==

GET
H2 200 9424-7082aaab534e32c04652.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 10 KB
5 KB 10ms
9ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/9424-7082aaab534e32c04652.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 091b828370d70593dcb4fb5ef26138a000721e810f01f42ca5898a4f30339f2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:26 GMT
server: AmazonS3
age: 85112
etag: W/"a51459d21c0dfe93e0a200f7f257f8b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: CB0kGWBtGtRjAg1nDoef1XYBzukrVdgTuIAvADwJz4HAcUmRpnDC4g==

GET
H2 200 5117-b6a3577cdfe851faec73.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 63 KB
16 KB 10ms
9ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/5117-b6a3577cdfe851faec73.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4ec11f45c859228d47c22ce859c647503546af6044181706f61e27c310f5271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:36 GMT
server: AmazonS3
age: 85112
etag: W/"8ae25dba1bb8085077a8750920069728"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bkRVD35CTWlxGN9vRGymZEHJ4NU3ajm22Nb2-lPJTw0jaNHBMj9XVg==

GET
H2 200 3764-55cfd45da7d595a413aa.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/ 29 KB
9 KB 11ms
11ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/3764-55cfd45da7d595a413aa.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f839c0490fe7b3bfbd6e13cff9612d068c6176b0fd4f461cc80fd91b76d1765

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:51 GMT
server: AmazonS3
age: 85112
etag: W/"80502b327f3633aae4b2f02c352a8454"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: zvIhRQMQEuBjgzIJKD8RmjlhATuzmjcDgJ0yOpDDKbGaPUfnCzerNA==

GET
H2 200 %5Bhandle%5D-464f17b638e7313808a2.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/collections/ 5 KB
3 KB 11ms
11ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/collections/%5Bhandle%5D-464f17b638e7313808a2.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 177f5964d2134fbb2bed4ecbe40b8b15ef4dbad03c51386da33b134bd8b647d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:54:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:36 GMT
server: AmazonS3
age: 85112
etag: W/"c5532622dfc77978596e4f47b5f3e31f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: WQYL-A0IjRjZ-vypJ7MlDm50TAe5jqpvjpGomLpxaHZItyVoCNnaKw==

GET
H2 200 %5Bhandle%5D-b9faa75a9431738814f4.js Show response
magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/pages/ 3 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:206f:800:4:6d29:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/pages/%5Bhandle%5D-b9faa75a9431738814f4.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:800:4:6d29:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 491fceb9986eaf300b1f8bb427816886f23dfca0c449874c4e8cf18892002a02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 21:56:24 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 23:43:44 GMT
server: AmazonS3
age: 84986
etag: W/"4cd1635ba42e35fb1138e857a3c466f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public,immutable,max-age=31622400,s-max-age=31622400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: l9jOry2msGc9OL8UPNze1Wj3V4jDYHXPZRoqVGEZVX2THtUL-8QAaw==

GET
H2 200 1021
gepi.global-e.com/includes/css/ 98 B
181 B 46ms
45ms Stylesheet
text/css 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/includes/css/1021?countryCode=US
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c5162278b8ff0987662b06f616fbb47deebcc0a1f7cfffb4fb79cabdfcf026da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
edge-cache-tag: GEM_CSS, GEM_CSS_1021
pragma: no-cache
x-aspnetmvc-version: 4.0
last-modified: Fri, 25 Mar 2022 21:32:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-store
cf-polished: origSize=121
cf-ray: 6f1ac2e869d3cc42-ZRH
cf-bgj: minify

GET
H2 200 IsThirdPartCookiesAllowed Show response
gepi.global-e.com/Utils/ 54 B
161 B 65ms
65ms Script
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Utils/IsThirdPartCookiesAllowed?jsoncallback=callback_IsThirdPartCookiesAllowed
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: da75553d55f98d155eac8f9838f76b4660272075d3cf724a6d0122e6bd849bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=0
cf-ray: 6f1ac2e879d7cc42-ZRH
x-aspnet-version: 4.0.30319

GET
H2 200 hDOncxeMFCg%3d Show response
gepi.global-e.com/Configurations/GetLocalizeConfigurations/ 2 KB
838 B 54ms
54ms Script
application/json 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gepi.global-e.com/Configurations/GetLocalizeConfigurations/hDOncxeMFCg%3d?WebStoreCode=www.wearfigs.com&WebStoreInstanceCode=www.wearfigs.com&CountryCode=US&CurrencyCode=USD&jsoncallback=callback_GetConfigurations
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60a8173b992551149c8aa8014d67629358076d76db9362836ca2002971277269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 01:48:34 GMT
server: cloudflare
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: GEM_LocalizeConfigurations, GEM_LocalizeConfigurations_1021
content-type: application/json; charset=utf-8
cache-control: public, max-age=600, s-maxage=86400
cf-ray: 6f1ac2e879d8cc42-ZRH
x-aspnet-version: 4.0.30319

GET
H2 200 set
utils.global-e.com/ 35 B
176 B 59ms
28ms Image
image/gif 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utils.global-e.com/set?t=pv&sid=682120038.187121189.1021&p=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&ti=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20&%20Apparel=&co=US&e=local&hc=0&log=false&m=1021&cdu=https://webservices.global-e.com/&f=gleTags.handlePixelResponse
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cloud-trace-context: 8bd29a4622be1c7166dd6da43d529518
server: Google Frontend
x-powered-by: Express
date: Fri, 25 Mar 2022 21:32:49 GMT
content-length: 35
content-type: image/gif

GET
H2 200 changeshippingandcurrency Show response
webservices.global-e.com/merchant/ 30 KB
8 KB 60ms
33ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/changeshippingandcurrency?autoshow=false&merchantid=1021&country=US&culture=en-US&currency=USD&v=1.0&environment=live&loadSwitcherData=false
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470abebf6febcff0747467416bc639c72551bd11d7d9b2377d82404f559c6bbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: HIT
edge-cache-tag: switcher_1021,popups_1021
content-length: 8139
last-modified: Fri, 25 Mar 2022 19:59:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=86400
accept-ranges: bytes
cf-ray: 6f1ac2e8fa72cc42-ZRH
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language

GET
H2 200 us.png
gepi.global-e.com/content/images/flags/round/ 700 B
859 B 61ms
60ms Image
image/png 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gepi.global-e.com/content/images/flags/round/us.png
Requested by: Host: www.wearfigs.com
URL: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0810eea83dd9b8aa14d6acfd308af0cd31aa9451f36b10e75c3bffbe9af2e2f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 13:42:58 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "05d3393293dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 6f1ac2e8ca39cc42-ZRH
content-length: 700
expires: Fri, 25 Mar 2022 21:37:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
83 KB 58ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLWDV6S&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e921ccb2692f1c0042439da607a4a3ebaf8edb1abf9397f0de9cbe5da557990b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84903
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 21:32:49 GMT

GET
H2 200 freeShippingBanner Show response
webservices.global-e.com/merchant/ 0
156 B 95ms
95ms Script
application/x-javascript 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/freeShippingBanner?merchantId=1021&country=US&currency=USD&culture=en-US&cb=1648243969
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
cf-cache-status: MISS
edge-cache-tag: free-shipping-banner,free-shipping-banner-1021
cache-tag: free-shipping-banner,free-shipping-banner-1021
content-length: 0
last-modified: Fri, 25 Mar 2022 21:32:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 6f1ac2e93ab5cc42-ZRH
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Fri, 25 Mar 2022 21:52:49 GMT

GET
H2 403 FIGS-Bold.woff2
s3.global-e.com/merchantscontent/Figs/Fonts/ 0
0 165ms
89ms Font
application/xml 2606:4700::6810:e43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-Bold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e43c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-amz-request-id: HZC4XFPAXV0Q44MM
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
cf-ray: 6f1ac2e9b8af233d-ZRH
x-amz-id-2: 4pN6V8dnC/Hpedb7whs5Or8IG7+KJN9gz98O+4Hui8cJw24Mm9sm9IbIfxFiiUgILAe0upYTkic=

GET
H2 403 FIGS-SemiBold.woff2
s3.global-e.com/merchantscontent/Figs/Fonts/ 0
0 158ms
82ms Font
application/xml 2606:4700::6810:e43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-SemiBold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e43c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-amz-request-id: HZCEHQ8GSRSCA77Q
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
cf-ray: 6f1ac2e9b8b0233d-ZRH
x-amz-id-2: IMVuqAMkcrPFms7vft2lCVHeRDYoTYOW0kmvED0/D6qpzoqQA9e4ZvteffSp+b7HMZAIqmZVfhQ=

GET
H2 403 FIGS-Regular.woff2
s3.global-e.com/merchantscontent/Figs/Fonts/ 0
0 159ms
84ms Font
application/xml 2606:4700::6810:e43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e43c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-amz-request-id: HZC9CNWD7AQQS8FN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
cf-ray: 6f1ac2e9b8b3233d-ZRH
x-amz-id-2: K7sUClbNEnnCBqDqv9FCYwEQXad/ITbME5+xgtjcjxJwIQUjJs+wY+dU1dov3wTIzUJVu2InkBY=

GET
H2 403 FIGS-Medium.woff2
s3.global-e.com/merchantscontent/Figs/Fonts/ 0
0 165ms
95ms Font
application/xml 2606:4700::6810:e43c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-Medium.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e43c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.wearfigs.com/
Origin: https://www.wearfigs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-amz-request-id: HZC93VZJQX6NQFF8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
cf-ray: 6f1ac2e9b8b5233d-ZRH
x-amz-id-2: VeYrGluEh9MKmu+fZLeD0YZVmmskgNYTxsiwwGtTJ0YRqehFjO/kr/0yTYStwg2MXoZWvhDxwr8=

GET
H2 200 US Show response
webservices.global-e.com/shared/prefetcher/1021/ Frame F9C8 29 B
254 B 44ms
44ms Document
text/html 2606:4700::6810:1f3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/shared/prefetcher/1021/US?cb=1648243969
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1f3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd7fb74f729ec90a72266c1a601490cc44bab6b894fed4c59ae8a078b9485fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=300
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 18:42:28 GMT
expires: Fri, 25 Mar 2022 21:37:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f1ac2e95afacc42-ZRH
content-encoding: gzip

GET
H2 200 heap-4169410828.js Show response
cdn.heapanalytics.com/js/ 129 KB
48 KB 107ms
27ms Script
application/javascript 108.157.4.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-4169410828.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-40.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

5fbcc88a0b097bf62ec356cb66e48e1a9378b536f1c0d77e0e06f6936854cf76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:40 GMT
content-encoding: gzip
server: nginx
age: 9
etag: W/"20492-dzUgMscPE2PXKFyCL25Zqg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: DUS51-P2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: Q-areHIxs6KCGaWY811FG3iVsSm4e5oC41o71-19MlYvvXZxv1QQJg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5283
date: Fri, 25 Mar 2022 20:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Mar 2022 22:04:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 59ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 502D1CEEDAA74748BD78610C01A6AC4C Ref B: FRAEDGE1512 Ref C: 2022-03-25T21:32:49Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 25 Mar 2022 21:32:49 GMT
accept-ranges: bytes
content-length: 11347

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 62ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:32:49 GMT

GET
H2 200 forge.min.js Show response
unpkg.com/node-forge@0.7.0/dist/ 266 KB
69 KB 63ms
33ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/node-forge@0.7.0/dist/forge.min.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1383652
fly-request-id: 01FXR8EGZ0A1DQ5ZA7E030YWY9-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2017 22:37:03 GMT
server: cloudflare
etag: W/"429bd-Ikb3wlLVm2wlvXrmcm23V6AN+Rc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f1ac2ea1ee6cc36-ZRH

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 133ms
37ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 14 Feb 2022 14:11:16 GMT
server: snooserv
etag: "9dd34b4324742bd3f713adf7f070d3b4"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7531

GET
H2 200 43119890.js Show response
container.pepperjam.com/ 8 KB
9 KB 77ms
6ms Script
application/x-javascript 143.204.98.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://container.pepperjam.com/43119890.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-53.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ndNxmq3ad0rxrMQ2ENUCzvXNi837Zedq
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 18:03:58 GMT
server: AmazonS3
age: 792
etag: "cda0a8b1fb96cd23c5b8431794f284c4"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=900
date: Fri, 25 Mar 2022 21:32:49 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8688
x-amz-cf-id: JfQ3Xzqgoq1BqG5Gxce5iFX-F95johfHg0MnLwdphugUWiw1ZNFm9Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: JA1kcsYwhHPDskdAl+Q6xmOrkBnqFAhsyYcxPleJU04BCpmQAl4Lr+NE5XQKgZfIa3akiV4dLt8B6rEp4wXGIw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 25 Mar 2022 21:32:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1435364.js Show response
static.hotjar.com/c/ 6 KB
3 KB 30ms
13ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1435364.js?sv=6

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

aba6f5d0bde324fc26326aca9e87245a6288b263f5bfcce3e2f1d02c92f44f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
etag: W/80d2062e34aaa6aafd777db4a40e0ee9
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XyLhcxnatC-oJl1oFEuA7xZG_OrNHRF5tKhI3j0w7KybImBkid8WHA==
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)

GET
H2 200 6f0e2a53-075f-4449-a4f8-cf34aa283652-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 7 KB
7 KB 41ms
14ms Script
application/javascript 2600:9000:206f:4000:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/6f0e2a53-075f-4449-a4f8-cf34aa283652-latest.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 371c7619c36e1e1364329d7da03b78f25f7de9d24a843c54323e87f3311a8d1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vx9MNxb.tqV.KP2XLNUG8LJOBzkHjKiH
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 23:09:24 GMT
server: AmazonS3
age: 1754
etag: "c9c650ea6a1bd82179d264b9c5caadf4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 25 Mar 2022 21:32:49 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6952
x-amz-cf-id: jflCmtbqvMzdmkxpkOnufZizCVI0Cm5ajz86Wd4QgyBs1q4ygQWEKA==

GET
H2 200 a-04bo.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 61ms
6ms Script
application/javascript 2600:9000:2057:de00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04bo.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:de00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: a2edf0576f191018863ab1a2068d2910d89af4723ad860c64c151e7c8d1f47a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 06:00:34 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
server: ZIO-Http
age: 55935
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: 2J8B_tMCHhHKnWnHddM10El743gR4FnaOzGMZNqIcoUGdQnnPp5pbA==

GET
H2 200 affirm.js Show response
cdn1.affirm.com/js/v2/ 426 KB
91 KB 50ms
6ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/js/v2/affirm.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

18d51cd9bd8ebb8f38bbf6a75402d4a4fc43a216b677781f703a48a30d7d9b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: br
vary: Accept-Encoding
fastly-original-body-size: 92511
age: 720
x-cache: HIT, HIT
x-envoy-upstream-service-time: 457
x-affirm-cache-status: HIT
content-length: 92511
x-served-by: cache-iad-kjyo7100080-IAD, cache-hhn4070-HHN
access-control-allow-origin: *
x-affirm-request-id: f041d66e-0573-4b1b-cbdd-1cdd3313eb1b
last-modified: Fri, 25 Mar 2022 15:40:56 GMT
server: istio-envoy
etag: W/"5a185245a606a89301ecd7ccd12549ef"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=259200, public
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin, <https://cdn1.affirm.com>; rel=preconnect, <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin, <https://cdn-assets.affirm.com>; rel=preconnect, <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin, <https://cdnjs.cloudflare.com>; rel=preconnect
x-cache-hits: 1, 55

GET
H2 200 dtag.js Show response
cdn.attn.tv/wearfigs/ 0
375 B 46ms
5ms Script
text/javascript 2600:9000:206f:e200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/wearfigs/dtag.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 78041
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Thu, 24 Mar 2022 23:57:21 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 65MSTVF-qD5HCECsD8N2f66QdmzZiJBtD_BHoj7tam-LpoyER502Ag==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 70ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Mar 2022 21:32:49 GMT

GET
H2 200 init-1242fbdx1278dia53814.js Show response
api.fouanalytics.com/api/ 461 B
936 B 268ms
209ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1242fbdx1278dia53814.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f4f15d17fbe5ec408811cffdd0bd0008146b2406ebb4eb5edbf34de1ba1e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL%2BxNI%2BfBLu7dR4VOD%2FOBW5iHqVIZppiIgdo4LNAXM%2BS6RZLjHZVnPCh0LTmWzmH8EXMBsgI2Zsu9lum%2BHZvR3k8Z6JdzKgumB3k%2F%2F2moe4xNpXHQCemGqFI6s%2BVntfC6p851RFVcyXWMizrPJl4EMhRBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6f1ac2eabee859e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 afterpay-1.x.js Show response
js.afterpay.com/ 195 KB
57 KB 94ms
49ms Script
application/javascript 2606:4700::6811:72b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.afterpay.com/afterpay-1.x.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:72b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4bf1bed5a1dbb0df353ffe5e37faeef9e731fdb8523f5b516ee37a8894914b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 35
x-amz-request-id: NHMZ5PJA8W94W1B0
x-amz-id-2: SCuP5P+cY/6rp8pZvGBBwUlAYrqOG8gp63lF7fJnYlzjDk5FeUWSo2mNFugl77e4x69u6/VoV8Y=
last-modified: Thu, 24 Mar 2022 05:27:08 GMT
server: cloudflare
etag: W/"a41f944f0830715be22fb09631ea63e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 6f1ac2eaac03cc3e-ZRH
expires: Fri, 25 Mar 2022 22:32:49 GMT

GET
H2 403 1535.js
cdn.pbbl.co/r/ 0
0 89ms
6ms Script
text/html 65.9.66.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbbl.co/r/1535.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-7.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 shopify-1398942 Show response
connect.nosto.com/include/ 175 KB
45 KB 62ms
12ms Script
application/javascript 2600:9000:224a:4e00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/include/shopify-1398942

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c46bf9c10edea54fc1c03a5a74a0498d7c24f4ddf05547d1b762b9e742bacf15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: c82abad2-8fcd-4a99-bded-df7cb4fb1edb
server: nginx
etag: W/"c46bf9c10edea54fc1c03a5a74a0498d7c24f4ddf05547d1b762b9e742bacf15"
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: sSX3obrphakHbmsudfEGZcaRcTKujmNEb2rTjc2FPbX652PM1RbhVQ==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1100083/ 55 KB
17 KB 34ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1100083/tfa.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7260d7e22a2d64e15357095eb89cbb3d95aeefbbfd4520ec9f0aa6f8ca7bc18e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: BommuixNjeDJreErYIOtPPL6G_mHWDiG
content-encoding: gzip
etag: "44ac8ffba7e725bfbdc36d73df273926"
age: 80
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17368
x-amz-id-2: +RLTdWNEH0dvm57W5uMLItai8S0n3Vpu2SzNIa2IqBIO4hRZ5nxSa8rkapjiI6rT69rmxCuAqD4=
x-served-by: cache-hhn4051-HHN
last-modified: Sun, 20 Mar 2022 11:06:21 GMT
server: AmazonS3
x-timer: S1648243970.704210,VS0,VE1
date: Fri, 25 Mar 2022 21:32:49 GMT
vary: Accept-Encoding
x-amz-request-id: FBDMQR8Q2DAPN1W7
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 13
x-cache-hits: 1

GET pixel
pixel.tvsciapi.com/ 0
0

GET
H2 200 t.png
pix.pub/ 68 B
410 B 54ms
11ms Image
image/png 108.157.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.pub/t.png?&t=1648243969593&l=tvscientific-pix-o-06a4fbd6-1c56-4822-94ce-079974052b5b&u3=https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-3.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:10:26 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
etag: "8e31b8b47c618ed73e5b31011d1de037"
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
server: AmazonS3
age: 76944
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 68
x-amz-cf-id: zJdznVHLugOWdx5u-J4bw5if098aQ4qH3sffxYaIrQztzJDHlXsOkw==

GET
H2 200 widget.js Show response
widget.privy.com/assets/ 384 KB
108 KB 59ms
24ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.privy.com/assets/widget.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11399a3730122e555dbf8a5e8e0c8c44f0f88d67072c2aa31f6956f80b16c83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
via: 1.1 vegur, 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 834
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 17:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-pop: FRA60-P2
cf-ray: 6f1ac2eacc93cc42-ZRH
x-amz-cf-id: N2R7CUz0tTKERde5jYN_7J4m29g3obpFgExusd3iiHtS081T68ceXw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 17ms
16ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=226920724&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&ul=en-us&de=UTF-8&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=515745900&gjid=1641749733&cid=801479616.1648243970&tid=UA-42322832-1&_gid=733332712.1648243970&_r=1&gtm=2wg3e0NLWDV6S&z=263862149

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1411344802476211 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 113ms
113ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1411344802476211?v=2.9.57&r=stable

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

669cb55d54ed3ce841427294455b85a774786ed1fb23570c55e9b39aec116ae1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: XfFJI9T8DyDR7wWxPsSZS0rE1Zhg5Z40Wg34JtQMdsS+R1HBX/CqxOmyIBBx2u+2lNEBG+YxbXHK0e6+ydvh2Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 25 Mar 2022 21:32:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 26ms
8ms Script
application/javascript 143.204.215.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-79.fra53.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1341043
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: WKpe25lvrWxFGQR0VGPRij080s1WUbvMCppK1OHW2LKWdE_fpQHZhw==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 104ms
27ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
ETag: "60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3340
Expires: Sat, 26 Mar 2022 21:32:51 GMT

