credit.kohls.com Open in urlscan Pro
107.162.230.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.t.kohls.com/?qs=13c09eb6d3aac3a92c57f15ab68764b5b4be1bcabb2403302b32d1e5ebca80c14d9e5c5994b5c597205a501a0428...
Effective URL:
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Submission: On November 14 via api (November 14th 2022, 3:46:41 am UTC) from SG — Scanned from DE

Summary HTTP 83 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 44 domains to perform 83 HTTP transactions. The main IP is 107.162.230.34, located in United States and belongs to DEFENSE-NET, US. The main domain is credit.kohls.com. The Cisco Umbrella rank of the primary domain is 134059.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 14th 2022. Valid for: a year.

This is the only time credit.kohls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	68.232.203.70 68.232.203.70	22606 (EXACT-7) (EXACT-7)
6 13	107.162.230.34 107.162.230.34	55002 (DEFENSE-NET) (DEFENSE-NET)
1	2600:9000:245... 2600:9000:2453:3000:1b:64b0:3080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2600:9000:215... 2600:9000:2156:f400:0:ed0d:63c0:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:340... 2a02:26f0:3400:180::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:18d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 16	34.247.60.44 34.247.60.44	16509 (AMAZON-02) (AMAZON-02)
1	104.18.114.97 104.18.114.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:fa00:19:6e5a:51c0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.209.199.248 52.209.199.248	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
6 6	34.251.26.3 34.251.26.3	16509 (AMAZON-02) (AMAZON-02)
1	18.202.164.188 18.202.164.188	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	3.248.145.65 3.248.145.65	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
7 8	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:25fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
5 10	54.76.137.80 54.76.137.80	16509 (AMAZON-02) (AMAZON-02)
1 2	95.101.54.210 95.101.54.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
1 1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 3	184.24.11.75 184.24.11.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
1 1	38.67.14.224 38.67.14.224	174 (COGENT-174) (COGENT-174)
1 1	54.80.16.151 54.80.16.151	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.207.237.180 44.207.237.180	14618 (AMAZON-AES) (AMAZON-AES)
1	54.72.167.131 54.72.167.131	16509 (AMAZON-02) (AMAZON-02)
1	54.75.190.240 54.75.190.240	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	() ()
1 2	185.94.180.126 185.94.180.126	() ()
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	() ()
1 2	52.200.133.99 52.200.133.99	() ()
1 1	141.94.171.214 141.94.171.214	() ()
83	39

1 68.232.203.70 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s6.exacttarget.com

click.t.kohls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 107.162.230.34 (United States) 6 redirects

ASN55002 (DEFENSE-NET, US)

credit.kohls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2453:3000:1b:64b0:3080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.firstdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:f400:0:ed0d:63c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3ksttzjeov72n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3400:180::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
17de4c1a.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.247.60.44 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.114.97 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ipv4.icanhazip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:fa00:19:6e5a:51c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1kjcdrfrq03t3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.199.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-199-248.eu-west-1.compute.amazonaws.com

kohls.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

ww8.kohls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.251.26.3 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.164.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-164-188.eu-west-1.compute.amazonaws.com

fiservsolutions-1.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

cashedge.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.145.65 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-145-65.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ef3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:25fe (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.76.137.80 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-137-80.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.54.210 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-210.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee3 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.11.75 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-11-75.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.101 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.67.14.224 (Jacksonville, United States) 1 redirects

ASN174 (COGENT-174, US)

abp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.16.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-16-151.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.237.180 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-237-180.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.167.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-167-131.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.190.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (None, ) 1 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.133.99 (None, ) 1 redirects

ASN- ()