GET
H2 200 6f0e2a53-075f-4449-a4f8-cf34aa283652-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 10 KB
10 KB 19ms
18ms Script
application/javascript 2600:9000:206f:4000:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/6f0e2a53-075f-4449-a4f8-cf34aa283652-additional-latest.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d89e5725d9e615afd42061689a2fabb632712c2625dc978d39eef261b5a9e8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: p3bfeY_rx_WYDj5urprgah91GnKCE8Vt
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 23:09:25 GMT
server: AmazonS3
age: 1754
etag: "5d8e82e724af32d0bf3f0796ffb62b59"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 25 Mar 2022 21:32:49 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 9843
x-amz-cf-id: qv7yJk3RO92Ok2edPRIaoqSm3kLVa0qnVkFOuzDfvTLa1Mwf_vAMqw==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 9ms
8ms Script
application/javascript 2600:9000:206f:4000:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce92054ebdb7c3d2a56ff0541b4049a1e4faa7e9baa410ad5af43eaf26e3e07a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:18:04 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Fri, 25 Mar 2022 01:18:00 GMT
server: AmazonS3
age: 72886
etag: "3c66d28e4b6ee547c9c719b3fc089492"
x-cache: Hit from cloudfront
x-amz-version-id: G3H.HzzItTre8zmxQ0zP8j_f7auufF3A
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
content-length: 9980
x-amz-cf-id: AgQ0lzgDHb6ilGrQX8Hx_1I2L6uynDc0bId65m7urZ7yNUKvvfrK9A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42322832-1&cid=801479616.1648243970&jid=515745900&gjid=1641749733&_gid=733332712.1648243970&_u=YEBAAEAAAAAAAC~&z=1198192752

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Mar 2022 21:32:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
493 B 33ms
7ms XHR
image/gif 65.9.58.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTMmdG9rZW49NmYwZTJhNTMtMDc1Zi00NDQ5LWE0ZjgtY2YzNGFhMjgzNjUyJnNlc3Npb25JZD1kYjE5ZjllMi01MTE0LTMyMGItM2Y1OC0zMDE4NGQ3YzUxOWE%3D&date=1648243969689
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-181.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 05:25:21 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 58048
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Izu5DmCBY0bhbCDwLrWVm9gFU-KCPswtM453UrUEP2AbXFB7i60TFg==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
494 B 34ms
8ms XHR
image/gif 2600:9000:2156:7600:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjEzJnRva2VuPTZmMGUyYTUzLTA3NWYtNDQ0OS1hNGY4LWNmMzRhYTI4MzY1MiZzZXNzaW9uSWQ9ZGIxOWY5ZTItNTExNC0zMjBiLTNmNTgtMzAxODRkN2M1MTlh&date=1648243969689
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 03:23:48 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 65342
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0T9TmYTzL2ET0ts1VY8yKJum1CWaPk_YlbEsDnAr2xtX_0G3AwXFWA==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
449 B 55ms
14ms XHR
image/gif 2600:9000:214f:600:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTMmdG9rZW49NmYwZTJhNTMtMDc1Zi00NDQ5LWE0ZjgtY2YzNGFhMjgzNjUyJnNlc3Npb25JZD1kYjE5ZjllMi01MTE0LTMyMGItM2Y1OC0zMDE4NGQ3YzUxOWEmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRnd3dy53ZWFyZmlncy5jb20lMkYlM0Z1dG1fY2FtcGFpZ24lM0RQb3N0LVB1cmNoYXNlJTJCT3ZlcmxheSUyQi0lMkJNYXJjaCUyQjIwMjElMjZ1dG1fY29udGVudCUzRGVtYWlsJTI2dXRtX21lZGl1bSUzRHJlZmVycmFsJTI2dXRtX3NvdXJjZSUzREZyaWVuZGJ1eSUyNmZidXlfcmVmX2NvZGUlM0R0dkJGMw%3D%3D&date=1648243969692
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:600:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 05:45:44 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
vary: Origin
age: 56825
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: g3TrPhTyTszai0MCB9ylcKsomhYx39zHKIT20awE_4nG-Yo_5wuaiA==

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=809405384
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=809405384&_bee_ppp=1

43 B
793 B

31ms
31ms

Image
image/gif

54.217.99.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=809405384&_bee_ppp=1

Protocol

HTTP/1.1

Server

54.217.99.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-99-203.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:49 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-174&value=&uncacheplz=809405384&_bee_ppp=1
Date: Fri, 25 Mar 2022 21:32:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/ 3 KB
1 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/615428503/?random=1648243969695&cv=9&fst=1648243969695&num=1&label=TyMaCLic5vIBEJfjuqUC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e853472d08fc32c67060b05475c0b9a60786684fa2a513e0ff7275943b38c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1187
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/ 3 KB
2 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984949555/?random=1648243969697&cv=9&fst=1648243969697&num=1&label=pBt0CK7t-PIBELPG1NUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc8c7d932f8cf0332d10d8e22e8cc6869d7bdb060fadb3c055fffaa1105a42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/ 3 KB
1 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671967648/?random=1648243969698&cv=9&fst=1648243969698&num=1&label=CJFiCLnb6PIBEKDTtcAC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f30b18a9b6c79e3c636a21e04210b67260d73bd39dad3aa50119079fc4d912c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1187
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/ 3 KB
1 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/655922783/?random=1648243969698&cv=9&fst=1648243969698&num=1&label=6uaLCL3u6PIBEN-s4rgC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dc954e2134f5d8980e415152fa8435fa090489e36491e2cfecba9cdda13495f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1185
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4051636.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4051636.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09D4EC39C1B24D7C9A267BA0AB2FFD50 Ref B: FRAEDGE1512 Ref C: 2022-03-25T21:32:49Z
date: Fri, 25 Mar 2022 21:32:49 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4051636&tm=gtm002&Ver=2&mid=806f9fcd-5160-4c54-acc6-c3088957ce08&sid=1eae6a40ac8311ec9a1ed54e6bcd6ad9&vid=1eaed100ac8311eca4cead0a3df2c6be&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&p=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&r=&lt=2472&evt=pageLoad&msclkid=N&sv=1&rn=257165

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CB6D98F02914D84B3157AA7F4A73F0A Ref B: FRAEDGE1512 Ref C: 2022-03-25T21:32:49Z
date: Fri, 25 Mar 2022 21:32:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame 3682 2 KB
1 KB 26ms
7ms Document
text/html 143.204.215.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-95.fra53.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nnjl4XBT1dujeuexKe2yZLHQ2hInDEV2yG2hPWL_wULE86Xj5fEzrg==
age: 4279243

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
361 B 413ms
104ms XHR
text/plain 44.196.158.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.158.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-158-29.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 25 Mar 2022 21:32:50 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.wearfigs.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 0dcbdab9-f22b-4e92-8820-e1b297565395

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42322832-1&cid=801479616.1648243970&jid=515745900&_u=YEBAAEAAAAAAAC~&z=2039077053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 81ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42322832-1&cid=801479616.1648243970&jid=515745900&_u=YEBAAEAAAAAAAC~&z=2039077053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 touch_track Show response
api-cf.affirm.com/api/v2/session/ 46 B
1 KB 206ms
132ms Fetch
application/json 108.157.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cf.affirm.com/api/v2/session/touch_track

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-16.dus51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

016276e793892c7b98824b9c336ab594296c80a62fe911e63ad1fb76d36c99c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 23
access-control-allow-headers: Accept, Content-Type, X-Requested-With
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
x-affirm-canary: true
x-affirm-request-id: bf1779cb-2fa8-43a3-c3f5-5dd6d35dcffe
server: istio-envoy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.wearfigs.com
x-amz-cf-id: SvWR8EofnxcVSI6lvuQaVdwyRGdZ0fW4-g-9RTqmGMnY0xuBQk7uLQ==

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 22 B
721 B 83ms
13ms Fetch
application/json 99.86.7.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-25.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:06:11 GMT
content-encoding: gzip
vary: Accept-Encoding,cookie,Origin,Origin
age: 1598
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.wearfigs.com
x-affirm-request-id: 123a7a54-4db4-4302-c358-e7f961116470
server: istio-envoy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: k-QnJ88CDXYZ2eBUpLI53WCjlx5i1KND9R_dge-JSsLkjMwQw3dIgw==

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 324ms
113ms Image
image/gif 34.201.179.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=1002051280287125&v=4468385260918823&s=2200423550103511&b=web&tv=4.0&z=0&h=%2F&q=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&d=www.wearfigs.com&t=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&us=Friendbuy&um=referral&uc=email&ua=Post-Purchase%20Overlay%20-%20March%202021&ts=1648243969851&st=1648243969872

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.179.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-179-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 323ms
112ms Image
image/gif 34.201.179.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=1002051280287125&v=4468385260918823&s=2200423550103511&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=Friendbuy&sp=um&sp=referral&sp=uc&sp=email&sp=ua&sp=Post-Purchase%20Overlay%20-%20March%202021&sp=ts&sp=1648243969851&sp=d&sp=www.wearfigs.com&sp=h&sp=%2F&sp=t&sp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&sp=q&sp=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&pp=d&pp=www.wearfigs.com&pp=q&pp=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&pp=h&pp=%2F&pp=t&pp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&pp=ts&pp=1648243969851&id0=6441361606136760&t0=Marketing_AllPages_View_PageView&ts0=1648243969751&id1=1333158732308618&t1=Marketing_Homepage_View_PageView&ts1=1648243969752&st=1648243969873

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.179.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-179-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 json Show response
trc.taboola.com/1100083/trc/3/ 2 KB
1 KB 29ms
26ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1100083/trc/3/json?tim=1648243969892&data=%7B%22id%22%3A884%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1648243969885%2C%22cv%22%3A%2220220317-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-alexwearfigscom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1648243969891%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b60a920fb383a0b7c34cd8faa42f7c61aad18997cb95e9776d0f44535df56ba8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
server: nginx
x-timer: S1648243970.901514,VS0,VE20
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1648243969897&aid=a-04bo&se=e30&duid=c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9&tna=v2.3.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%...
https://rp4.liadm.com/j?dtstmp=1648243969897&aid=a-04bo&se=e30&duid=c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9&tna=v2.3.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay...

13 B
553 B

391ms
98ms

XHR
application/json

54.235.15.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1648243969897&aid=a-04bo&se=e30&duid=c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9&tna=v2.3.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&wpn=lc-bundle&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIEZJR1MgZm9yIGNvbWZvcnRhYmxlIGRlc2lnbmVyIHNjcnVicyBhbmQgbWVkaWNhbCBhcHBhcmVsIHRoYXTigJlzIDEwMCUgYXdlc29tZS4gVG9ucyBvZiBjb2xvcnMgYW5kIGZhc2hpb25hYmxlIHN0eWxlcy4gR2V0IHJlYWR5IHRvIGxvdmUgeW91ciBzY3J1YnMhIj4&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true

Protocol

Server

54.235.15.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-235-15-197.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
x-pixel-event-id: 63b18b7d-b63b-4b38-a8eb-317778896358
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 483773f210b2dd18
request-time: 1
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Fri, 25 Mar 2022 21:32:50 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1648243969897&aid=a-04bo&se=e30&duid=c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9&tna=v2.3.0&pu=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&wpn=lc-bundle&c=PHRpdGxlPkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICZhbXA7IEFwcGFyZWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIEZJR1MgZm9yIGNvbWZvcnRhYmxlIGRlc2lnbmVyIHNjcnVicyBhbmQgbWVkaWNhbCBhcHBhcmVsIHRoYXTigJlzIDEwMCUgYXdlc29tZS4gVG9ucyBvZiBjb2xvcnMgYW5kIGZhc2hpb25hYmxlIHN0eWxlcy4gR2V0IHJlYWR5IHRvIGxvdmUgeW91ciBzY3J1YnMhIj4&i6=MjAwMTphYzg6MjA6MzAyOjoyMDJl&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.wearfigs.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 880965ab003258b9
request-time: 1
content-length: 0
x-content-type-options: nosniff

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 411ms
385ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1648243969901&id=t2_oojec&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=93972114-8ee3-45a1-80bc-aa99f1f98df9&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_da535582
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8795 13 KB
5 KB 57ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.wearfigs.com&origin=onetag

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1975
date: Fri, 25 Mar 2022 21:32:48 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/D07CA17E1806573C54E81EE3/ 120 KB
9 KB 188ms
153ms XHR
application/json 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/D07CA17E1806573C54E81EE3/campaigns.json?s=j&l=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&user_uuid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&fence=1

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4795a3cfbdd82325dd06fa80c92ea169a23163053f1978a0e13d24d4bff292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ipcountry: GB
date: Fri, 25 Mar 2022 21:32:50 GMT
x-ippostalcode
cf-cache-status: DYNAMIC
access-control-allow-origin: *
access-control-request-method: *
content-encoding: gzip
x-request-id: 65e644f6-7ea4-4e95-9636-413ed02cc1bb
server: cloudflare
etag: W/"6b4795a3cfbdd82325dd06fa80c92ea1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
via: 1.1 vegur
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: GB_
cf-ray: 6f1ac2ec69ddcc5a-ZRH

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 26ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1411344802476211&ev=PageView&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&rl=&if=false&ts=1648243969949&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648243969948.652270544&it=1648243969632&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 21:32:49 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/984949555/ 42 B
64 B 40ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984949555/?random=1648243969697&cv=9&fst=1648242000000&num=1&label=pBt0CK7t-PIBELPG1NUD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=2685299573&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/984949555/ 42 B
64 B 37ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984949555/?random=1648243969697&cv=9&fst=1648242000000&num=1&label=pBt0CK7t-PIBELPG1NUD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=2685299573&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/655922783/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/655922783/?random=1648243969698&cv=9&fst=1648242000000&num=1&label=6uaLCL3u6PIBEN-s4rgC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=402095113&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/655922783/ 42 B
64 B 36ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/655922783/?random=1648243969698&cv=9&fst=1648242000000&num=1&label=6uaLCL3u6PIBEN-s4rgC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=402095113&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/615428503/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/615428503/?random=1648243969695&cv=9&fst=1648242000000&num=1&label=TyMaCLic5vIBEJfjuqUC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=540134768&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/615428503/ 42 B
64 B 44ms
26ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/615428503/?random=1648243969695&cv=9&fst=1648242000000&num=1&label=TyMaCLic5vIBEJfjuqUC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=540134768&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/671967648/ 42 B
64 B 41ms
25ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/671967648/?random=1648243969698&cv=9&fst=1648242000000&num=1&label=CJFiCLnb6PIBEKDTtcAC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=2769845394&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/671967648/ 42 B
64 B 38ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/671967648/?random=1648243969698&cv=9&fst=1648242000000&num=1&label=CJFiCLnb6PIBEKDTtcAC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&tiba=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&async=1&fmt=3&is_vtc=1&random=2769845394&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
345 B 41ms
13ms Image
image/gif 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=522d7f2d-49ef-4096-a2c6-97b3853cec75&it=1648243969958&v=0.0.20&u=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&st=1648243969958&et=1648243969958&if=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 21 B
720 B 11ms
11ms Fetch
application/json 99.86.7.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-25.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8d728ba62f3f7c795e471c6dce9d637ffce93580e4936c3f1b578320242df7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 20:51:37 GMT
content-encoding: gzip
vary: Accept-Encoding,cookie,Origin,Origin
age: 2472
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=86400
x-affirm-cache-status: MISS
access-control-allow-origin: https://www.wearfigs.com
x-affirm-request-id: bb7c4add-640f-4cf8-ccce-98a025ab1473
server: istio-envoy
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: Accept, Content-Type, X-Requested-With
x-amz-cf-id: XUBDJvjrNoaCz_QJPsZ0p1fyyAL_3HtMzSw3mIMuPfT8O52aOWQ4WQ==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1435364/ 146 B
321 B 159ms
48ms XHR
application/json 52.51.233.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1435364/visit-data?sv=6
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.233.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-233-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1435364 Show response
vc.hotjar.io/sessions/ 0
257 B 52ms
34ms XHR
text/plain 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1435364?s=0.25&r=0.05498005878167955
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: g7DRnuj3N6cWOx3VuDxU0u1mUvZxsENPtatSVoAVzGDP1H6CWYqGYg==

GET
H2 200 pp.js Show response
api-34-216-180-31.b2c.com/s/ 15 KB
6 KB 82ms
31ms Script
text/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-216-180-31.b2c.com/s/pp.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 3229
etag: W/"620fe3a7-3aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fVJI60Wl8wfePQpFREZsromFPuADWhzXe8zYhTx%2FhvI8ZbjYKnBZqQZDyhqloh0GASNxpKRRjLEvsSgjxooee0go6Gisw7inFN45BSWUFh1Jl7bzYCQcc9feE986fnUDRs6rcVvNNyuHyrriqUxtWmZrhT2uk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f1ac2ecac1459b3-MXP

GET
H2 200 ev1 Show response
connect.nosto.com/ 425 B
1 KB 211ms
134ms XHR
application/json 2600:9000:224a:4e00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/ev1?m=shopify-1398942&message=%7B%22elements%22%3A%5B%5D%2C%22response_mode%22%3A%22HTML%22%2C%22url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22events%22%3A%5B%5B%22ec%22%2C%22Post-Purchase%2BOverlay%2B-%2BMarch%2B2021%22%5D%5D%7D

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ca0c151d1851b32da6153455a4aad1613746ec210a081b86e09368e7e8ce7a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P1
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 1a7dd124-f726-4004-bc79-c242f5298ab6
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: pdYTgpUnXk0ndQMfQsWId5Tko5BBuivPGVruPrZO69fOe4ef4qRMvw==

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 139ms
113ms Image
image/gif 34.201.179.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=1002051280287125&v=4468385260918823&s=2200423550103511&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=Friendbuy&sp=um&sp=referral&sp=uc&sp=email&sp=ua&sp=Post-Purchase%20Overlay%20-%20March%202021&sp=ts&sp=1648243969851&sp=d&sp=www.wearfigs.com&sp=h&sp=%2F&sp=t&sp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&sp=q&sp=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&pp=d&pp=www.wearfigs.com&pp=q&pp=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&pp=h&pp=%2F&pp=t&pp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&pp=ts&pp=1648243969851&id0=5829139837510105&k0=Load%20Time&k0=2.47&t0=Page%20Load&ts0=1648243970057&st=1648243970058

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.179.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-179-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8795
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=wearfigs.com&sn=ChromeSyncframe&so=0&topUrl=www.wearfigs.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=2vdy8nw2dFlZdS9mU3ZlRXl2YWVvNXdLdWxLdk5mL01VNmgvNzhwTTU0WFE2RncxMVFzdWt1a3BKS1R6MXB2bklSU3FlVHZzUk92R1VMRjBOQ3JCektYYnJnaW1vMUo3dTNjbFRQamVDU2lOUko2VFhrRTdoMTU3NnU4M0...

433 B
631 B

195ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2vdy8nw2dFlZdS9mU3ZlRXl2YWVvNXdLdWxLdk5mL01VNmgvNzhwTTU0WFE2RncxMVFzdWt1a3BKS1R6MXB2bklSU3FlVHZzUk92R1VMRjBOQ3JCektYYnJnaW1vMUo3dTNjbFRQamVDU2lOUko2VFhrRTdoMTU3NnU4M0d0dEN1cGhWdFlrczVrdnFNZ2xmdmJPTy9wd2RrRjlERmZFTlRCR3VuMm5VWTdTNDFQNEQzTC9xbHVZZW9UK2plOTlTbFowSjQ3N1hVaHJERUlWc2xiRzRZaWM0WU1Kd3RNOGlHQnc1WWNkYWN2QllqRUVnZDRLbHlBUkp3UjJDdHkyQlBlSHFvR3RZY0xFU1V3V2ZFSDdQc1dCZFQ5QT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8807331f35d6ac8aee0cf6f4c94033ac73bb30754361b472f892d265a46bb6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4649
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=2vdy8nw2dFlZdS9mU3ZlRXl2YWVvNXdLdWxLdk5mL01VNmgvNzhwTTU0WFE2RncxMVFzdWt1a3BKS1R6MXB2bklSU3FlVHZzUk92R1VMRjBOQ3JCektYYnJnaW1vMUo3dTNjbFRQamVDU2lOUko2VFhrRTdoMTU3NnU4M0d0dEN1cGhWdFlrczVrdnFNZ2xmdmJPTy9wd2RrRjlERmZFTlRCR3VuMm5VWTdTNDFQNEQzTC9xbHVZZW9UK2plOTlTbFowSjQ3N1hVaHJERUlWc2xiRzRZaWM0WU1Kd3RNOGlHQnc1WWNkYWN2QllqRUVnZDRLbHlBUkp3UjJDdHkyQlBlSHFvR3RZY0xFU1V3V2ZFSDdQc1dCZFQ5QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1888
content-length: 541
expires: 0

POST
H2 200 collect
tracker.affirm.com/ 14 B
414 B 436ms
374ms Ping
application/octet-stream 143.204.215.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.affirm.com/collect

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-106.fra53.r.cloudfront.net

Software

openresty /

Resource Hash

70f07df8529a5da355e70cb8fd1a2c6cdbe6dec83a5332bfcf06f5a917e6e607

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
x-affirm-request-id: 99f63086-5929-4518-c53e-bb63f7ba17bd
server: openresty
x-amz-cf-pop: FRA53-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-length: 14
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-id: vxtK6b-V_KpleTsWIbtwrNfsSgJ91AIJdANlyu2dtrKH1kaN3kcvmQ==

GET
H2 200 / Show response
www.affirm.com/apps/toast/ Frame F9B1 652 B
1 KB 26ms
25ms Document
text/html 99.86.7.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/apps/toast/

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.7.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-7-25.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8768a4170a4710fa38da88574b4315b825a4bba25299dad58fcf248a495c5a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

content-type: text/html
server: istio-envoy
last-modified: Wed, 09 Feb 2022 01:28:21 GMT
x-affirm-request-id: 491dec1b-4e82-4ba7-cbaf-1cd00c526559
strict-transport-security: max-age=86400
x-affirm-cache-status: REVALIDATED
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin <https://cdn1.affirm.com>; rel=preconnect <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin <https://cdn-assets.affirm.com>; rel=preconnect <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin <https://cdnjs.cloudflare.com>; rel=preconnect
content-encoding: gzip
x-envoy-upstream-service-time: 17
date: Fri, 25 Mar 2022 21:29:46 GMT
cache-control: max-age=300, public, must-revalidate
etag: W/"cda9cd494bb94f2f6af3e463c1eacda4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: cuu2WPEdxeVEeN4b2zlkkycqHWPm5FmEWkHbmOQgPXA8Q5wzeIhg6A==
age: 185

GET
H2 200 ad.gif
api-34-216-180-31.b2c.com/s/ 43 B
378 B 34ms
33ms Image
image/gif 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-216-180-31.b2c.com/s/ad.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 3217
etag: "620fe3a7-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e73UOEWL6udlFpVIcloL4HxlbLw5sFrXxC1j1MRuQcbce8PESqoICLZKegvETHKCNFoSux1uaoyBIQjokYlEdQ1LL4eqq7%2BEH%2FALQS84uhaVE9xje%2FmGhJq6pI76zJ0P9YULdGTuBByWa1aRQTEbIG60b6r6Q1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f1ac2edef4559b3-MXP
content-length: 43

GET
H2 200 index-cc35f9e8384f96d24f0d.css
cdn1.affirm.com/products/toast/master/dist/ Frame F9B1 15 KB
5 KB 42ms
20ms Stylesheet
text/css 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/products/toast/master/dist/index-cc35f9e8384f96d24f0d.css

Requested by

Host: www.affirm.com
URL: https://www.affirm.com/apps/toast/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7de29db67a5a02da70e826601983cc17f3edc043744bdb3d8f64d9c3d065697f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.affirm.com/
Origin: https://www.affirm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: hBns5Ml7_83aH2fuhveFHo1fIMgaOJ_W
content-encoding: gzip
etag: "4ca8e7473adc506a12320a9dcaf0edcf"
age: 3873847
via: 1.1 varnish, 1.1 varnish
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
access-control-max-age: 3000
x-amz-replication-status: PENDING
strict-transport-security: max-age=31557600
x-amz-request-id: JKAZAR48BH3GWBA5
x-amz-id-2: 8HSDv3XeJrt66g4G71pBFqbc1ouzw1lQbk6sr+i8qpPZSpkQr1bW/WDv8hQbKzAugaAg8ihcZf4=
x-served-by: cache-iad-kiad7000111-IAD, cache-hhn4076-HHN
accept-ranges: bytes
last-modified: Wed, 09 Feb 2022 01:28:20 GMT
server: AmazonS3
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
x-amz-meta-md5checksum: TKjnRzrcUGoSMgqdyvDtzw==
content-length: 4585
x-cache-hits: 55939, 17415

GET
H2 200 index-98ecc297034b2159fbf5.js Show response
cdn1.affirm.com/products/toast/master/dist/ Frame F9B1 327 KB
102 KB 42ms
21ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/products/toast/master/dist/index-98ecc297034b2159fbf5.js

Requested by

Host: www.affirm.com
URL: https://www.affirm.com/apps/toast/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

813b6f9c4d6e568debdb35e047666aaacda2ff909b8c00ea6ad49292e8139ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.affirm.com/
Origin: https://www.affirm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: GAmTOvYterrePQMt2V0KirWdrlvsjcY9
content-encoding: gzip
etag: "e52ac0c5b5b3b2d52a408c6794407eb8"
age: 3873868
via: 1.1 varnish, 1.1 varnish
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
access-control-max-age: 3000
x-amz-replication-status: PENDING
strict-transport-security: max-age=31557600
x-amz-request-id: MZ47EG4R3PBCEGPT
x-amz-id-2: pfVHoz/QiO0UuQuOcCq2EsOsSXbR8pnDvQ6RIrxpYeb8KXUHKv4yoNeLcjCN//6J84eOC6/P62U=
x-served-by: cache-iad-kiad7000046-IAD, cache-hhn4076-HHN
accept-ranges: bytes
last-modified: Wed, 09 Feb 2022 01:28:20 GMT
server: AmazonS3
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
x-amz-meta-md5checksum: 5SrAxbWzstUqQIxnlEB+uA==
content-length: 104287
x-cache-hits: 3091, 17271

GET
H2 200 ev1 Show response
connect.nosto.com/ 814 KB
42 KB 309ms
309ms XHR
application/json 2600:9000:224a:4e00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/ev1?m=shopify-1398942&message=%7B%22elements%22%3A%5B%22frontpage-nosto-1%22%2C%22frontpage-nosto-2%22%2C%22frontpage-nosto-3%22%2C%22frontpage-nosto-4%22%2C%22frontpage-nosto-5%22%2C%22frontpage-nosto-6%22%2C%22frontpage-nosto-7%22%2C%22frontpage-nosto-8%22%2C%22frontpage-nosto-9%22%2C%22frontpage-nosto-10%22%2C%22frontpage-nosto-11%22%2C%22frontpage-nosto-12%22%5D%2C%22tags%22%3A%5B%5D%2C%22custom_fields%22%3A%5B%5D%2C%22categories%22%3A%5B%5D%2C%22response_mode%22%3A%22JSON_ORIGINAL%22%2C%22url%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22events%22%3A%5B%5B%22ec%22%2C%22Post-Purchase%2BOverlay%2B-%2BMarch%2B2021%22%5D%5D%2C%22page_type%22%3A%22front%22%2C%22cart%22%3A%5B%5D%2C%22restore_link%22%3Anull%7D

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93f09763935e0f1fa73e3e6b97270d1ccb982f0b70d078b8a9044dee09963683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P1
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 4956cc04-e7ff-4e2f-937c-0984fd29288c
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: eaI2MU75mBqVYSUfd0DXmkWnbwMQrXNyOKIQG3jIhJedL5UzG8cYKA==

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.9.3/ Frame F9B1 27 KB
9 KB 66ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.9.3/rollbar.min.js

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/products/toast/master/dist/index-98ecc297034b2159fbf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70dee174047f13d7c472fcb3507e2930f06be338ac959fa8c0bea798cca1b5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.affirm.com/
Origin: https://www.affirm.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28747623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8868
cf-request-id: 09b31a3fd0000001fcef2cc000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc0-6bce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX49Mf%2Brwb9CZQNKCPBHspAd4mhdB8yvWnwv8cLMPKzVZt4OCzeFhML5mKsA0mCE4TugT7dGgzocPCCrHCI%2FAgprpKskQYASs0e%2BCFjk3KJt4hTtypDAg85Hhy1YW5F3OaBEvIj12NE0Yh2k6yRYjA8R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f1ac2eeeb2001f4-ZRH
expires: Wed, 15 Mar 2023 21:32:50 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 25 KB
26 KB 146ms
54ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5B38779%2C76417%2C83917%2C75649%5D&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=uNCQEl9tN1RNM2E4ViUyQkljS1hSRmI1S2V6TUo4VFRZdEdxVHZMWFRJc21iUUJTJTJCWlVVQ1ZrRUV3Zm1BTXY4WlgxRWVvazVOcWFLMk91d2F2dHcwTFFIS3pxbUZMUnFqRjVsSzVHZ3VmdE1HelNnd1NKcEwlMkJkSUFwVlAlMkJ6JTJGU2dTWHl5Y2txTyUyQmhOWVZpV1BnY2VQQVhjZGxvUkElM0QlM0Q&tld=wearfigs.com&dtycbr=57591

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e752b9ae3db2156a6b0d84994875c55e17c208257ff0197bb65ba84dad4fa7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 35605148
timing-allow-origin: *
expires: 0

GET
H/1.1

200
OK

4 Show response
v4-api-34-216-180-31.b2c.com/api/
Redirect Chain

https://api-34-216-180-31.b2c.com/api/x?NzY93fpJKKYEtCoQ$dXJsJDAkaHR0cHM6Ly93d3cud2VhcmZpZ3MuY29tLz91dG1fY2FtcGFpZ249UG9zdC1QdXJjaGFzZStPdmVybGF5Ky0rTWFyY2grMjAyMSZ1dG1fY29udGVudD1lbWFpbCZ1dG1fbWVk...
https://v4-api-34-216-180-31.b2c.com:444/api/4?NzY93fpJKKYEtCoQ

0
141 B

482ms
158ms

XHR
text/plain

34.216.180.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-34-216-180-31.b2c.com:444/api/4?NzY93fpJKKYEtCoQ
Protocol: HTTP/1.1
Server: 34.216.180.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-180-31.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Fri, 25 Mar 2022 21:32:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-34-216-180-31.b2c.com:444/api/4?NzY93fpJKKYEtCoQ
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt6CON%2By2OKe%2BuQdt6YDf9%2BvI1y9rmT8FxtnfG5D0Kuu%2BjcTL6n%2FNP%2BnVO%2BN3bscR8Latn4n%2BaVKP8XTSW3BjZj5t%2FNyDPZKGlUO6cg0KvU6VCEJ23JQipNDjRM0UFGMFFt294tC2vVitsqLffslitHTyDN8yZ4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6f1ac2efdfcc59d7-MXP

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D323 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.wearfigs.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 21:32:50 GMT

GET
H2 200 vendors~legacy_widget~modern_widget-a571641ae023c5b869db.chunk.js Show response
assets.privy.com/packs/js/ 39 KB
12 KB 51ms
40ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/vendors~legacy_widget~modern_widget-a571641ae023c5b869db.chunk.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e4414ce283724173e96ebb62b2b1ce2c38de473deec1b891e37c93d0e65275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 vegur, 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6838
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 12441
last-modified: Fri, 25 Mar 2022 17:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6f1ac2efc9f3cc42-ZRH
x-amz-cf-id: SnOAUnmrcl5XsD91oXegONCKnctg4TFKVIFNYwPaeIoQXhToyegg0g==

GET
H2 200 vendors~legacy_widget-aeba4391e8c499a73fb3.chunk.js Show response
assets.privy.com/packs/js/ 107 KB
36 KB 42ms
31ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/vendors~legacy_widget-aeba4391e8c499a73fb3.chunk.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9db21c4ec0d96d3ac8ac93dbf895b3e164df5abbfc44d421b29ac72c24907e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 vegur, 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6744
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 36668
last-modified: Fri, 25 Mar 2022 17:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6f1ac2efc9f1cc42-ZRH
x-amz-cf-id: hpBhbmIkrjs-owkzXbbvao9jIdhTUNy7vei-lQ6g8SlxW2FxFhqo3g==

GET
H2 200 legacy_widget-09a569d30e2614d2c2a1.chunk.js Show response
assets.privy.com/packs/js/ 234 KB
61 KB 38ms
27ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/legacy_widget-09a569d30e2614d2c2a1.chunk.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f199b44fdade602bf548b89a123977618344829e6f32b50b0e87263846d015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 vegur, 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6744
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 61801
last-modified: Fri, 25 Mar 2022 17:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6f1ac2efc9f0cc42-ZRH
x-amz-cf-id: l9p5UU9MnE-krDLeTl-zlIiMwWPyIHMfphO-UD1uJOGJ53-T9ED4Rw==

POST
H2 200 collect Show response
events.privy.com/v2/ 0
121 B 197ms
188ms XHR
text/html 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-ray: 6f1ac2f06d8ecc5a-ZRH
date: Fri, 25 Mar 2022 21:32:50 GMT
access-control-request-method: *
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
via: 1.1 vegur
x-request-id: a4e9c092-9411-41d5-b438-0dfd8ab5cbeb

GET
H2 200 widget-704dd559854766451635ff1827723e2b40ff10e6a38dd7431169d58365927cb8.css
assets.privy.com/assets/ 245 KB
25 KB 34ms
34ms Stylesheet
text/css 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-704dd559854766451635ff1827723e2b40ff10e6a38dd7431169d58365927cb8.css

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d62c385d688e23d18b6857929f9ee47fd902dcdfc8f29f0e486d7eb07cced81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 vegur, 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 6744
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 25075
last-modified: Mon, 28 Feb 2022 22:02:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6f1ac2f06ab9cc42-ZRH
x-amz-cf-id: qOONVpHRBpQQGnOfpT6YjaDh_c_0ox2Iq2D4kO7ikynkywYfxFisLQ==

GET
H2

200

collect
google-analytics.com/
Redirect Chain

https://privymktg.com/collect?v=1&cid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&e...
https://google-analytics.com/collect?v=1&cid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E...

35 B
393 B

73ms
7ms

Image
image/gif

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google-analytics.com/collect?v=1&cid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=5435473398516186

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:40:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42716
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 25 Mar 2022 21:32:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKn9M3mRQc%2BDhbgHC%2BG0JP7eQAdhgRDuD9lvxYlnFLB%2FH6tUCXCG8b2XI5vw8LEqKHUnXMkEO27Q7mRg4AO%2FnWKdmKfNx2FLVEUtMDE%2FFLo9GVk0jccbyoTTpxIc%2FMvsIDpIA6D%2BldzpQ3rV"}],"group":"cf-nel","max_age":604800}
location: https://google-analytics.com/collect?v=1&cid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&cd1=D07CA17E1806573C54E81EE3&tid=UA-20331028-1&t=pageview&ci=D07CA17E1806573C54E81EE3&cm=web&cn=D07CA17E1806573C54E81EE3&ec=widget&dl=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&dt=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&ul=en-US&z=5435473398516186
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6f1ac2f0de2173ab-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 collections Show response
connect.nosto.com/cmp-mapping/ 2 B
890 B 111ms
110ms XHR
application/json 2600:9000:224a:4e00:f:ee6c:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.nosto.com/cmp-mapping/collections?m=shopify-1398942&cid=623e350251c41363a2fdf1f8&fs=&preview=false

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:f:ee6c:7180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 2
x-xss-protection: 1; mode=block
x-request-id: a306064c-02e9-4efb-a78c-5a61589d3738
server: nginx
x-frame-options: DENY
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: miSInyE1RfsW-Bq9ZZG9cFCAkBkhcfBKtv1ZpoMCRVPYkPSY9j3AoA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 51ms
22ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dVKVlVU+J+RB4CMcqf9NTw==
age: 7204
vary: Accept-Encoding
content-length: 6678
x-ms-lease-status: unlocked
last-modified: Wed, 23 Mar 2022 03:08:06 GMT
server: cloudflare
etag: 0x8DA0C7A5A3A7B0E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 83686df9-601e-0142-7f66-3eb5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f1ac2f0c902020d-ZRH

GET
H2 200 graphql Show response
www.wearfigs.com/catalog/ 13 KB
2 KB 13ms
13ms Fetch
application/json 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wearfigs.com/catalog/graphql?operationName=FetchRecoProductDetails&variables=%7B%22handles%22%3A%5B%22womens-catarina-one-pocket-scrub-top-night-sky%22%2C%22womens-catarina-one-pocket-scrub-top-vapor-blue%22%2C%22womens-catarina-one-pocket-scrub-top-electric-orchid%22%2C%22womens-casma-three-pocket-scrub-top-night-sky%22%2C%22womens-zamora-jogger-scrub-pants-night-sky%22%2C%22womens-rafaela-mandarin-collar-scrub-top-night-sky%22%2C%22womens-rafaela-mandarin-collar-scrub-top-vapor-blue%22%2C%22womens-zamora-high-waisted-yoga-waistband-jogger-scrub-pants-night-sky%22%2C%22womens-montex-classic-mock-neck-scrub-top-night-sky%22%2C%22womens-rafaela-mandarin-collar-scrub-top-electric-orchid%22%2C%22womens-yola-high-waisted-yoga-waistband-skinny-scrub-pants-night-sky%22%2C%22womens-montex-classic-mock-neck-scrub-top-electric-orchid%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2255cf86857651cafa1608257ca70b674a102792727489307f24a99773fcd6ffcb%22%7D%7D
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-46.dus51.r.cloudfront.net
Software: envoy / Express
Resource Hash: d0c67fa140153fb0480b3b25c6468efd6e125b60b79307da41346d3445034f81

Request headers

x-figs-shop-region: US
x-figs-shop-currency: USD
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-datadog-sampling-priority: 1
accept: */*
Referer: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
x-figs-shop-locale: en-US
x-datadog-trace-id: 7920584924253578595
x-datadog-parent-id: 7920584924253578595
x-datadog-sampled: 1

Response headers

date: Fri, 25 Mar 2022 17:33:48 GMT
content-encoding: br
age: 14380
x-powered-by: Express
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 90
x-figs-catalog-impl: zidi
access-control-allow-origin: *
server: envoy
etag: W/"3498-OVQwpGBedPKA6QMBxwaylGYaC30"
vary: x-figs-shop-region,x-figs-shop-locale,x-figs-shop-currency
content-type: application/json; charset=utf-8
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: public, max-age=0, s-maxage=14400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: gFaTwAwYmYqDCi2aRcnRLQlKmj6ljLI5nCCp6NhqUfbqzkxe5W6UAQ==

GET
H2 200 graphql Show response
www.wearfigs.com/catalog/ 8 KB
1 KB 13ms
13ms Fetch
application/json 18.66.248.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wearfigs.com/catalog/graphql?operationName=FetchRecoProductDetails&variables=%7B%22handles%22%3A%5B%22mens-leon-two-pocket-scrub-top-night-sky%22%2C%22mens-tansen-jogger-scrub-pants-night-sky%22%2C%22mens-cairo-slim-cargo-scrub-pants-night-sky%22%2C%22mens-on-shift-sweater-knit-jacket-heathered-midnight-sky%22%2C%22mens-cobaki-performance-scrub-jacket-night-sky%22%2C%22mens-cairo-cargo-scrub-pants-night-sky%22%2C%22mens-tansen-classic-cargo-jogger-scrub-pants-night-sky%22%2C%22mens-on-shift-sherpa-jacket-oatmeal%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2255cf86857651cafa1608257ca70b674a102792727489307f24a99773fcd6ffcb%22%7D%7D
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-46.dus51.r.cloudfront.net
Software: envoy / Express
Resource Hash: 59300305004648c06aa76f94b80c73d235d7a8781c6615c7eef943836fcab6fb

Request headers

x-figs-shop-region: US
x-figs-shop-currency: USD
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-datadog-sampling-priority: 1
accept: */*
Referer: https://www.wearfigs.com/?utm_campaign=Post-Purchase+Overlay+-+March+2021&utm_content=email&utm_medium=referral&utm_source=Friendbuy&fbuy_ref_code=tvBF3
x-figs-shop-locale: en-US
x-datadog-trace-id: 3867833553022064558
x-datadog-parent-id: 3867833553022064558
x-datadog-sampled: 1

Response headers

date: Fri, 25 Mar 2022 17:42:55 GMT
content-encoding: br
age: 14138
x-powered-by: Express
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 67
x-figs-catalog-impl: zidi
access-control-allow-origin: *
server: envoy
etag: W/"1f08-86j0FYgI3UoASubK9qXJt7d1j0Y"
vary: x-figs-shop-region,x-figs-shop-locale,x-figs-shop-currency
content-type: application/json; charset=utf-8
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control: public, max-age=0, s-maxage=14400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: EQ9FDb5Me5svb7eUkKD4ElVS_9EaHnxAQrtY7ddEBQ06ZvSfU5ATlQ==

GET
H2 200 css
fonts.googleapis.com/ 664 B
858 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,undefined

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 21:32:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Mar 2022 21:32:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Mar 2022 21:32:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
628 B 42ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;700&display=swap

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07c650aa91d9f42601a9c668c73aad1b133580e99bffc7fa32fee198261c0e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 19:46:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Mar 2022 21:32:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Mar 2022 21:32:50 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 3037
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=0aSXRxTqY_ZutZ4Hzb_usqW9WEFPRIeg

42 B
178 B

45ms
18ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=0aSXRxTqY_ZutZ4Hzb_usqW9WEFPRIeg
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=0aSXRxTqY_ZutZ4Hzb_usqW9WEFPRIeg
date: Fri, 25 Mar 2022 21:32:50 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2851
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3037
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1wc0ZoeTFHZ3lnRTN1bVo0Si1EY3p5Z3lYb0dwd3JVeV80LXBZdw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

15ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 214824
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 3037 0
232 B 160ms
30ms Image
text/html 52.48.97.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-psFhy1GgygE3umZ4J-DczygyXoGpwrUy_4-pYw&custom=&tag_format=img&tag_action=sync&custom=&cb=ab1eaf9a-59ce-4629-a254-9a78e98d8c77
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.97.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-97-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 3037 42 B
418 B 192ms
17ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-psFhy1GgygE3umZ4J-DczygyXoGpwrUy_4-pYw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 3037 0
194 B 124ms
21ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 3037 43 B
715 B 135ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 25 Mar 2022 21:32:50 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 3037
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-wYKQcFGgygE3umZ4J-DczygyXoFuwjRJ2_On-Q
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-wYKQcFGgygE3umZ4J-DczygyXoFuwjRJ2_On-Q&verify=true

0
371 B

14ms
14ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-wYKQcFGgygE3umZ4J-DczygyXoFuwjRJ2_On-Q&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-wYKQcFGgygE3umZ4J-DczygyXoFuwjRJ2_On-Q&verify=true
date: Fri, 25 Mar 2022 21:32:50 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 3037 0
476 B 414ms
92ms Image
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Tlro8FGgygE3umZ4J-DczygyXoFygXdsNlGGgQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:51 GMT
Cache-Control: no-cache
X-TraceId: 73834be4d53ada3cf843fd4510f8d452
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 3037 0
426 B 911ms
638ms Image
text/plain 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-AwMlcFGgygE3umZ4J-DczygyXoFPpwPW0SoR6g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 3037 0
239 B 45ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-AwMlcFGgygE3umZ4J-DczygyXoFPpwPW0SoR6g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 3037
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-w_r741GgygE3umZ4J-DczygyXoFyua058AQD-Q&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-w_r741GgygE3umZ4J-DczygyXoFyua058AQD-Q%26seg%3D95287

43 B
1 KB

14ms
14ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-w_r741GgygE3umZ4J-DczygyXoFyua058AQD-Q%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:50 GMT
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d7b08576-e57f-4caa-8ebb-32bde146eaf8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:50 GMT
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: acd1e65a-275a-4584-aa0b-e49a191ab628
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-w_r741GgygE3umZ4J-DczygyXoFyua058AQD-Q%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3037 42 B
671 B 901ms
162ms Image
image/gif 204.237.133.120
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-ue-Hi1GgygE3umZ4J-DczygyXoFLsPZOB8aJKg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.120 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
cache-control: no-store, no-cache, private
x-lat: 10:0:373
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 3037
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-UYxt01GgygE3umZ4J-DczygyXoHqzb2fHi-j-A&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-UYxt01GgygE3umZ4J-DczygyXoHqzb2fHi-j-A&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-UYxt01GgygE3umZ4J-DczygyXoHqzb2fHi-j-A&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-UYxt01GgygE3umZ4J-DczygyXoHqzb2fHi-j-A&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 25 Mar 2022 21:32:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame 3037 45 B
784 B 91ms
41ms Image
image/gif 2.22.32.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-1YfRsFGgygE3umZ4J-DczygyXoEfZKOsmLQENw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-22-32-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 25 Mar 2022 21:32:50 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 25 Mar 2022 21:32:50 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 3037
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw&C=1

43 B
1 KB

116ms
115ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 25 Mar 2022 21:32:51 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3037 0
241 B 59ms
12ms Image
text/plain 2600:9000:224a:a400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-7oRegVGgygE3umZ4J-DczygyXoHexNiohCgjcQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:a400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: JqZiWi6SWLrdjCg3kLzNQMRSQfxbK3j7Lh7P3n9v5N0LV-8CXEkF0Q==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 3037
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-OdEJVVGgygE3umZ4J-DczygyXoEHyBSuuZw0Ew&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OdEJVVGgygE3umZ4J-DczygyXoEHyBSuuZw0Ew&expires=30&user_group=5

43 B
510 B

114ms
114ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OdEJVVGgygE3umZ4J-DczygyXoEHyBSuuZw0Ew&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-OdEJVVGgygE3umZ4J-DczygyXoEHyBSuuZw0Ew&expires=30&user_group=5
Date: Fri, 25 Mar 2022 21:32:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 3037 35 B
336 B 108ms
34ms Image
image/gif 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-8pVbA1GgygE3umZ4J-DczygyXoH9h6YgN_8ZdQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 3037 23 B
172 B 78ms
36ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-UMVjVVGgygE3umZ4J-DczygyXoEB_JJLDC4oyA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 25 Mar 2022 21:32:51 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3037 0
99 B 90ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-MM777lGgygE3umZ4J-DczygyXoFlVue-dSTVeg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13338

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3037 43 B
163 B 135ms
26ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Ig07OlGgygE3umZ4J-DczygyXoEgDuZoH6yxcA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 3037 68 B
262 B 54ms
7ms Image
image/png 35.158.142.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-7ia7I1GgygE3umZ4J-DczygyXoEkAtY2-jpwwA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.142.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-142-150.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3037
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-tEC-xFGgygE3umZ4J-DczygyXoEBXwuRtV6Zeg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tEC-xFGgygE3umZ4J-DczygyXoEBXwuRtV6Zeg

43 B
445 B

35ms
35ms

Image
image/gif

34.246.109.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tEC-xFGgygE3umZ4J-DczygyXoEBXwuRtV6Zeg
Protocol: H2
Server: 34.246.109.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-109-130.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Mar 2022 21:32:51 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-tEC-xFGgygE3umZ4J-DczygyXoEBXwuRtV6Zeg
date: Fri, 25 Mar 2022 21:32:51 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 3037
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-813md1GgygE3umZ4J-DczygyXoEOAXj-RK8qBQ
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-813md1GgygE3umZ4J-DczygyXoEOAXj-RK8qBQ

43 B
419 B

509ms
94ms

Image
image/gif

2600:1f18:444a:4680:6bbe:49e:bc45:59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-813md1GgygE3umZ4J-DczygyXoEOAXj-RK8qBQ

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:6bbe:49e:bc45:59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:52 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-813md1GgygE3umZ4J-DczygyXoEOAXj-RK8qBQ
Date: Fri, 25 Mar 2022 21:32:51 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 3037 43 B
427 B 498ms
165ms Image
image/gif 52.8.175.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-U4X_9lGgygE3umZ4J-DczygyXoGaJDTIFzGhjA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.175.250 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-175-250.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 3037 43 B
183 B 296ms
93ms Image
image/gif 2600:1f18:612b:4200:b61c:5ded:72b6:ee33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-BAkifVGgygE3umZ4J-DczygyXoF9QBO5dfaErg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b61c:5ded:72b6:ee33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 3037
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-CRRpQlGgygE3umZ4J-DczygyXoHOhA0vGxH4qQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

115ms
7ms

Image
image/gif

2001:4de0:ac19::1:b:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:51 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1648243971.dop156.fr8.t,1648243971.cds269.fr8.shn,1648243971.cds269.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1648243971106092-528
Expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 3037 43 B
220 B 316ms
100ms Image
image/gif 52.55.166.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-__MyvFGgygE3umZ4J-DczygyXoGwIedv4undrg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.166.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-166-42.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a.json Show response
cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/ 3 KB
2 KB 48ms
21ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eeef476ec87c50fffa61c208feb3219819413be0a2b228de887439eb52feba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mCAIM77kpX8A7JiRR1N7WA==
age: 10220
vary: Accept-Encoding
content-length: 1415
x-ms-lease-status: unlocked
last-modified: Tue, 27 Jul 2021 22:13:35 GMT
server: cloudflare
etag: 0x8D9514BC714357E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 935ddb99-701e-00f8-421a-b613fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f1ac2f20cb8233d-ZRH
expires: Sat, 26 Mar 2022 01:32:50 GMT

GET
H2 200 Women-Catarina-Scrub-Top-XL_nightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 11 KB
12 KB 20ms
17ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Catarina-Scrub-Top-XL_nightsky-1_408x547.jpg?v=1647555474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

1f24c1aa992d8a56bfd2c1bf6d001b06ba6100e1c029c7f1e366a11da90fb65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.718,cdnPop;desc=MXP,cdnCache;desc=HIT
content-length: 11626
x-xss-protection: 1; mode=block
x-request-id: f1f59c87d26af33ec465b36684288025
x-served-by: cache-lga21924-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.897593,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Catarina-Scrub-Top-XL_nightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 16

GET
H2 200 Women-Catarina-Scrub-Top_vaporbluespacedye-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
11 KB 26ms
23ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Catarina-Scrub-Top_vaporbluespacedye-1_408x547.jpg?v=1646084579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

633bf19158fc19a8e7d0e6e132600f0b3092b0676c7724b6c2bdb7a811352acb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.334,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 10668
x-xss-protection: 1; mode=block
x-request-id: f56688f47cbc3e9d44a3aabf1bfc22b1
x-served-by: cache-lga21966-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.897889,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Catarina-Scrub-Top_vaporbluespacedye-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Women-Catarina-Scrub-Top_electricorchid-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 12 KB
12 KB 52ms
49ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Catarina-Scrub-Top_electricorchid-1_408x547.jpg?v=1646325903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

6a08661552517cd801e286d4aaa9552b380eb85d85bdeeaa1f067815498ad0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.279,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 12148
x-xss-protection: 1; mode=block
x-request-id: 6c994fac9d226d75551543b7755cf812
x-served-by: cache-lga21943-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898025,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Catarina-Scrub-Top_electricorchid-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Women-Casma-Two-Pocket-Scrub-Top_nightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
10 KB 53ms
50ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Casma-Two-Pocket-Scrub-Top_nightsky-1_408x547.jpg?v=1646677696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

7b12d4d291854db4bb8fe7d470f7cd8c2aa8fcf9c2a046802f975ed2c350f8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.164,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 10126
x-xss-protection: 1; mode=block
x-request-id: f91c97971fe038cb0954bcdfaa67cc95
x-served-by: cache-lga21924-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898167,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Women-Casma-Two-Pocket-Scrub-Top_nightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Womens-Zamora-Jogger-Scrub-Pant_nightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
10 KB 20ms
17ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Zamora-Jogger-Scrub-Pant_nightsky-1_408x547.jpg?v=1645808068

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

709cb048a2255a262b3683667ad1b8772861c7312519cb8be5ea64aab4e787e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.423,cdnPop;desc=MXP,cdnCache;desc=HIT
content-length: 9866
x-xss-protection: 1; mode=block
x-request-id: a3134272031ee8d6c8ce9c2ca0746533
x-served-by: cache-lga13622-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898216,VS0,VE0
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Womens-Zamora-Jogger-Scrub-Pant_nightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 18

GET
H2 200 Men-Leon-Pocket-Scrub-Top_nightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 11 KB
11 KB 56ms
54ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Men-Leon-Pocket-Scrub-Top_nightsky-1_408x547.jpg?v=1646675265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

28d0094a32508af0a5ae62a21c974f28f344c1f8f9d3798e91556d3133f658db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.418,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 10850
x-xss-protection: 1; mode=block
x-request-id: e766daed78b52819d234ca697a236c5c
x-served-by: cache-lga21980-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898259,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Men-Leon-Pocket-Scrub-Top_nightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Men-Tansen-Jogger-Pant_nightsky1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
10 KB 54ms
52ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Men-Tansen-Jogger-Pant_nightsky1_408x547.jpg?v=1646783977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

92e7359d3516e68c4709bb0deba295243a4950a06ff0981394a070c951fcf15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.159,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 9862
x-xss-protection: 1; mode=block
x-request-id: 0a45b30b328bdf366682a8b976271b29
x-served-by: cache-lga21942-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898353,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Men-Tansen-Jogger-Pant_nightsky1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Men-Slim-Cairo-Cargo-Scrub-Pant_nightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 10 KB
10 KB 55ms
52ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Men-Slim-Cairo-Cargo-Scrub-Pant_nightsky-1_408x547.jpg?v=1646772844

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

c8b419cb843b2ba9ebb97acc87115738f2a2d1f64c4d14b246be9c8cb1264d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.150,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 9912
x-xss-protection: 1; mode=block
x-request-id: 9717644993956faa47bc51113899bcc6
x-served-by: cache-lga21968-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898412,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Men-Slim-Cairo-Cargo-Scrub-Pant_nightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Mens-On-Shift-Sweater-Knit-JKT_HTRnightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 13 KB
13 KB 56ms
54ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-On-Shift-Sweater-Knit-JKT_HTRnightsky-1_408x547.jpg?v=1646865778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

015a1ddadda41c42f45fb7b9eb9857abab596ef30f0ac00f0b2c0089dd05b2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.368,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 13156
x-xss-protection: 1; mode=block
x-request-id: 9d1a520a22070d315c622edbc49801d5
x-served-by: cache-lga21955-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.898499,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-On-Shift-Sweater-Knit-JKT_HTRnightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Mens-Cobaki-Perf-Scrub-JKT_nightsky-1_408x547.jpg
cdn.shopify.com/s/files/1/0139/8942/products/ 11 KB
12 KB 56ms
54ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Cobaki-Perf-Scrub-JKT_nightsky-1_408x547.jpg?v=1646865309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6940-MXP /

Resource Hash

941ab056f9ff4b8230b1327ae107236e3f8d059aa7007f477f8adff2f32f7695

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.189,cdnPop;desc=MXP,cdnCache;desc=HIT-CLUSTER
content-length: 11568
x-xss-protection: 1; mode=block
x-request-id: 25d782a2b81df5ef2debc078b8e725f4
x-served-by: cache-lga21977-LGA, cache-mxp6940-MXP
server: cache-mxp6940-MXP
x-timer: S1648243971.899034,VS0,VE1
date: Fri, 25 Mar 2022 21:32:50 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0139/8942/products/Mens-Cobaki-Perf-Scrub-JKT_nightsky-1_408x547.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 59ms
30ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6f1ac2f27ce701e3-ZRH
access-control-allow-headers: Content-Type

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 3037
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/ifRkkq-Yi4JNjyA5U15JJ6Iuz3-__0d7/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3876476978028544413

43 B
370 B

21ms
21ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3876476978028544413

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1855689
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3876476978028544413
pragma: no-cache
date: Fri, 25 Mar 2022 21:32:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3037
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5689770396827558777

43 B
370 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5689770396827558777

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:49 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1673349
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:32:51 GMT
X-Proxy-Origin: 193.27.14.21; 193.27.14.21; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8cc212e4-1acc-42fb-9546-892289692cff
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5689770396827558777
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.21.0/ 311 KB
74 KB 18ms
18ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pGGMtIN6zlnW55bGN1NE3w==
age: 13641913
vary: Accept-Encoding
content-length: 75797
x-ms-lease-status: unlocked
last-modified: Fri, 23 Jul 2021 01:58:45 GMT
server: cloudflare
etag: 0x8D94D7D67DF8167
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4ea4951e-601e-0149-756c-c4add3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f1ac2f2ac77020d-ZRH

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/44dff4f6-36d2-41d3-bbac-309d33a0b4dc/ 69 KB
15 KB 151ms
151ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5f6fbb5a-ed5e-4087-8c32-2c813aa00c2a/44dff4f6-36d2-41d3-bbac-309d33a0b4dc/en.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

717a8f9f948a93df3efb6add7630a3f650bfd4fc2b830a43e5a39d5d782bebbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: yphxcm1s0ZR+IUxogda1mw==
vary: Accept-Encoding
content-length: 14815
x-ms-lease-status: unlocked
last-modified: Tue, 27 Jul 2021 22:13:36 GMT
server: cloudflare
etag: 0x8D9514BC79F78C8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6e1f8e67-701e-0156-7333-4076c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f1ac2f2fe06233d-ZRH
expires: Sat, 26 Mar 2022 01:32:51 GMT

GET
H2 200 forge.min.js Show response
unpkg.com/node-forge@0.7.0/dist/ 266 KB
69 KB 32ms
32ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/node-forge@0.7.0/dist/forge.min.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1383654
fly-request-id: 01FXR8EGZ0A1DQ5ZA7E030YWY9-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2017 22:37:03 GMT
server: cloudflare
etag: W/"429bd-Ikb3wlLVm2wlvXrmcm23V6AN+Rc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f1ac2f3085bcc36-ZRH

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 197ms
119ms Script
application/javascript 2a02:26f0:6c00:28a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 scevent.min.js Show response
sc-static.net/ 17 KB
7 KB 54ms
26ms Script
application/javascript 108.157.5.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-251.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: DUS51-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
x-amz-cf-id: nR_FPuqsOdaqUWcM_AgAcLLo3GzraCcKNL9HBl0BRfjb5a01-qkV2A==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 21ms
21ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Mar 2022 21:32:51 GMT

GET
H/1.1 200
OK friendbuy.min.js Show response
djnf6e5yyirys.cloudfront.net/js/ 121 KB
42 KB 59ms
9ms Script
application/javascript 99.86.1.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-96.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e26bddfe28fe2e8e28c5b25968decb689ebac4300ee117b4c5c472a0600cd343

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: eATjcjBrymkaCY25fDl0wDYs2YHXtSAL
Content-Encoding: gzip
ETag: W/"6d60ce692f3c7b9f4a8baad4b84d05a7"
Age: 2593
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Oct 2021 20:51:22 GMT
Server: AmazonS3
Date: Fri, 25 Mar 2022 20:49:44 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
Cache-Control: public, max-age=180
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: g2yHNB7i-341G0eO1tscywVYBq1T7Exge4brjBq6MvO7JN6wy_quYg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 136 KB
39 KB 130ms
107ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 797f6702745ce3f671f5d38c29afe2a1e67be9ee80cfdcf0ab1b9b668c9c18b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id: d8e10c2.3520d474
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-46.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-94.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time: 94,95.100.153.94
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=5, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202203252132510101130062140FB90FF2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,104.78.78.46
x-tt-trace-host: 01403baa70d521ae051a129abcdab10830e2a48c596d36143a7535889ae41637376cb164e2feb5d3aa2daaad2b0cc50e8143738df6302fe748cfdb2838f281049005850a2e33b216bc13d2681b432029747fa591859ce3d59ac623ce98d5837c993b57fb29573e4721af8f1c64857a980e
expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H/1.1 200
OK wxyz.rb.js Show response
rbqnb9ch.wearfigs.com/assets/ 45 KB
10 KB 335ms
96ms Script
application/javascript 159.203.152.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbqnb9ch.wearfigs.com/assets/wxyz.rb.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.57 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 367fd5c064bb98037fcd6d7e6f1aede890ef9513190aad341232afd9e69efda5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:51 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 10 KB
3 KB 50ms
49ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFloatingRoundedCorner.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: xjsCUm91dCQg/q2TR2ZDow==
vary: Accept-Encoding
content-length: 2568
x-ms-lease-status: unlocked
last-modified: Fri, 23 Jul 2021 01:58:40 GMT
server: cloudflare
etag: 0x8D94D7D64C9BB0D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 04d34bbb-001e-009a-68b8-065423000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f1ac2f41f6e233d-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 62 KB
14 KB 52ms
51ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otPcCenter.json

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e93f05e840fb07aa39f7bbebb284f6be5abd33f40e39a9e761c774a6c17d7a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 3dfp/nus/LcdnyBatHpYRA==
vary: Accept-Encoding
content-length: 14660
x-ms-lease-status: unlocked
last-modified: Fri, 23 Jul 2021 01:58:39 GMT
server: cloudflare
etag: 0x8D94D7D63D4F338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4bc55560-e01e-0090-3268-044daa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6f1ac2f41f6f233d-ZRH

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 20 KB
4 KB 60ms
59ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Fri, 23 Jul 2021 01:58:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6017e305-801e-00a2-0ab8-06157a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6f1ac2f41f70233d-ZRH

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 unip Show response
trc-events.taboola.com/1100083/log/3/ 0
247 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1100083/log/3/unip?en=pre_d_eng_tb&tos=1571&scd=22&ssd=1&est=1648243969888&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1648243971460&vi=1648243969885&ri=4f1c417d878766f7e9a02fd4385f52a3&ref=null&cv=20220317-4-RELEASE&item-url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.wearfigs.com
pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 45 B
312 B 58ms
23ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cfc785d1-a6c1-4b34-bdee-2b6334c192e8

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

8deac5cf77134319db32964c7b23c611984c9459805a5f7f1207f96576bc8771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame E253 0
241 B 42ms
20ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cfc785d1-a6c1-4b34-bdee-2b6334c192e8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

server: nginx/1.19.6
date: Fri, 25 Mar 2022 21:32:51 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p Show response
tr.snapchat.com/ Frame FD20 0
207 B 31ms
30ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.wearfigs.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

server: nginx/1.19.6
date: Fri, 25 Mar 2022 21:32:51 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 47ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=a0110022-31dd-4efb-94cd-540e657e5305

Requested by

Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1d6d4cc75e4aa9496b424cd30b080acfdc983a42910afcd0069560cf2b11d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CEJ4GY4SZ2QRYVHP
x-amz-id-2: zM9plgUSpB63J/fB51wp2R+1omudG2r50y1zLJ3MJUtLEu6I2i6GPz2T1yoA7f8PWCh+lziT8+Y=
last-modified: Wed, 02 Mar 2022 22:42:26 GMT
server: cloudflare
etag: W/"b687c8c87e4bb1d316102239ec8bdb5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zQCaUuLpxtDftAS7HSzBsFWOhK%2By27uAfjof%2FTlZBBEa%2F2pk5qaqnWvam5np55vYBGVz4X0bSENjvVGgPe8RHdVomlqFRv7LxDlIYzJ93JaQweQPbzJWgm0geoLJl6kMVqM5CY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: _Dpi7A8IulKqwnfX5Ya9rojoN_2lK2xr
cf-ray: 6f1ac2f6994c9217-FRA

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 117ms
117ms Script
application/javascript 2a02:26f0:6c00:28a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 131ms
131ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id: c6f9b58.3520d5ce
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-7.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-94.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time: 113,95.100.153.94
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=6, inner; dur=3
content-length: 30783
pragma: no-cache
server: nginx
x-tt-logid: 2022032521325101011300622117BA1EC9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,104.78.78.7
x-tt-trace-host: 01403baa70d521ae051a129abcdab10830e2a48c596d36143a7535889ae4163737b9361ee38573f1471b1094a8d9cb947f0d66ffc619f7b36f9efc4da9500bf150381f13cae95f2fdf3c034d467308939e6510b1294837cab7450aa128b94396d013ab6fd4a111c6f2362d7e867679437f
expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 868 B
1 KB 120ms
120ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3D48FATO1NMNN16JA80&hostname=www.wearfigs.com
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8400ca58eb1c38bbd46992209a84ff39f68649cbcdd404521c423cdac8129bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id: e8ff52c6.3520d654
date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-12.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-94.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time: 99,95.100.153.94
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=8, inner; dur=4
content-length: 346
pragma: no-cache
server: nginx
x-tt-logid: 2022032521325101011313509121857B53
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,104.78.78.12
x-tt-trace-host: 01403baa70d521ae051a129abcdab10830e2a48c596d36143a7535889ae4163737d613018a8daa14b40df8414328a8850afaa80e284e2e84ff1e9262f976fdd8b18760f004cbc0680ffe5e68e556cf960cca8071b6646bade1bf16f6a2b45ea49b0d0df2a28c5b24dc0ed6e49dc733e388
expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H2 200 a0110022-31dd-4efb-94cd-540e657e5305 Show response
ekr.zdassets.com/compose/ 533 B
1 KB 216ms
192ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/a0110022-31dd-4efb-94cd-540e657e5305

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

607d2643f303c438541da031eebef5741a5f99f64e08cbf521620d1fc073f9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: b1aba844-b383-472a-b106-52f01e8f9cfd
x-runtime: 0.002792
server: cloudflare
etag: W/"607d2643f303c438541da031eebef574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC%2BOTLuVG0yCQoTc2JgUKpnvq0MbIX7gQWzKJaRAaRu%2B7ivPS%2B%2BAkxIj5bOykuQW43jsl7Z83cY%2BeYYd7udIR%2BVJ7R3UauLOAvO1p5PD8EMtLRK1xQbU1njWPLR2E5Ay22U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6f1ac2f76abb9be2-FRA

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
832 B 146ms
54ms XHR
application/json 2.18.233.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1648243971779

Requested by

Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.aeba1002.1648243971.11bae568
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1552304406503664
pin-unauth: dWlkPU1HWTROVGMzTkdVdFptVTBNUzAwTURRM0xUaGtOekl0TXpKa05HWXdOMlExTWpCag
access-control-allow-origin: https://www.wearfigs.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 137ms
56ms Image
image/gif 2.18.233.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1648243971792

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.aeba1002.1648243971.11bae56e
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 4240195130242581
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
577 B 142ms
61ms Image
image/gif 2.18.233.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1648243971793

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:51 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.aeba1002.1648243971.11bae575
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1230938764492685
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
712 B 150ms
149ms Ping
application/octet-stream 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8018d7d.3520d776
date: Fri, 25 Mar 2022 21:32:51 GMT
x-cache-remote: TCP_MISS from a23-222-79-94.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-94.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time: 122,95.100.153.94
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=23, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022032521325101011313503806B8E02A
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.222.79.94
x-tt-trace-host: 01403baa70d521ae051a129abcdab10830aed3f15f9ee28c2a9cba48050b37f0cab5c4cb4ff548c7ed0913c198b7404ef117b1f13325b62f19b805f1fac527506227af9434614e3bf9a7385bd045ad19fa062d389ac2593e515817f960bd410198dabda6d6121a4bf0de319eddea301dea
expires: Fri, 25 Mar 2022 21:32:51 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 167ms
167ms Ping
application/octet-stream 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D48FATO1NMNN16JA80&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: fafa763.3520d7d1
date: Fri, 25 Mar 2022 21:32:51 GMT
x-cache-remote: TCP_MISS from a23-222-79-4.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-100-153-94.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-parent-response-time: 141,95.100.153.94
server-timing: cdn-cache; desc=MISS, edge; dur=135, origin; dur=18, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202203252132510101130062090FDACAF6
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.222.79.4
x-tt-trace-host: 01403baa70d521ae051a129abcdab10830aed3f15f9ee28c2a9cba48050b37f0ca567c1fd3432330384ca0c7f8603a8a42917477abfaa7f5fb5a128d17d7fb350c89d619df838073f711f69b05986f998df92ec65a3abb7fa3bdcccd10d378c7695d86d16f3ce6a20de1da80aaecd20a39
expires: Fri, 25 Mar 2022 21:32:51 GMT

GET
H/1.1 200
OK integrations Show response
rbqnb9ch.wearfigs.com/ 59 B
261 B 96ms
94ms Script
text/javascript 159.203.152.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbqnb9ch.wearfigs.com/integrations?source=figs
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.57 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 3c6fd10a83f701d7ee1b6f23b0768ab0d0c8ed6e9ae38f4ab7ac0fb59d6d1c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:51 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
672 B 225ms
138ms Script
text/javascript 104.21.58.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: gepi.global-e.com
URL: https://gepi.global-e.com/includes/js/1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7ebfaf9e9eec731d5b33aa154a7be9c58f507d1bfd81837ddff918b80ed43e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zyg1fPXd%2FaxJ6VUbb0srPayLcjfiMKZtuDx2rC%2BEuklFay8HZUT6dnF2wMwQcVzY1p6PW%2BUGEDYr7squN22U7Wq3fKERj19xrJKbYPP38ICXa3XBWDerDz66rQ681oIh76GT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 6f1ac2f8bef83613-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK site-12d76507-www.wearfigs.com.json Show response
cdn1.friendbuy.com/widgets/configs/ 32 KB
5 KB 96ms
11ms XHR
application/json 99.86.7.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.friendbuy.com/widgets/configs/site-12d76507-www.wearfigs.com.json
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-101.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 800124a32cd68495de0c3f1a6e5847cda16bda38921b8f386cce62a6334b52f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: CqO4ags5qT5XLvDJ9txi6C.jZSBB.T5l
Content-Encoding: gzip
ETag: W/"541357c473ead52df2f880bd853e46dc"
Age: 85
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 10 Feb 2022 23:08:19 GMT
Server: AmazonS3
Date: Fri, 25 Mar 2022 21:32:51 GMT
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/json
Via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Cache-Control: max-age=180
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: dX3iHHYi7v2rrrgTmLSEJPJoU-qNX73FrYigXYu5i5ianCLTjfO-Jw==
Expires: Sun, 08 Feb 2032 23:08:18 UTC

GET
H2 200 web-widget-framework-7087ba75b8c1e5e6f895.js Show response
static.zdassets.com/web_widget/latest/ Frame 6CE5 212 KB
71 KB 23ms
22ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-7087ba75b8c1e5e6f895.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a0110022-31dd-4efb-94cd-540e657e5305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a4678ebdbbc6e462eef7ebe2538ce25bcc04c52d752767ee9e289601ec836b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234079
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: RPR19EFASCKJYASY
x-amz-id-2: W5VtspK1h/29lGLswzr7HXm09dl83Dfci7No8m6CX/3mFyEve3mAS4nBDWpQBbnGWdHpKsoKx/o=
last-modified: Wed, 23 Mar 2022 02:23:39 GMT
server: cloudflare
etag: W/"183e20edf992b8be9a16aed7acb8bfca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xE2UB6R1kEcrEZQfh5fYKrAyDUsOPzhF9EidVKr%2B%2FiB5C%2FPUIz%2FRlAnTuraX2zMr4VmRpoJM3F%2Bv4Jf48vY8MfDIlO9jyWoeJiObTVsxivWN6HteGWuHKbkE4%2BadtzFfadgYu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: uoYUtWXzZeGUp.h4HRJF5oLLTUAqPrld
cf-ray: 6f1ac2f8bc1c9217-FRA
expires: Thu, 23 Mar 2023 02:23:38 GMT

GET
H2 200 web-widget-chat-sdk-58987df92c8073e96c0f.js Show response
static.zdassets.com/web_widget/latest/ Frame 6CE5 203 KB
52 KB 21ms
21ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-58987df92c8073e96c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=a0110022-31dd-4efb-94cd-540e657e5305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5140237
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: GNVFHTNTCZWX0JJ9
x-amz-id-2: Yc5on1JFgA/HUBX8tfaw+vSxPppMw/IAzstIgpkScrneuM22nez2zQPQZhYvDXyHALtLmFW2azo=
last-modified: Tue, 25 Jan 2022 04:20:35 GMT
server: cloudflare
etag: W/"f4e9b6a21f729895e00473e7f3947ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0WWOmr8%2B8oKEGqP9AgXNoaXjwXL2ioxva36f5A7mPeHrtRP2XEroVeorUPHp30rMtDR7PJauoZZdXzfewqdJGPgiZ3Dst5EZdKKSFOKOk%2F1YdVi5cD08Ga4CcirWDH2Xwwb3dg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: hO1DIHORch6.DP3H4BMDsmSFesw.pN9O
cf-ray: 6f1ac2f8bc1f9217-FRA
expires: Wed, 25 Jan 2023 04:20:34 GMT

OPTIONS
H2 200 references
ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/ Frame 0
0 521ms
166ms Preflight
text/html 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/references
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wearfigs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-type: text/html; charset=utf-8
content-length: 20
server: nginx
allow: POST, HEAD, OPTIONS
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-methods: HEAD, OPTIONS, POST
access-control-max-age: 21600
access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"

OPTIONS
H2 200 track
ws.friendbuy.com/site-12d76507-www.wearfigs.com/ Frame 0
0 520ms
167ms Preflight
text/html 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wearfigs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-type: text/html; charset=utf-8
content-length: 20
server: nginx
allow: POST, OPTIONS
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-methods: OPTIONS, POST
access-control-max-age: 21600
access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"

POST
H2 202 references Show response
ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/ 68 B
391 B 168ms
167ms XHR
application/json 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/references
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b03295cd7770fb022e86b4b5c103aa013cefe870282c7eee6db0c2ec76ba2aa5

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
server: nginx
access-control-max-age: 21600
access-control-allow-methods: HEAD, OPTIONS, POST
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 68

POST
H2 202 track Show response
ws.friendbuy.com/site-12d76507-www.wearfigs.com/ 67 B
385 B 168ms
168ms XHR
application/json 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/track
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b40291ffe4e9d9bb2e10835df039258c7d2c8e55c8a9987371e667f5c18a0352

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
server: nginx
access-control-max-age: 21600
access-control-allow-methods: OPTIONS, POST
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 67

GET
H2 200 config Show response
wearfigs.zendesk.com/embeddable/ Frame 6CE5 885 B
1 KB 706ms
664ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearfigs.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7087ba75b8c1e5e6f895.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d588848c4a26306683d97d8bb0e3b57d810da60432500deab2113d8b93daed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5644cdbcc-5n78j
x-envoy-upstream-service-time: 4
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6f1ac2f95efb9268-FRA
x-runtime: 0.001270
last-modified: Fri, 25 Mar 2022 21:32:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDmt78GEm16F7FYp70VhUsznxjhvzCYQalyZ09bR8SUvsX7WB4irpfWZQ%2B9HmXo7SL1TRpVz0xtIJsDRpaIWVrwiAcPzlfE98fqf0jXHYONOLte9zmT%2FvhD%2FmqnUS2OZnVXoMYO7"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6f1ac2f95efb9268-FRA

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 95ms
95ms Image
image/gif 159.203.152.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&action=view&source=figs&rb_source=figs&script_version=wxyz.rb.js&sessionId=cb2706c4-7f6e-43a4-83c5-5b2b31075ba2&uid=rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.57 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:52 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 195ms
94ms Image
image/gif 159.203.152.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&action=identify&source=figs&rb_source=figs&tatari_session_id=db19f9e2-5114-320b-3f58-30184d7c519a&privy_uuid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&script_version=wxyz.rb.js&sessionId=cb2706c4-7f6e-43a4-83c5-5b2b31075ba2&uid=rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.57 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:52 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbqnb9ch.wearfigs.com/v2/ 44 B
336 B 278ms
93ms Image
image/gif 159.203.152.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbqnb9ch.wearfigs.com/v2/rb?url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&action=identify&source=figs&rb_source=figs&tatari_session_id=db19f9e2-5114-320b-3f58-30184d7c519a&privy_uuid=32f0a8c7-82fc-4516-8a1c-79fb1e065920&pinterest_view_id=0f85774e-fe41-4047-8d72-32d4f07d520c&script_version=wxyz.rb.js&sessionId=cb2706c4-7f6e-43a4-83c5-5b2b31075ba2&uid=rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.203.152.57 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:52 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 199ms
198ms Image
image/gif 2.18.233.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=ExternalMeasurement&ed=%7B%22external_measurement_id%22%3A%22rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a%22%2C%22external_measurement_vendor_id%22%3A1%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%2C%22ge%22%5D%2C%22pin_unauth%22%3A%22dWlkPU1HWTROVGMzTkdVdFptVTBNUzAwTURRM0xUaGtOekl0TXpKa05HWXdOMlExTWpCag%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1648243972103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:52 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.aeba1002.1648243972.11bae7a6
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1563988699969411
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 308ms
307ms Image
image/gif 2.18.233.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=custom&ed=%7B%22order_id%22%3A%22rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a%22%7D&tid=2614497313716&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%225e543256c480ac577d30f76f9120eb74%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%2C%22pin_unauth%22%3A%22dWlkPU1HWTROVGMzTkdVdFptVTBNUzAwTURRM0xUaGtOekl0TXpKa05HWXdOMlExTWpCag%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1648243972104

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.233.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:52 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.aeba1002.1648243972.11bae849
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 9081257217777511
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 202 impressions Show response
ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/ 69 B
392 B 168ms
166ms XHR
application/json 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/impressions
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b2820bc0c971197b86c7ab01c5895dd4fcc22fc9885dc727edecf2cf32ed8784

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
server: nginx
access-control-max-age: 21600
access-control-allow-methods: HEAD, OPTIONS, POST
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 69

OPTIONS
H2 200 impressions
ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/ Frame 0
0 308ms
165ms Preflight
text/html 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/widgets/73214/impressions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wearfigs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-type: text/html; charset=utf-8
content-length: 20
server: nginx
allow: POST, HEAD, OPTIONS
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-methods: HEAD, OPTIONS, POST
access-control-max-age: 21600
access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"

GET
H/1.1 200
OK widget.html Show response
cdn1.friendbuy.com/widgets/15865/73214/ Frame 8B4E 7 KB
3 KB 37ms
9ms Document
text/html 99.86.7.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Requested by: Host: djnf6e5yyirys.cloudfront.net
URL: https://djnf6e5yyirys.cloudfront.net/js/friendbuy.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-101.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 892be90dd8306be631cff5b38e510a3c52f0ba7f4bd968630665fa8fbfbb5a29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 21 May 2021 17:52:35 GMT
x-amz-version-id: rtsxIBA5sT2L9F8VHM8KEd.cer0HOCmA
x-amz-storage-class: REDUCED_REDUNDANCY
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 25 Mar 2022 21:32:52 GMT
Cache-Control: max-age=180
Expires: Mon, 19 May 2031 17:52:34 UTC
ETag: W/"626ae76774b9e5fd17f4c50b8abb6262"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: yOEo1l0-d0dMgYQlBbNjPPyGcxs2oSm6vIVUdvy1M6bvIfetgHCRCg==
Age: 1

GET
H2 200 ajax-loader.gif
cdn.friendbuy.com/img/ 38 KB
39 KB 94ms
17ms Image
image/gif 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friendbuy.com/img/ajax-loader.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 376dd699bf7d258ecb260a05fdfdc584442fe7eab2ba82c3c9ca52f6bbc72094

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
last-modified: Wed, 20 Mar 2013 18:51:44 GMT
server: AmazonS3
age: 58672
etag: "607c561926467c99864c206bcd889afa"
x-cache: Hit from cloudfront
content-type: image/gif
date: Fri, 25 Mar 2022 05:15:00 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 39395
x-amz-cf-id: hRR-GZfck3TLxWUdivB9y0WsiHk24FbfbPcgV608HnfILZ9I3iK2nA==

GET
H/1.1 200
OK ec5b4bf795994325abda0ada9ab49950-7c28ae94dd1241039c2aa43157464b38_closeout_morespace.png
djnf6e5yyirys.cloudfront.net/merchant/15865/ 17 KB
18 KB 8ms
7ms Image
image/png 99.86.1.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djnf6e5yyirys.cloudfront.net/merchant/15865/ec5b4bf795994325abda0ada9ab49950-7c28ae94dd1241039c2aa43157464b38_closeout_morespace.png?versionId=XeE7Fl8y5c9C7nzzOt9452l1aZnuCH61
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-96.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2f6e51bb0d411890ec25a2fa7d5686fba74d291f00596e02a59db2e7e8ebdb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 17:07:10 GMT
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
Age: 275143
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Content-Length: 17334
Last-Modified: Wed, 04 Nov 2020 18:47:46 GMT
Server: AmazonS3
ETag: "07bc676a1579704424f887d58287136f"
x-amz-version-id: XeE7Fl8y5c9C7nzzOt9452l1aZnuCH61
Cache-Control: max-age=315360000,public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: image/png
X-Amz-Cf-Id: Wg7c750lLqpZ7oK62fZQtaUjPX_LVONADuIsfzcu3qI_Ft2rg_zMDA==
Expires: Sat, 02 Nov 2030 18:47:45 UTC

GET
H2 200 bootstrap.min.css
cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/css/ Frame 8B4E 147 KB
20 KB 46ms
33ms Stylesheet
text/css 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/css/bootstrap.min.css
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 03:17:41 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 19:03:39 GMT
server: AmazonS3
age: 65712
etag: W/"7e923ad223e9f33e54d22e50cf2bcce5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Io6pRHxNYOMR0sQngJfMzaulO3zqI3HN
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
content-type: text/css
x-amz-cf-id: Xc6lFSyZARxDNGav-LR5RVXAkZAavJ2G6YEjqBfU6pNUMSEifICKKw==

GET
H/1.1 200
OK styles.css
static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/ Frame 8B4E 6 KB
7 KB 687ms
188ms Stylesheet
text/css 52.219.117.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.42 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc473661da7293099c09d386ba1ff208609d205190cda12eb46c2aaad58c6cea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:53 GMT
Last-Modified: Wed, 28 Oct 2020 19:03:39 GMT
Server: AmazonS3
x-amz-request-id: R9Y6JH86GTDK5893
ETag: "4fe0bd7eb288e6b88864f200a4f16baf"
Content-Type: text/css
x-amz-version-id: KROyo5qnHLNqkGyy64BHN7__Otjg5UL2
Accept-Ranges: bytes
Content-Length: 6499
x-amz-id-2: iegzk5kSmwYiv6Y2DtqXRzsFJxZ9jlVUNnd42orL83IDRVvO7GRdVYNMLeTgwMBNtIL8DjGnIwM=

GET
H2 200 spinner.svg
cdn.friendbuy.com/widget/images/shared/ Frame 8B4E 2 KB
1 KB 27ms
15ms Image
image/svg+xml 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friendbuy.com/widget/images/shared/spinner.svg
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 907f6e341ffa43814a6678678a5e1f468ab180e4916dd92bb1024ce39607b662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 00:20:02 GMT
content-encoding: gzip
last-modified: Wed, 07 Mar 2018 01:58:46 GMT
server: AmazonS3
age: 76371
etag: W/"07a65f81b2e203485432fedd59082afd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
content-type: image/svg+xml
x-amz-cf-id: VISMz-xhU79IJCMtro49lpLiNxNy8IVZZ4akKNafKZ1qKI3v61iAzQ==

GET
H2 200 email.jpg
cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/ Frame 8B4E 56 KB
57 KB 46ms
34ms Image
image/jpeg 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/email.jpg
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1eabaf498788654979a4aafa69a9ed1d0162cf2239283b5577d4bbdbf74d1d16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 03:17:43 GMT
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 19:03:39 GMT
server: AmazonS3
age: 65710
etag: "3b267e67f5f0c566ce6d9d664ae7d4dc"
x-cache: Hit from cloudfront
x-amz-version-id: EjmWDuEhdH.csCmEZjEK_xYK2_EtHXas
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 57515
x-amz-cf-id: b0rgja3Ff5CBZmSr9rJIQIh-b8RKlcHJcqeaT6TtQiyDrXN-XfV98A==

GET
H2 200 email_mobile.jpg
cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/ Frame 8B4E 23 KB
24 KB 60ms
49ms Image
image/jpeg 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/email_mobile.jpg
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52a75cefd19e34af52c78bb192804f41f49e7adbca178dc463cba9914b16ea51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:03:07 GMT
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 19:03:39 GMT
server: AmazonS3
age: 12586
etag: "3e07bbd928ecdced23407e902d61ff01"
x-cache: Hit from cloudfront
x-amz-version-id: 1RYgK0fqep_F7YC_JpCH_u_MQd_fPh.A
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 23978
x-amz-cf-id: YlRtc1MTxA5YDUiohN5Tyti405LIl3sfQxB4Qw92xQyqbmT66WCXrw==

GET
H2 200 email_thanks.jpg
cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/ Frame 8B4E 64 KB
64 KB 71ms
59ms Image
image/jpeg 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/email_thanks.jpg
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39279bce6d4e4113c0f69528832e70655dc7408c5b47cc596ad42918d9e891dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:53 GMT
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 19:03:39 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "f8fb1fd30b448d8f4d5ca8697831607c"
x-cache: Hit from cloudfront
x-amz-version-id: aJxYfWFWSVrL7YLznpGFCWCef_IScIYF
accept-ranges: bytes
content-type: image/jpeg
content-length: 65525
x-amz-cf-id: BhVrQfs1qEfzQnvJ3ikaidVgJk8kwEqPoEismawU_RC7ntHi0SrFCQ==

GET
H2 200 email_mobile_thanks.jpg
cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/ Frame 8B4E 47 KB
48 KB 35ms
35ms Image
image/jpeg 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.friendbuy.com/widget/figs/oct-2020-refresh/email-capture/img/email_mobile_thanks.jpg
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d14512639f3d15ddc19228d6a2f22fb25e9016c7248a19e8a4292bf59579b3f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:53 GMT
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Oct 2020 19:03:40 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "bf3fe30ee90e0013101b311a7a34b9d4"
x-cache: Hit from cloudfront
x-amz-version-id: kidQEwXuWC47NZvLAud7R.MYp77KZLWL
accept-ranges: bytes
content-type: image/jpeg
content-length: 48535
x-amz-cf-id: 9Vk3G4GbpwWMMgkAJ7fF53s0GZ1yxlVYM0htiyJpNOZAUqyMH9CDVw==

GET
H2 200 emailCapture.js Show response
cdn.friendbuy.com/widget/js/ Frame 8B4E 8 KB
3 KB 62ms
50ms Script
application/javascript 2600:9000:2182:600:19:a49e:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.friendbuy.com/widget/js/emailCapture.js
Requested by: Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:600:19:a49e:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dc948ae5465e8e7aa439e6bec54999346b0c6cac955b1cdbd52b32d76cdc68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 03:47:09 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 20:18:31 GMT
server: AmazonS3
age: 63944
etag: W/"86c606391e0db81b720a836fb658121e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: G8vVrsPpSdgEckRjfbUP2XU8No2NaEoS
via: 1.1 e7b88cadf742e342f39f17392af35c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: dtsxhWLA8olqh61Z--IOK4EskMLxFUKMtE9BCVpTMTlDqK8cpO4x3w==

GET
H2 200 web-widget-classic-bac4c5a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6CE5 13 KB
4 KB 22ms
22ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-bac4c5a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7087ba75b8c1e5e6f895.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

997a4e496b1777ef39c6322ab68e83c9ecff5c97931ca9103e764c6f675c512f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234079
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: S0F74BG1N5ZYR861
x-amz-id-2: G7vKPJUgevUopjnSWYcl9uw7GlkSS100eRD3lRaQJuwnl6lRwGjjIlIq0hVxeTn6XMlqZvRweaM=
last-modified: Wed, 23 Mar 2022 02:29:19 GMT
server: cloudflare
etag: W/"b67a6fbb33780863f3a1aabe2ca57ccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lj5%2FZDtQ%2FGlnoPQoWARPIezuCeqEDF4BKB2hiVR5bh4fu7K%2BCxZ6UxewVQy9AVngdRc0d2by6%2BofpUwEtkRdjYU%2Bo1Bv72XKZnzYAHMXbRIjrBTqdn9IFAljKfP7nO40yJzC97E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: feTSEdAIc4Gu2DxAlObGICgsiN5kdzWy
cf-ray: 6f1ac2fd7aff9217-FRA
expires: Thu, 23 Mar 2023 02:29:18 GMT

GET
H2 200 web-widget-1561-bac4c5a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6CE5 608 KB
184 KB 43ms
43ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-1561-bac4c5a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-bac4c5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067af954f23a0b1028b0eb87198838464b1cc442496fb34f8478fe70c30417fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234079
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: S0FBTA42EJC1WF3B
x-amz-id-2: fbML+9c8iFecrpvuCxrllXpZWDB2tPNegyuUHs8AC6/toOHxlTKUEwHVtoV7+5mIFDL/IDGQD6Q=
last-modified: Wed, 23 Mar 2022 02:30:15 GMT
server: cloudflare
etag: W/"905034b928bef4bac3af0aeffc3da4d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXcgZ5tV5uJOkw8FXx5CLQBXjAfKu7kOcOKp5Eulhr5Ef2ws2mKtPfi%2F91UJNG2lA68rg6p5F44WvVYhH9eJWhCj78F0KGxQZuiqFpDTDNQ5ZFUdp%2Fm75%2BDDA7RkOBtyI%2FAzcZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: AmNV25F7I6YziTvvwl71M6n0czpDAkBV
cf-ray: 6f1ac2fdbb4c9217-FRA
expires: Thu, 23 Mar 2023 02:30:14 GMT

GET
H2 200 web-widget-4794-bac4c5a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6CE5 463 KB
104 KB 31ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-4794-bac4c5a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-bac4c5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4e1ae6585a01f1adeb9c98450e5ea1110e1b22743b2d127b9a3415290538608

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234079
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: S0FF1HZX38AJESW7
x-amz-id-2: vRtq5IvceNDXI3VVHLZ01Q1ipKLRYLEYuyJkDcPY9GpxWDjy4xQNGAS9Flz0bOvsXkC41SNfvfI=
last-modified: Wed, 23 Mar 2022 02:30:14 GMT
server: cloudflare
etag: W/"05887d26ffb06d34c54433399eaf6ca9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cqke5EmUpOhPWceT83oJPTh%2BkBdJwIqvxhDALjd9ymhRdr9gxgu23RAADX3LiMMD2G0yURPi2tjjdTFmbLIytwusVjl2o5Ly8SAhCKL2AhKzC4kwykYzlB%2BkYkynMOqYilVoRBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 0yV3_k8K54gvnWfOLFmI4HZ4TuPWYpAF
cf-ray: 6f1ac2fdbb4e9217-FRA
expires: Thu, 23 Mar 2023 02:30:13 GMT

GET
H2 200 embeddable_blip Show response
wearfigs.zendesk.com/ Frame 6CE5 0
485 B 656ms
656ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearfigs.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIyODExOWQ4NzRjODY0MGUyOTUzYjQxZGQ4NWQ0ZmQ3NSIsInN1aWQiOiJlNzIwN2ZjNzcxNmU0OTBhYTRhYzUwMTA1N2M2MWMzYiIsInZlcnNpb24iOiJiYWM0YzVhIiwidGltZXN0YW1wIjoiMjAyMi0wMy0yNVQyMTozMjo1Mi44ODFaIiwidXJsIjoiaHR0cHM6Ly93d3cud2VhcmZpZ3MuY29tLz91dG1fY2FtcGFpZ249UG9zdC1QdXJjaGFzZStPdmVybGF5Ky0rTWFyY2grMjAyMSZ1dG1fY29udGVudD1lbWFpbCZ1dG1fbWVkaXVtPXJlZmVycmFsJnV0bV9zb3VyY2U9RnJpZW5kYnV5JmZidXlfcmVmX2NvZGU9dHZCRjMifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7087ba75b8c1e5e6f895.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 4eb251e88d9da7caff9d7596a59bd69a
last-modified: Fri, 25 Mar 2022 21:32:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViWm0RgAcXbn0LAYn0gJWUH95%2F4erRa3v8jsFAnlHW0zbdVhPYvzOgh%2BVPJB%2FRqRyEP0aCQq1%2FaT2ChM1dzNRYY1eDO52KUZdPhnrQO0gqa%2BjGHIKoB6BaCnxZ6ahM0zKQPFrGnA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.wearfigs.com
accept-ranges: bytes
cf-ray: 6f1ac2fe8e3a9268-FRA

GET
H2 200 de-de-json-bac4c5a.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 6CE5 28 KB
7 KB 18ms
18ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-bac4c5a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-bac4c5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98753a47a585b364d46318037a18c5525261dd84fd2075c78ccd06650d660e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234077
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 8Z0CXR28XARRVFH6
x-amz-id-2: pZSJw9oSJnMDeloMGfiyNP0grj1j62rbS+S39hHNcKtpl8EYKjPdx2Hw/YKQRqWJnbq+Ra4fm+4=
last-modified: Wed, 23 Mar 2022 02:29:25 GMT
server: cloudflare
etag: W/"92dd55bc0b79e58bbb059b550a8b2f0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAqL%2BMSa3DDzDiGp8zp%2F1ZKyR0aMGreo9R%2BroW%2FUcF02RgDVcbAwAdFeTTEKGaDGE8k0LASA95ey4InVyRWs1zeniWlOI7FMUx3ZQu3i4tmKcw0eoSzh7X5wZJqxNFB%2BHjHfNXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: OSIP7cgiz7PrHi8_B2sHUvjZqIY0YuGi
cf-ray: 6f1ac2fe9c849217-FRA
expires: Thu, 23 Mar 2023 02:29:24 GMT

GET
H2 200 web-widget-chat-sdk-bac4c5a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6CE5 203 KB
52 KB 36ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-bac4c5a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-bac4c5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1950f57e6d11b1632286c083ba6da9a655736308322940832dc8970b28c0ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234077
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 8Z0C3KTB939MGJA6
x-amz-id-2: zQzyP9Z6D5uw/c+LjhuYsN5D8YLO8WL0CDZD7nRMSmRgTgsIE+WVBhLWwgrVKs7TtIhkcFt/ZsQ=
last-modified: Wed, 23 Mar 2022 02:30:11 GMT
server: cloudflare
etag: W/"8d69228f63f8c929c72fc7cfd4526ffd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkWiB6U0Mt65IkMTrVtEPrI1BgXyNaxpEQmUqHVmzZEA%2FszuyIdljon93Bg7v43G332ktaVjJr05PTIQh%2BFF85k9Avw0QIFe%2BDNTp7oHQezHB3WveydBGlY8E36YZeudTSA0ByQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: LE_7.npmB2yCLxY2O2.qPrWdrzoLUsz_
cf-ray: 6f1ac2feccd09217-FRA
expires: Thu, 23 Mar 2023 02:30:10 GMT

GET
H2 200 embeddable_blip Show response
wearfigs.zendesk.com/ Frame 6CE5 0
287 B 646ms
646ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearfigs.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cud2VhcmZpZ3MuY29tLz91dG1fY2FtcGFpZ249UG9zdC1QdXJjaGFzZStPdmVybGF5Ky0rTWFyY2grMjAyMSZ1dG1fY29udGVudD1lbWFpbCZ1dG1fbWVkaXVtPXJlZmVycmFsJnV0bV9zb3VyY2U9RnJpZW5kYnV5JmZidXlfcmVmX2NvZGU9dHZCRjMiLCJ0aW1lIjo2NCwibG9hZFRpbWUiOjMwLjkwMDAwMTUyNTg3ODkwNiwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkZJR1MgU2NydWJzIE9mZmljaWFsIFNpdGUgLSBNZWRpY2FsIFVuaWZvcm1zICYgQXBwYXJlbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiMjgxMTlkODc0Yzg2NDBlMjk1M2I0MWRkODVkNGZkNzUiLCJzdWlkIjoiZTcyMDdmYzc3MTZlNDkwYWE0YWM1MDEwNTdjNjFjM2IiLCJ2ZXJzaW9uIjoiYmFjNGM1YSIsInRpbWVzdGFtcCI6IjIwMjItMDMtMjVUMjE6MzI6NTIuOTQ1WiIsInVybCI6Imh0dHBzOi8vd3d3LndlYXJmaWdzLmNvbS8%2FdXRtX2NhbXBhaWduPVBvc3QtUHVyY2hhc2UrT3ZlcmxheSstK01hcmNoKzIwMjEmdXRtX2NvbnRlbnQ9ZW1haWwmdXRtX21lZGl1bT1yZWZlcnJhbCZ1dG1fc291cmNlPUZyaWVuZGJ1eSZmYnV5X3JlZl9jb2RlPXR2QkYzIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7087ba75b8c1e5e6f895.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: f2076dfac6239e258e785f999799e1e7
last-modified: Fri, 25 Mar 2022 21:32:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGS%2FVpILSFiytvtFLFCnzJBG2Nih7kxurzQ7V%2FEFnsLvsHefFnaEbmyFbNM9Y%2BFl0pzVmGk%2BfDof4ZqEqTBdBf4MNb43CIHBGcD2RI6hBQOgjISEL1g6%2FtTaMEA%2FXcyrBcs2tIyg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.wearfigs.com
accept-ranges: bytes
cf-ray: 6f1ac2feeed39268-FRA

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 8B4E 45 KB
17 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: cdn1.friendbuy.com
URL: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn1.friendbuy.com/widgets/15865/73214/widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1495
date: Fri, 25 Mar 2022 21:07:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 25 Mar 2022 23:07:58 GMT

GET
H/1.1 200
OK check.svg
static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/img/ Frame 8B4E 480 B
892 B 183ms
183ms Image
image/svg+xml 52.219.117.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/img/check.svg
Requested by: Host: static-friendbuy-com.s3.amazonaws.com
URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.42 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b001d04e82ebd3ca94d31eeb49b34b3c17c5372155ffe1de5c75f40fb0a6bb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:54 GMT
Last-Modified: Wed, 28 Oct 2020 19:03:39 GMT
Server: AmazonS3
x-amz-request-id: TN80V9Y0E8BFRN00
ETag: "709b10deb5b71116ed933f1cf7615440"
Content-Type: image/svg+xml
x-amz-version-id: s9T9oLDtyDb3rxr.uNzqX4pbLNCblExI
Accept-Ranges: bytes
Content-Length: 480
x-amz-id-2: cRat3tD9bwe5TcvBaXjCu6Jp4ZNfMpu0neHmPICCXMOTrhFVXRV8daHxXDO4Rrs2NXnzNPbRiSU=

GET
H/1.1 200
OK FIGSv2-sans-serif-ExtraBold.otf
static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/fonts/ Frame 8B4E 126 KB
127 KB 666ms
179ms Font
binary/octet-stream 52.219.117.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/fonts/FIGSv2-sans-serif-ExtraBold.otf
Requested by: Host: static-friendbuy-com.s3.amazonaws.com
URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.42 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5e2431b4efa405a2fc9b381dec44b4bc9537085d3907703a4924d69a7a004a0

Request headers

Referer: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Origin: https://cdn1.friendbuy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:54 GMT
Last-Modified: Wed, 28 Oct 2020 19:03:41 GMT
Server: AmazonS3
x-amz-request-id: TN8FJ4D4WHQV316T
ETag: "dc1d05d036c5bd521e425380482bc29e"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: smwVhom9EH_GsqAFEpCGhPAkn_oGfguI
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 128948
x-amz-id-2: m3pgWeck5YVSGK8i0rgN1tV1bAKXB3IscFKY1Zvkx6IyxOQYRdasdDs+RLn5cBQTcOSRghxXEu0=

GET
H/1.1 200
OK FIGSv2-sans-serif-Medium.otf
static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/fonts/ Frame 8B4E 115 KB
116 KB 698ms
207ms Font
binary/octet-stream 52.219.117.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/fonts/FIGSv2-sans-serif-Medium.otf
Requested by: Host: static-friendbuy-com.s3.amazonaws.com
URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.42 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3fc17d0bff4fd6fe38be73428a16310b01cb6436d38b887e556311fcfd18a6af

Request headers

Referer: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Origin: https://cdn1.friendbuy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:54 GMT
Last-Modified: Wed, 28 Oct 2020 19:03:41 GMT
Server: AmazonS3
x-amz-request-id: TN8DMNY072SFFE8K
ETag: "b0f6ff9f91bb0b3811ca9afcec11b803"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: gvg42ehc85RuIinf3qqr9MCG6w4_XcWG
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 117780
x-amz-id-2: 6C46PxvA+1ohSTxDddT3l6ajM12agri+jDsFEgG+3Zxjm/NN7MKIIeHgWGTc7r6UCGz1yYy9ikA=

GET
H/1.1 200
OK FIGSv2-sans-serif-SemiBold.otf
static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/fonts/ Frame 8B4E 123 KB
124 KB 668ms
176ms Font
binary/octet-stream 52.219.117.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/fonts/FIGSv2-sans-serif-SemiBold.otf
Requested by: Host: static-friendbuy-com.s3.amazonaws.com
URL: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.42 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4c722f0fe1150cf8feee517bc8f613d58d4a3e30d14dfa5cc2034258bdd4cf8b

Request headers

Referer: https://static-friendbuy-com.s3.amazonaws.com/widget/figs/oct-2020-refresh/email-capture/css/styles.css
Origin: https://cdn1.friendbuy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:32:54 GMT
Last-Modified: Wed, 28 Oct 2020 19:03:41 GMT
Server: AmazonS3
x-amz-request-id: TN82Q0HKG0KTRS0Z
ETag: "f2e0bf948afbd6f5883ca5be44ef3dd1"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: umqeyr6Bzlbt0g33aqIo2LV.5dR325Oi
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 126200
x-amz-id-2: B3MOzotuStChNLRnuyNv6DZSlBkoFLyWXtO9JyJhvqGWuHxznM1niEuR2/1AVlqiwlqHVnZsHkE=

GET
H2 200 web-widget-chat-incoming-message-notification-bac4c5a.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 6CE5 208 B
861 B 16ms
16ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-bac4c5a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-bac4c5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234078
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 8Z0639D5DDYZJ3QX
x-amz-id-2: FDDEJDiFbjnvDwWXopFwfk80TAMHRMJK0jJqwblu/d9oJdFTh/wR7WVgOrlbV/B2cV2Yl6NoIcw=
last-modified: Wed, 23 Mar 2022 02:30:13 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVOy7wAiV5qONXmGJMMcsS8XlPzr6rY5mKbPQsUREqw9iY0v85wIlgP4dlKc%2Byk5Mq1gOkoqoD2zmqAnBCkmZxpBONFEAJAZG6Yjxi2WaDHEdu0zKbYN6XwEAVgYTZ5cmYP%2FiIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wNc_bhUEM9XqnMrwrApf19GP8phk.QWV
cf-ray: 6f1ac3009f749217-FRA
expires: Thu, 23 Mar 2023 02:30:12 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 6CE5 19 KB
20 KB 16ms
16ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 25 Mar 2022 21:32:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1628867
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: 7EGPXZHMK2QBMHZ4
x-amz-id-2: v7yf28sATFm9cv7zEB3MF3nkt9+hbmGaH0kl0OR+OlqQHNwQAsoN4UD5GMrFXBf8qkMKi8sShGA=
last-modified: Sat, 05 Mar 2022 21:30:07 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Imc40MDy3boZPvrWngAOnJjLATboonImVHxA5kQc4njMK23hV7v8tP4ZADueFC9avyjszVMmeuR3todWDv73KozLBeZg%2F%2FSv%2BgznbYIZY0%2B8JJnhfkEltdRGhxuXTN0SAgKeRyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rEiIcwVoP6Gqhntax3yVPyGX.ebLEQ6h
Content-Length: 19698
cf-ray: 6f1ac300bfbc9217-FRA
expires: Sun, 05 Mar 2023 21:30:06 GMT

POST
H2 400 customers Show response
ws.friendbuy.com/site-12d76507-www.wearfigs.com/ 60 B
379 B 167ms
167ms XHR
application/json 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/customers
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e538c1594924d8773f69e6a40328267b1e3b408ee0168ec4cd8ed41067ab617

Request headers

Referer: https://www.wearfigs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Mar 2022 21:32:54 GMT
server: nginx
access-control-max-age: 21600
access-control-allow-methods: HEAD, OPTIONS, POST
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-length: 60

OPTIONS
H2 200 customers
ws.friendbuy.com/site-12d76507-www.wearfigs.com/ Frame 0
0 168ms
164ms Preflight
text/html 52.52.88.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/customers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.88.197 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-88-197.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.wearfigs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 25 Mar 2022 21:32:54 GMT
content-type: text/html; charset=utf-8
content-length: 20
server: nginx
allow: HEAD, POST, OPTIONS
access-control-allow-origin: https://www.wearfigs.com
access-control-allow-methods: HEAD, OPTIONS, POST
access-control-max-age: 21600
access-control-allow-credentials: true
access-control-allow-headers: X-REQUESTED-WITH, CONTENT-TYPE
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="Please see our privacy policy, https://www.friendbuy.com/privacy/"

POST
H2 200 x
api-34-216-180-31.b2c.com/api/ 0
332 B 207ms
207ms Ping
text/plain 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-216-180-31.b2c.com/api/x?NzY93fpJKKYEtCoQ$Ymx1ciQ0MTk1JDE~
Requested by: Host: api-34-216-180-31.b2c.com
URL: https://api-34-216-180-31.b2c.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:32:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=279pUA6rHIpeea41WaymqaYXfzHOddRzfHtTqDiqZWgvcXstDDx94bArZ7A0t4a2bSWNNhBm7WrNFchLGTBON6QT1TRehg9XuxD6uLiNcomXhJxM7w%2BAmzK6EWYsGt0Qg3Njsntk2Z%2B7kb2ht%2BwUJqhFkkVsaVM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6f1ac308593859b3-MXP

GET
H2 204 unip Show response
trc-events.taboola.com/1100083/log/3/ 0
247 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1100083/log/3/unip?en=pre_d_eng_tb&tos=4573&scd=22&ssd=1&est=1648243969888&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1648243974462&vi=1648243969885&ri=4f1c417d878766f7e9a02fd4385f52a3&ref=null&cv=20220317-4-RELEASE&item-url=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3
Requested by: Host: magnolia.assets.prod.wearf1gs.com
URL: https://magnolia.assets.prod.wearf1gs.com/3.297.0/_next/static/chunks/pages/_app-8a0d38a7d72811db31ca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.wearfigs.com
pragma: no-cache
date: Fri, 25 Mar 2022 21:32:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 98ms
97ms Image
image/gif 34.201.179.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=4169410828&u=1002051280287125&v=4468385260918823&s=2200423550103511&b=web&tv=4.0&sp=us&sp=Friendbuy&sp=um&sp=referral&sp=uc&sp=email&sp=ua&sp=Post-Purchase%20Overlay%20-%20March%202021&sp=ts&sp=1648243969851&sp=d&sp=www.wearfigs.com&sp=h&sp=%2F&sp=q&sp=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&pp=d&pp=www.wearfigs.com&pp=q&pp=%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&pp=h&pp=%2F&pp=t&pp=FIGS%20Scrubs%20Official%20Site%20-%20Medical%20Uniforms%20%26%20Apparel&pp=ts&pp=1648243969851&id0=7854685462881951&t0=change&n0=input&y0=%40div%3B%23privy-container%3B%7C%40div%3B%23privy-inner-container%3B%7C%40input%3B%5Bname%3Demail%5D%3B%5Btype%3Dtext%5D%3B%7C&ts0=1648243975816&st=1648243975853

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.179.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-179-84.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.wearfigs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:32:55 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tvsciapi.com
URL: https://pixel.tvsciapi.com/pixel?l=tvscientific-pix-o-06a4fbd6-1c56-4822-94ce-079974052b5b

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 01:52:10	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
i.liadm.com/s	1970-01-20 02:33:55	Name: _li_ss Value: MgkI_____wcQ8hE
.friendbuy.com/	1970-01-20 10:36:19	Name: current_shopper Value: "fMIKgenYZ6d0QKEoxJiFjrtrydk=?current_shopper_code=VjRmMWJmMGJkLWExNjktNDAxMi04ZmUzLTBhNWZlZTNiZTczOQpwMAou"
.wearfigs.com/	1970-01-20 02:34:03	Name: x-figs-shop-region Value: US
.wearfigs.com/	1970-01-20 02:34:03	Name: x-figs-shop-locale Value: en-US
.wearfigs.com/	1970-01-20 02:34:03	Name: x-figs-shop-currency Value: USD
.wearfigs.com/	1970-01-20 06:09:55	Name: optimizelyEndUserId Value: oeu1648243968675r0.25916920635741736
www.wearfigs.com/	1970-01-20 01:50:44	Name: _dd_s Value: rum=0&expire=1648244869220
.global-e.com/	1970-01-20 01:55:03	Name: GlobalE_Data Value: {"countryISO":"US","currencyCode":"USD","cultureCode":"en-US"}
.wearfigs.com/	1970-01-20 01:55:03	Name: GlobalE_Data Value: %7B%22countryISO%22%3A%22US%22%2C%22currencyCode%22%3A%22USD%22%2C%22cultureCode%22%3A%22en-US%22%7D
.wearfigs.com/	1970-01-20 19:21:55	Name: GlobalE_CT_Data Value: %7B%22CUID%22%3A%22682120038.187121189.1021%22%2C%22CHKCUID%22%3Anull%7D
.wearfigs.com/	1969-12-31 23:59:59	Name: GlobalE_SupportThirdPartCookies Value: true
.wearfigs.com/	1969-12-31 23:59:59	Name: GlobalE_Full_Redirect Value: false
.wearfigs.com/	1970-01-20 04:00:19	Name: _gcl_au Value: 1.1.1258169979.1648243970
.wearfigs.com/	1970-01-20 19:21:55	Name: _ga Value: GA1.2.801479616.1648243970
.wearfigs.com/	1970-01-20 01:52:10	Name: _gid Value: GA1.2.733332712.1648243970
.wearfigs.com/	1970-01-20 01:50:44	Name: _gat_UA-42322832-1 Value: 1
.bing.com/	1970-01-20 11:12:19	Name: MUID Value: 272A17FFEF076A4F2083068DEE6C6BF9
www.wearfigs.com/	1970-01-23 15:17:07	Name: tatari-cookie-test Value: 51653836
.wearfigs.com/	1970-01-20 01:50:44	Name: t-ip Value: 1
.wearfigs.com/	1970-01-23 15:17:07	Name: tatari-session-cookie Value: db19f9e2-5114-320b-3f58-30184d7c519a
.wearfigs.com/	1970-01-20 01:52:10	Name: _uetsid Value: 1eae6a40ac8311ec9a1ed54e6bcd6ad9
.wearfigs.com/	1970-01-20 11:12:19	Name: _uetvid Value: 1eaed100ac8311eca4cead0a3df2c6be
.wearfigs.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .wearfigs.com
.wearfigs.com/	1970-01-20 19:21:55	Name: _lc2_fpi Value: c30794b3d355--01fz1fy3p7j8gkb8v5z1n91cn9
.afterpay.com/	1970-01-20 01:50:45	Name: __cf_bm Value: B.9PErWZZg.Pc6DH6MENlEepdTFIXC_BcvNffGDeGfA-1648243969-0-AZ1E8H5r2uPqvV25RDBGvzHDPqdSEDRahWjqKOP43GUM+9OKUcP3eoNfqr98WkL9VGw45bjvVG/NjfFtGAwPPrdUoZKJRUxf9yQcfcbX1O7Y
.wearfigs.com/	1970-01-20 11:18:41	Name: _hp2_id.4169410828 Value: %7B%22userId%22%3A%221002051280287125%22%2C%22pageviewId%22%3A%224468385260918823%22%2C%22sessionId%22%3A%222200423550103511%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.affirm.com/	1969-12-31 23:59:59	Name: DUMMY_COOKIE Value: DUMMY_VALUE
.wearfigs.com/	1970-01-20 04:00:19	Name: _rdt_uuid Value: 1648243969900.93972114-8ee3-45a1-80bc-aa99f1f98df9
.wearfigs.com/	1970-01-20 04:00:19	Name: _fbp Value: fb.1.1648243969948.652270544
.wearfigs.com/	1970-01-20 10:36:19	Name: _hjSessionUser_1435364 Value: eyJpZCI6IjQ1MzA5MTZmLWYwOWYtNTY4ZS05NGIxLTI4MDM0MWI2NDk4MyIsImNyZWF0ZWQiOjE2NDgyNDM5Njk5MTYsImV4aXN0aW5nIjpmYWxzZX0=
.wearfigs.com/	1970-01-20 01:50:45	Name: _hjFirstSeen Value: 1
www.wearfigs.com/	1970-01-20 01:50:44	Name: _hjIncludedInSessionSample Value: 0
.criteo.com/	1970-01-20 11:12:19	Name: uid Value: 6fe0872b-4868-4b4f-a588-a53df6190b24
.wearfigs.com/	1970-01-20 01:50:45	Name: _hjSession_1435364 Value: eyJpZCI6ImFhNmQ1MjkwLTE5MmQtNDIxYi1hYWZmLWI1MzRhNDRhOTA0MSIsImNyZWF0ZWQiOjE2NDgyNDM5Njk5NjMsImluU2FtcGxlIjpmYWxzZX0=
www.wearfigs.com/	1970-01-20 01:50:44	Name: _hjIncludedInPageviewSample Value: 1
.wearfigs.com/	1970-01-20 01:50:45	Name: _hjAbsoluteSessionInProgress Value: 1
.facebook.com/	1970-01-20 04:00:19	Name: fr Value: 0eaYPSydiLPFj5IlG..BiPjUB...1.0.BiPjUB.
.affirm.com/	1970-01-20 19:21:55	Name: tracker_device Value: a71f20d6-7709-4ef8-82b7-86dafc865bd9
.affirm.com/	1970-01-20 19:21:55	Name: t_v2_s Value: eyIgYiI6IllUY3haakl3WkRZdE56Y3dPUzAwWldZNExUZ3lZamN0T0Raa1lXWmpPRFkxWW1RNSJ9.FR_GgQ.ZA-12G6bsFagLsVaJgx1j2tC2AI
.affirm.com/	1970-01-20 19:21:55	Name: 3060738.3440491 Value: a71f20d6-7709-4ef8-82b7-86dafc865bd9
.bidr.io/	1970-01-20 11:19:17	Name: bito Value: AAFqjE7EfGoAADSrGJdKuQ
.bidr.io/	1970-01-20 11:19:17	Name: bitoIsSecure Value: ok
.wearfigs.com/	1970-01-21 12:53:07	Name: nostojs Value: autoload
www.wearfigs.com/	1970-01-21 21:38:43	Name: tracker_device Value: a71f20d6-7709-4ef8-82b7-86dafc865bd9
.liadm.com/	1970-01-20 19:21:55	Name: lidid Value: b01246d3-7771-4a2b-9931-0a7c87999bc7
.wearfigs.com/	1970-01-20 01:50:45	Name: _hp2_ses_props.4169410828 Value: %7B%22us%22%3A%22Friendbuy%22%2C%22um%22%3A%22referral%22%2C%22uc%22%3A%22email%22%2C%22ua%22%3A%22Post-Purchase%20Overlay%20-%20March%202021%22%2C%22ts%22%3A1648243969851%2C%22d%22%3A%22www.wearfigs.com%22%2C%22h%22%3A%22%2F%22%2C%22q%22%3A%22%3Futm_campaign%3DPost-Purchase%2BOverlay%2B-%2BMarch%2B2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3%22%7D
.wearfigs.com/	1970-01-20 11:20:07	Name: cto_bundle Value: uNCQEl9tN1RNM2E4ViUyQkljS1hSRmI1S2V6TUo4VFRZdEdxVHZMWFRJc21iUUJTJTJCWlVVQ1ZrRUV3Zm1BTXY4WlgxRWVvazVOcWFLMk91d2F2dHcwTFFIS3pxbUZMUnFqRjVsSzVHZ3VmdE1HelNnd1NKcEwlMkJkSUFwVlAlMkJ6JTJGU2dTWHl5Y2txTyUyQmhOWVZpV1BnY2VQQVhjZGxvUkElM0QlM0Q
.wearfigs.com/	1970-01-20 10:36:19	Name: _privy_D07CA17E1806573C54E81EE3 Value: %7B%22uuid%22%3A%2232f0a8c7-82fc-4516-8a1c-79fb1e065920%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22GB%22%2C%22region_code%22%3A%22GB_%22%2C%22postal_code%22%3A%22%22%7D
.wearfigs.com/	1970-01-21 12:53:07	Name: 2c.cId Value: 623e350243dfe821a0691461
.doubleclick.net/	1970-01-20 11:12:19	Name: IDE Value: AHWqTUm40Vt9AMGdxH0QLLoPKrRaiqe5p7AXhiOc85DqlGiOFtBsDAz055d-xg-Wy-8
.yahoo.com/	1970-01-20 10:36:41	Name: A3 Value: d=AQABBAI1PmICEBO10XUKR138kDb0juDakmcFEgEBAQGGP2JIYgAAAAAA_eMAAA&S=AQAAAjO04xodm-kcxSTHvI2SDjk
.analytics.yahoo.com/	1970-01-20 10:36:19	Name: IDSYNC Value: 18zh~23yl
.3lift.com/	1970-01-20 04:00:19	Name: tluid Value: 725890542269705253397
.adnxs.com/	1970-01-20 04:00:19	Name: uuid2 Value: 5689770396827558777
.rlcdn.com/	1970-01-20 10:36:19	Name: rlas3 Value: HuKVvUwS6d4SKtwzLW8+DzSZ3xwkw/uJcy0aB1evo+M=
.rlcdn.com/	1970-01-20 03:17:07	Name: pxrc Value: CAA=
.media.net/	1970-01-20 10:36:19	Name: visitor-id Value: 2912455707576525000V10
.media.net/	1970-01-20 02:33:55	Name: data-c-ts Value: 1648243970
.media.net/	1970-01-20 02:33:55	Name: data-c Value: k-1YfRsFGgygE3umZ4J-DczygyXoEfZKOsmLQENw~~3
.revcontent.com/	1970-02-07 07:50:43	Name: __ID Value: 93b66a71c757487ebcdf27bfa6edf9c2
.revcontent.com/	1970-01-20 02:33:55	Name: v1_151 Value: 1
.turn.com/	1970-01-20 06:09:55	Name: uid Value: 3876476978028544413
.sharethrough.com/	1970-01-20 02:33:55	Name: stx_user_id Value: a4a18c86-ea8b-4745-8553-54175b36e562
.outbrain.com/	1970-01-20 04:00:19	Name: obuid Value: 81862cda-ca55-409e-8e43-7e564a348a1f
.outbrain.com/	1970-01-20 02:19:31	Name: criteo Value: k-Tlro8FGgygE3umZ4J-DczygyXoFygXdsNlGGgQ
.360yield.com/	1970-01-20 04:00:19	Name: tuuid Value: b5edf977-1e94-436f-a0b5-4e2b388ed54d
.360yield.com/	1970-01-20 04:00:19	Name: tuuid_lu Value: 1648243971
.360yield.com/	1970-01-20 04:00:19	Name: um Value: !38,eebQo4qiOIu97ZIo3L0Qp-8R2HiAKiRVWyc3o8uHzqMRPetH.qm8HscYq9iBZn3pfoAPDH4l,1656019971
.360yield.com/	1970-01-20 04:00:19	Name: umeh Value: !38,0,1710451971,-1
.casalemedia.com/	1970-01-20 10:36:19	Name: CMID Value: Yj41Ayou-eTaj7MntdgVeQAA
.casalemedia.com/	1970-01-20 04:00:19	Name: CMPS Value: 3225
ads.stickyadstv.com/	1970-01-20 02:33:55	Name: UID Value: 171d9de62be8c2455b9b5e4252bf45
ads.stickyadstv.com/	1970-01-20 02:33:55	Name: uid-bp-11554 Value: k-CRRpQlGgygE3umZ4J-DczygyXoHOhA0vGxH4qQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: ea4b1ce77f39965bcdf8d867d5917519
.wearfigs.com/	1970-01-20 10:36:19	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Mar+25+2022+21%3A32%3A51+GMT%2B0000+(GMT)&version=6.21.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.wearfigs.com%2F%3Futm_campaign%3DPost-Purchase+Overlay+-+March+2021%26utm_content%3Demail%26utm_medium%3Dreferral%26utm_source%3DFriendbuy%26fbuy_ref_code%3DtvBF3&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.casalemedia.com/	1970-01-20 04:00:19	Name: CMPRO Value: 1126
.casalemedia.com/	1970-01-20 01:52:10	Name: CMST Value: Yj41A2I+NQMA
.casalemedia.com/	1970-01-20 10:36:19	Name: CMRUM3 Value: 14623e35032760k-0NGwbFGgygE3umZ4J-DczygyXoE8gEJJJBFPgw
.adnxs.com/	1970-01-20 04:00:19	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2HaNoq=jpNQs(l!DJvr6(:>la5>P9gR#R+=ftp/2*:ie=99p'bUDKF]#+VO/T)^C=.vg12OAozJ=?b<CR%<70Kc<2(Ed5b>w-/6HG%@`
.bidswitch.net/	1970-01-20 10:36:19	Name: tuuid Value: 13891a5e-8b0c-4f77-a82d-014810a12aa9
.bidswitch.net/	1970-01-20 10:36:19	Name: c Value: 1648243971
.bidswitch.net/	1970-01-20 10:36:19	Name: tuuid_lu Value: 1648243971
.wearfigs.com/	1970-01-20 11:20:30	Name: _scid Value: bc50ce9c-7a6f-4790-9d05-42593d918c99
.postrelease.com/	1970-01-20 10:36:19	Name: opt_out Value: 1
.snapchat.com/	1970-01-20 11:12:19	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQ0oY1cA5j/YLjZ/dGBXFNuGF+Xllk08Tuh19VQjPreGxnag1+jVSEqjIAAAA=
.addthis.com/	1970-01-20 11:12:19	Name: ouid Value: 623e350300014e3bf5cc65f1056a16c1a80d215ba9ab34591d76
.addthis.com/	1970-01-20 11:12:19	Name: uid Value: 623e350328fc643f
.addthis.com/	1970-01-20 11:12:19	Name: na_id Value: 2022032521325155100206163762
.pubmatic.com/	1970-01-20 02:33:55	Name: KRTBCOOKIE_97 Value: 3385-uid:k-ue-Hi1GgygE3umZ4J-DczygyXoFLsPZOB8aJKg&KRTB&23286-uid:k-ue-Hi1GgygE3umZ4J-DczygyXoFLsPZOB8aJKg&KRTB&23287-uid:k-ue-Hi1GgygE3umZ4J-DczygyXoFLsPZOB8aJKg&KRTB&23288-uid:k-ue-Hi1GgygE3umZ4J-DczygyXoFLsPZOB8aJKg
.pubmatic.com/	1970-01-20 02:33:55	Name: PugT Value: 1648243971
.pubmatic.com/	1970-01-20 04:00:19	Name: PUBMDCID Value: 1
.wearfigs.com/	1970-01-20 11:12:19	Name: _tt_enable_cookie Value: 1
.wearfigs.com/	1970-01-20 11:12:19	Name: _ttp Value: 53e7adb4-00f4-4410-89b0-d8c76da63b37
.wearfigs.com/	1970-01-20 10:36:19	Name: _pin_unauth Value: dWlkPU1HWTROVGMzTkdVdFptVTBNUzAwTURRM0xUaGtOekl0TXpKa05HWXdOMlExTWpCag
www.wearfigs.com/	1970-01-20 10:36:19	Name: _fbuy_eh3-qO4_last_popup Value: 2022-03-25
www.wearfigs.com/	1970-01-20 10:36:19	Name: _fbuy_buckets Value: %7B%22eh3-qO4%22%3A%5B73214%2C1648243971967%5D%7D
.getrockerbox.com/	1970-01-20 02:33:55	Name: uuid Value: rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a
.wearfigs.com/	1970-01-20 02:33:55	Name: rbuid Value: rbos-0becb31d-0838-4d5b-8089-a9b82c137b3a
.ct.pinterest.com/	1970-01-20 10:36:19	Name: _pinterest_ct_ua Value: "TWc9PSZWQzR6bEVxVnBlZjQ2cnpJRzBqUHNuOXUvRFYyM1N6ZzZEQWVNUHhWT1c0ZnQ5c0xFZWRIcDdhYitaNnA5T3FScHlHakRhSW5YM0oxb0lGZzgrMzZndjdXY2lRclFzUXowN2lBcGUyNWRJdz0md2w1NUlQUWxkTTZBb2E1dkFPSmlZMkN4aEJFPQ=="
.wearfigs.com/	1969-12-31 23:59:59	Name: pjn-click Value: null
widget-mediator.zopim.com/	1970-01-20 02:00:48	Name: AWSALBCORS Value: fk6diVf2OXIZQaY0t3v6Pl9l6juEnWeEo4/y/RuKwAYALGWRtjyecT3B0uLBcGZ3mMT66bDEgoT94WFbWjgSyrukQKN2Ic/LZAd6/Ysxx/r57m+TVR9aH2L9ZuIM
.wearfigs.com/	1970-01-20 10:36:19	Name: __zlcmid Value: 19AknpCvrCnqrIg

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-SemiBold.woff2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-Regular.woff2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-Bold.woff2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://s3.global-e.com/merchantscontent/Figs/Fonts/FIGS-Medium.woff2 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.pbbl.co/r/1535.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ws.friendbuy.com/site-12d76507-www.wearfigs.com/customers Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a18274933994.cdn.optimizely.com
acdn.adnxs.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
alb.reddit.com
analytics.tiktok.com
api-34-216-180-31.b2c.com
api-cf.affirm.com
api.fouanalytics.com
api.privy.com
assets.privy.com
b-code.liadm.com
bat.bing.com
cdn.attn.tv
cdn.cookielaw.org
cdn.friendbuy.com
cdn.heapanalytics.com
cdn.optimizely.com
cdn.pbbl.co
cdn.shopify.com
cdn.stickyadstv.com
cdn.taboola.com
cdn1.affirm.com
cdn1.friendbuy.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
connect.nosto.com
container.pepperjam.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
cw.addthis.com
d.turn.com
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dis.criteo.com
djnf6e5yyirys.cloudfront.net
dvqigh9b7wa32.cloudfront.net
eb2.3lift.com
ekr.zdassets.com
email.friendbuy-mail.com
events.privy.com
fbuy.me
fonts.googleapis.com
geolocation.onetrust.com
gepi.global-e.com
getrockerbox.com
google-analytics.com
googleads.g.doubleclick.net
gum.criteo.com
heapanalytics.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
images.ctfassets.net
in.hotjar.com
jadserve.postrelease.com
js.afterpay.com
logx.optimizely.com
magnolia.assets.prod.wearf1gs.com
match.sharethrough.com
mug.criteo.com
o241518.ingest.sentry.io
partner.mediawallahscript.com
pix.pub
pixel.rubiconproject.com
pixel.tvsciapi.com
privymktg.com
r.casalemedia.com
rbqnb9ch.wearfigs.com
redirect.friendbuy.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
s3.global-e.com
sc-static.net
script.hotjar.com
secure.adnxs.com
segment.prod.bidr.io
simage2.pubmatic.com
sp.analytics.yahoo.com
ssl.google-analytics.com
sslwidget.criteo.com
static-friendbuy-com.s3.amazonaws.com
static.criteo.net
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.snapchat.com
tracker.affirm.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
unpkg.com
ups.analytics.yahoo.com
utils.global-e.com
v4-api-34-216-180-31.b2c.com
vars.hotjar.com
vc.hotjar.io
wearfigs.zendesk.com
web.global-e.com
webservices.global-e.com
widget.privy.com
ws.friendbuy.com
www.affirm.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
www.wearfigs.com
x.bidswitch.net
pixel.tvsciapi.com
104.16.51.111
104.18.70.113
104.21.58.221
104.92.106.130
108.157.4.16
108.157.4.3
108.157.4.40
108.157.5.251
13.248.245.213
141.226.228.48
142.250.186.98
142.250.74.194
143.204.202.145
143.204.215.106
143.204.215.79
143.204.215.95
143.204.98.53
151.101.1.44
151.101.129.140
151.101.130.133
159.203.152.57
167.89.118.83
178.250.2.146
178.250.2.151
18.66.248.46
185.33.220.100
185.33.221.90
185.86.139.115
2.18.232.130
2.18.232.170
2.18.233.9
2.18.234.21
2.21.142.210
2.22.32.24
2001:4860:4802:32::15
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::13
204.237.133.120
212.82.100.181
23.67.128.30
2600:1f18:444a:4680:6bbe:49e:bc45:59
2600:1f18:612b:4200:b61c:5ded:72b6:ee33
2600:1f18:730:b130:4e1:d630:93b5:bb1d
2600:9000:2057:de00:8:8845:1500:93a1
2600:9000:206f:4000:17:3f5c:f800:21
2600:9000:206f:800:4:6d29:5d00:93a1
2600:9000:206f:e200:1c:9484:cec0:93a1
2600:9000:214f:600:17:f683:1d40:21
2600:9000:2156:7600:3:760:2800:21
2600:9000:2182:600:19:a49e:1b80:93a1
2600:9000:224a:200:12:94b3:c380:93a1
2600:9000:224a:4e00:f:ee6c:7180:93a1
2600:9000:224a:a400:1b:5138:8a40:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:156c
2606:4700:20::ac43:44a1
2606:4700:3036::ac43:c834
2606:4700:3037::6815:46f
2606:4700::6810:135e
2606:4700::6810:1f3d
2606:4700::6810:7baf
2606:4700::6810:9440
2606:4700::6810:e43c
2606:4700::6811:72b5
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:28a::1931
2a02:26f0:6c00:2a0::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:400::268
3.126.56.137
34.120.195.249
34.201.179.84
34.216.180.31
34.246.109.130
35.158.142.150
35.186.226.184
35.211.178.172
35.244.174.68
44.196.158.29
52.215.125.248
52.219.117.42
52.48.97.146
52.51.233.122
52.52.88.197
52.55.166.42
52.8.175.250
54.177.67.226
54.217.99.203
54.234.50.35
54.235.15.197
65.9.58.181
65.9.66.36
65.9.66.7
65.9.66.91
69.173.144.138
70.42.32.159
95.100.153.98
99.86.1.96
99.86.7.101
99.86.7.25
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
015a1ddadda41c42f45fb7b9eb9857abab596ef30f0ac00f0b2c0089dd05b2d8
016276e793892c7b98824b9c336ab594296c80a62fe911e63ad1fb76d36c99c2
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
067af954f23a0b1028b0eb87198838464b1cc442496fb34f8478fe70c30417fa
07c650aa91d9f42601a9c668c73aad1b133580e99bffc7fa32fee198261c0e6e
0810eea83dd9b8aa14d6acfd308af0cd31aa9451f36b10e75c3bffbe9af2e2f9
091b828370d70593dcb4fb5ef26138a000721e810f01f42ca5898a4f30339f2c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e853472d08fc32c67060b05475c0b9a60786684fa2a513e0ff7275943b38c46
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11399a3730122e555dbf8a5e8e0c8c44f0f88d67072c2aa31f6956f80b16c83a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
177f5964d2134fbb2bed4ecbe40b8b15ef4dbad03c51386da33b134bd8b647d1
18d51cd9bd8ebb8f38bbf6a75402d4a4fc43a216b677781f703a48a30d7d9b87
1a9e8ca627ff9d3bd0892d6e749366cf5390c49154d5b1efd84af3fe445b5719
1eabaf498788654979a4aafa69a9ed1d0162cf2239283b5577d4bbdbf74d1d16
1f24c1aa992d8a56bfd2c1bf6d001b06ba6100e1c029c7f1e366a11da90fb65c
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
2207492a2cc099f6c61e6f89b630cb4d3c4b0604ca481a0bb83389d9341ac52d
28d0094a32508af0a5ae62a21c974f28f344c1f8f9d3798e91556d3133f658db
2abfb249f27ab0655daf7b3cfdb5da05968f0d715fc18988756b7cce06a86502
2da008ebd641a93284e17c469057184fb945eefd4ad51748aed3c6f966e68746
2e10acc8d39f64adea961a82e6ba5d1865108ea71ea16dedc4807ac8aa17e205
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
367fd5c064bb98037fcd6d7e6f1aede890ef9513190aad341232afd9e69efda5
371c7619c36e1e1364329d7da03b78f25f7de9d24a843c54323e87f3311a8d1b
374df3dfdc8e680a5b78dbd2317d40fa2b6e4e7021dd2383d72d0441e4d49d26
376dd699bf7d258ecb260a05fdfdc584442fe7eab2ba82c3c9ca52f6bbc72094
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39279bce6d4e4113c0f69528832e70655dc7408c5b47cc596ad42918d9e891dc
3a20a1d6569961073b2e6222fbae1a5cf82108cc2322d7925327c227394c4ccf
3c6fd10a83f701d7ee1b6f23b0768ab0d0c8ed6e9ae38f4ab7ac0fb59d6d1c4e
3d2b3b7fa6250edcc3bd1a5688ae4fb61a69e51a5788c7d96213522c2dadd278
3d588848c4a26306683d97d8bb0e3b57d810da60432500deab2113d8b93daed9
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e538c1594924d8773f69e6a40328267b1e3b408ee0168ec4cd8ed41067ab617
3fc17d0bff4fd6fe38be73428a16310b01cb6436d38b887e556311fcfd18a6af
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
43ea8b401e51f01eced458a6876140f366e7342fdcdadabab65fdb63f6f338c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4508a14fd9b91a0151131e44b5f7b004eb34eb36e8790dc2a62b0c94ff93ac6b
470abebf6febcff0747467416bc639c72551bd11d7d9b2377d82404f559c6bbc
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
491fceb9986eaf300b1f8bb427816886f23dfca0c449874c4e8cf18892002a02
4b001d04e82ebd3ca94d31eeb49b34b3c17c5372155ffe1de5c75f40fb0a6bb7
4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9823efcf399e051dbe0b59db5b8737ac18c4bae25e297ae3eef9e7565f1013
4c722f0fe1150cf8feee517bc8f613d58d4a3e30d14dfa5cc2034258bdd4cf8b
4d62c385d688e23d18b6857929f9ee47fd902dcdfc8f29f0e486d7eb07cced81
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e18d5f85e55d9c0cbc7ad63fe4119c8253568d04808b49006b198e0c966cdd2
4f839c0490fe7b3bfbd6e13cff9612d068c6176b0fd4f461cc80fd91b76d1765
50f199b44fdade602bf548b89a123977618344829e6f32b50b0e87263846d015
52a75cefd19e34af52c78bb192804f41f49e7adbca178dc463cba9914b16ea51
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59300305004648c06aa76f94b80c73d235d7a8781c6615c7eef943836fcab6fb
599c262e13c82a1420c4737037ff9892052291e1985baa2045602b7b5a2331d2
5a4bf1bed5a1dbb0df353ffe5e37faeef9e731fdb8523f5b516ee37a8894914b
5d89e5725d9e615afd42061689a2fabb632712c2625dc978d39eef261b5a9e8b
5dc948ae5465e8e7aa439e6bec54999346b0c6cac955b1cdbd52b32d76cdc68d
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5fbcc88a0b097bf62ec356cb66e48e1a9378b536f1c0d77e0e06f6936854cf76
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
607d2643f303c438541da031eebef5741a5f99f64e08cbf521620d1fc073f9e5
60a8173b992551149c8aa8014d67629358076d76db9362836ca2002971277269
633bf19158fc19a8e7d0e6e132600f0b3092b0676c7724b6c2bdb7a811352acb
660fd4ca089d5f9e52f8abdb62d8b1ca98ad2fe554364a6b6e6d01a38ef98bad
669cb55d54ed3ce841427294455b85a774786ed1fb23570c55e9b39aec116ae1
66bb4cd150935b5a45caeb0f53bfd21a78b087fad6c507b810e5d5d84072d37f
6734701534dd9b07ad96dc61d39fa3bdd0297d27cf81c732359f97db9b56efbc
6a08661552517cd801e286d4aaa9552b380eb85d85bdeeaa1f067815498ad0cf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4795a3cfbdd82325dd06fa80c92ea169a23163053f1978a0e13d24d4bff292
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
6d192931840b5846cdd202ac4888c640d2be647332313394807c76adde0f47bc
6d4f572bac358d523c32e30153af5aee1775e20c95fc5c362db33985599923dd
6e505bbf6bc061310c8e5b19928446e375898a377287196d378ade76a5bea397
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
709cb048a2255a262b3683667ad1b8772861c7312519cb8be5ea64aab4e787e3
70dee174047f13d7c472fcb3507e2930f06be338ac959fa8c0bea798cca1b5b8
70f07df8529a5da355e70cb8fd1a2c6cdbe6dec83a5332bfcf06f5a917e6e607
717a8f9f948a93df3efb6add7630a3f650bfd4fc2b830a43e5a39d5d782bebbf
7260d7e22a2d64e15357095eb89cbb3d95aeefbbfd4520ec9f0aa6f8ca7bc18e
73e4414ce283724173e96ebb62b2b1ce2c38de473deec1b891e37c93d0e65275
797f6702745ce3f671f5d38c29afe2a1e67be9ee80cfdcf0ab1b9b668c9c18b3
7a1752cedf2e35539a01db6f6663a8aecb259ed8238170dcf2187301b78503f0
7b12d4d291854db4bb8fe7d470f7cd8c2aa8fcf9c2a046802f975ed2c350f8ac
7dc954e2134f5d8980e415152fa8435fa090489e36491e2cfecba9cdda13495f
7de29db67a5a02da70e826601983cc17f3edc043744bdb3d8f64d9c3d065697f
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
800124a32cd68495de0c3f1a6e5847cda16bda38921b8f386cce62a6334b52f2
813b6f9c4d6e568debdb35e047666aaacda2ff909b8c00ea6ad49292e8139ec6
815ff4c9b8b41e38d4db9628ba39f07ca3ce2da7efb4fad31c25ac54160b85db
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8400ca58eb1c38bbd46992209a84ff39f68649cbcdd404521c423cdac8129bf0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8768a4170a4710fa38da88574b4315b825a4bba25299dad58fcf248a495c5a69
8807331f35d6ac8aee0cf6f4c94033ac73bb30754361b472f892d265a46bb6e0
8847672baccea591de6001e791a489aa1b5ada49f5668d2b162d4de6816511e5
8898f2bb55652fd7cdb07c22932f854f8f41ff50eb66ae01a78930f8c71f9f5b
890c8e84e55b1f2d6d0f617f7b6cf6fa8cfc6ea5c55bfdf78081b6252f3cb815
892be90dd8306be631cff5b38e510a3c52f0ba7f4bd968630665fa8fbfbb5a29
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d728ba62f3f7c795e471c6dce9d637ffce93580e4936c3f1b578320242df7b8
8deac5cf77134319db32964c7b23c611984c9459805a5f7f1207f96576bc8771
8eeef476ec87c50fffa61c208feb3219819413be0a2b228de887439eb52feba3
8f1d6d4cc75e4aa9496b424cd30b080acfdc983a42910afcd0069560cf2b11d4
907f6e341ffa43814a6678678a5e1f468ab180e4916dd92bb1024ce39607b662
924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40
92e7359d3516e68c4709bb0deba295243a4950a06ff0981394a070c951fcf15a
93f09763935e0f1fa73e3e6b97270d1ccb982f0b70d078b8a9044dee09963683
941ab056f9ff4b8230b1327ae107236e3f8d059aa7007f477f8adff2f32f7695
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
98753a47a585b364d46318037a18c5525261dd84fd2075c78ccd06650d660e7a
997a4e496b1777ef39c6322ab68e83c9ecff5c97931ca9103e764c6f675c512f
9dd7fb74f729ec90a72266c1a601490cc44bab6b894fed4c59ae8a078b9485fb
9f95c1b63d886d244ae289d6b80164c8f94c32ef15a664c0d4476b7696609b95
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08308f74ad2a0d91ec29b62ea2a2dab894b47f5e8fa133e414c7626a5a3ac8f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2edf0576f191018863ab1a2068d2910d89af4723ad860c64c151e7c8d1f47a8
a4ec11f45c859228d47c22ce859c647503546af6044181706f61e27c310f5271
a57b2b4d8769daebf7627bc18efb149ee0304b59f4d68a4850f7e1672451273c
a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce
ab1950f57e6d11b1632286c083ba6da9a655736308322940832dc8970b28c0ae
aba6f5d0bde324fc26326aca9e87245a6288b263f5bfcce3e2f1d02c92f44f39
abf908f7d6a6b5b8d35e3df43f8be5916b2a17681335f7c77a34e4af9c833648
ada737477de9c9476e7c9a1ab98cd7874020b726d68038b13616de7661d367bb
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
b03295cd7770fb022e86b4b5c103aa013cefe870282c7eee6db0c2ec76ba2aa5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2820bc0c971197b86c7ab01c5895dd4fcc22fc9885dc727edecf2cf32ed8784
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b40291ffe4e9d9bb2e10835df039258c7d2c8e55c8a9987371e667f5c18a0352
b4defeaae93287f1dafca22c3024edacc37f79539fc1f78aaa663117fb00e2c1
b60a920fb383a0b7c34cd8faa42f7c61aad18997cb95e9776d0f44535df56ba8
b7e477e5b8b86ca6b1358fbeb87736615204866bded195fc73b9f054529910ed
b9db21c4ec0d96d3ac8ac93dbf895b3e164df5abbfc44d421b29ac72c24907e3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc8c7d932f8cf0332d10d8e22e8cc6869d7bdb060fadb3c055fffaa1105a42f7
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424
c0ecc46fb9529c0f1532af342f2b995054af937e89c3d50287be79c43fe3fa20
c359ca086a363b7c2aedef74522528f2b70f37cec4059e0c3ee9d7b12f9d5609
c46bf9c10edea54fc1c03a5a74a0498d7c24f4ddf05547d1b762b9e742bacf15
c5162278b8ff0987662b06f616fbb47deebcc0a1f7cfffb4fb79cabdfcf026da
c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab
c7ebfaf9e9eec731d5b33aa154a7be9c58f507d1bfd81837ddff918b80ed43e8
c8b419cb843b2ba9ebb97acc87115738f2a2d1f64c4d14b246be9c8cb1264d3b
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca0c151d1851b32da6153455a4aad1613746ec210a081b86e09368e7e8ce7a8c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb57fd2543a9ddc252d8d6b174e13dc7a0baafc1a5e1509af83fdb9643fcc46
cc473661da7293099c09d386ba1ff208609d205190cda12eb46c2aaad58c6cea
cd2c8e1d3d26b9d29dfa282199888f576f0780be4b5f4b7d6470f843c63c3a98
ce8178eb9e93bffce9bd40c17d020c1b5c87c5e89fab86c07e8a90aa0e5f0467
ce92054ebdb7c3d2a56ff0541b4049a1e4faa7e9baa410ad5af43eaf26e3e07a
d0967f621628c8edb4d931628c455e028d645ade5e6240b2bc3c220587b2b09f
d0c67fa140153fb0480b3b25c6468efd6e125b60b79307da41346d3445034f81
d0f50cd7363d3fcd7e2eac30723a0be9e2e45c480d782a2f0a95bd384fdb5eba
d14512639f3d15ddc19228d6a2f22fb25e9016c7248a19e8a4292bf59579b3f2
d5e2431b4efa405a2fc9b381dec44b4bc9537085d3907703a4924d69a7a004a0
d6a4678ebdbbc6e462eef7ebe2538ce25bcc04c52d752767ee9e289601ec836b
d9a91836e2644510e44cd3a91b1a217ce771c2c93870ee8009ecc23a97bc445f
da75553d55f98d155eac8f9838f76b4660272075d3cf724a6d0122e6bd849bf0
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d
dca1ae93b9c0a595ca6470fda80b9628d455812f8ba2bef0cb29edebe4290633
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfacd297a4b7d3007e838ccdde45577f226e95a498106340cdbdfbb442e359cc
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e26bddfe28fe2e8e28c5b25968decb689ebac4300ee117b4c5c472a0600cd343
e2f6e51bb0d411890ec25a2fa7d5686fba74d291f00596e02a59db2e7e8ebdb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1ae6585a01f1adeb9c98450e5ea1110e1b22743b2d127b9a3415290538608
e71d05b1a18c2eb2e63ffb0cded3274181051008387342649d956a3de5a2450d
e752b9ae3db2156a6b0d84994875c55e17c208257ff0197bb65ba84dad4fa7b0
e7f4f15d17fbe5ec408811cffdd0bd0008146b2406ebb4eb5edbf34de1ba1e55
e921ccb2692f1c0042439da607a4a3ebaf8edb1abf9397f0de9cbe5da557990b
e93f05e840fb07aa39f7bbebb284f6be5abd33f40e39a9e761c774a6c17d7a1f
e985f03de7fa9c3aefff70b377ba367d8584b08a76afd86c74d7b98b60f498fc
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f014938ebbd05d00c25169f07c093462dc62e647febdd9dd714177f7ced808c7
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0f213fd458997140528cb457fd532c1d1f28a00e17ce4deedc50618e5f02a69
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8
f30b18a9b6c79e3c636a21e04210b67260d73bd39dad3aa50119079fc4d912c3
f4550040dff4d38f29c36a8173f35de1058faefea0eafeb81d3e3d8fe592b8e6
f5902d035a83bac762333f76a73e62b8918674ada53374fb5dfccd6abba6ad4f
f6e2e0851d638a37167523b684920a0c68c6b9d89b8f354b2395eb2bdb107ab2
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

www.wearfigs.com Open in urlscan Pro 18.66.248.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

291 Requests

94 %HTTPS

40 %IPv6

80 Domains

125 Subdomains

106 IPs

9 Countries

8374 kBTransfer

16503 kBSize

103 Cookies

15 Outgoing links

Page URL History

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wearfigs.com Open in urlscan Pro
18.66.248.46 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

94 %
HTTPS

40 %
IPv6

80
Domains

125
Subdomains

106
IPs

9
Countries

8374 kB
Transfer

16503 kB
Size

103
Cookies

291 HTTP transactions
5 data transactions