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.214 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	everesttech.net 19 redirects cm.everesttech.net — Cisco Umbrella Rank: 1007 pixel.everesttech.net — Cisco Umbrella Rank: 4212 sync-tm.everesttech.net — Cisco Umbrella Rank: 533	9 KB
18	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 197 kohls.demdex.net — Cisco Umbrella Rank: 11841 fiservsolutions-1.demdex.net — Cisco Umbrella Rank: 77437	24 KB
16	kohls.com 7 redirects click.t.kohls.com — Cisco Umbrella Rank: 50881 credit.kohls.com — Cisco Umbrella Rank: 134059 ww8.kohls.com — Cisco Umbrella Rank: 22051	315 KB
11	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	157 KB
10	cloudfront.net d3ksttzjeov72n.cloudfront.net d1kjcdrfrq03t3.cloudfront.net	523 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1973 3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1970 eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net	1 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 944	85 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 913	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 492	65 KB
2	rkdms.com 1 redirects mid.rkdms.com	71 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	1 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1283 beacon.krxd.net — Cisco Umbrella Rank: 530	529 B
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com — Cisco Umbrella Rank: 2380	603 B
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 390	758 B
2	navdmp.com 1 redirects navdmp.com — Cisco Umbrella Rank: 4524 cdn.navdmp.com — Cisco Umbrella Rank: 5989	230 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	107 B
2	omtrdc.net cashedge.d1.sc.omtrdc.net — Cisco Umbrella Rank: 49307	467 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1270 c.go-mpulse.net — Cisco Umbrella Rank: 611	51 KB
1	onaudience.com 1 redirects pixel.onaudience.com	248 B
1	facebook.com www.facebook.com	561 B
1	pubmatic.com image2.pubmatic.com	451 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 407	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 307	239 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 714	266 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 830	464 B
1	mxptint.net 1 redirects abp.mxptint.net — Cisco Umbrella Rank: 17538	673 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 682	263 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2443	322 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 835	676 B
1	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 926	418 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 746	552 B
1	vindicosuite.com mpp.vindicosuite.com — Cisco Umbrella Rank: 5170	24 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	265 B
1	akstat.io 17de4c1a.akstat.io — Cisco Umbrella Rank: 13359	202 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 528	394 B
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 1653	205 B
1	33across.com dp2.33across.com — Cisco Umbrella Rank: 9063	68 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 434	478 B
1	icanhazip.com ipv4.icanhazip.com — Cisco Umbrella Rank: 11992	400 B
1	firstdata.com cdn.firstdata.com — Cisco Umbrella Rank: 95524	49 KB
0	clickagy.com Failed aorta.clickagy.com Failed
0	netmng.com Failed adb2waycm-atl.netmng.com Failed
83	44

	Domain	Requested by
16	dpm.demdex.net	1 redirects credit.kohls.com s.go-mpulse.net
13	credit.kohls.com	6 redirects credit.kohls.com s.go-mpulse.net
10	pixel.everesttech.net	5 redirects
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	d3ksttzjeov72n.cloudfront.net	credit.kohls.com d3ksttzjeov72n.cloudfront.net
6	cm.everesttech.net	6 redirects
4	tags.tiqcdn.com	credit.kohls.com tags.tiqcdn.com
3	px.owneriq.net	2 redirects
3	ib.adnxs.com	2 redirects
3	securepubads.g.doubleclick.net	credit.kohls.com securepubads.g.doubleclick.net
3	assets.adobedtm.com	credit.kohls.com assets.adobedtm.com
2	mid.rkdms.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ads.scorecardresearch.com	2 redirects
2	gum.criteo.com	2 redirects
2	idsync.rlcdn.com
2	cashedge.d1.sc.omtrdc.net	s.go-mpulse.net
2	ww8.kohls.com	s.go-mpulse.net assets.adobedtm.com
2	d1kjcdrfrq03t3.cloudfront.net	credit.kohls.com
1	pixel.onaudience.com	1 redirects
1	www.facebook.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	sync.crwdcntrl.net
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	sync.ipredictive.com	1 redirects
1	abp.mxptint.net	1 redirects
1	bttrack.com
1	fei.pro-market.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	ps.eyeota.net	1 redirects
1	servedby.flashtalking.com	1 redirects
1	mpp.vindicosuite.com
1	match.adsrvr.org
1	eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	17de4c1a.akstat.io	s.go-mpulse.net
1	analytics.twitter.com
1	idpix.media6degrees.com
1	cdn.navdmp.com
1	navdmp.com	1 redirects
1	dp2.33across.com
1	aa.agkn.com	1 redirects
1	fiservsolutions-1.demdex.net	tags.tiqcdn.com
1	kohls.demdex.net	assets.adobedtm.com
1	ipv4.icanhazip.com	s.go-mpulse.net
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	credit.kohls.com
1	cdn.firstdata.com	credit.kohls.com
1	click.t.kohls.com	1 redirects
0	aorta.clickagy.com Failed
0	adb2waycm-atl.netmng.com Failed
83	58

This site contains links to these domains. Also see Links.

Domain
www.kohls.com
apply.kohls.com

Subject Issuer	Validity	Valid
credit.kohls.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-07-14` - `2023-07-14`	a year	crt.sh
cdn.firstdata.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-23`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
ww8.kohls.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-23` - `2023-01-23`	a year	crt.sh
*.d1.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-05` - `2023-04-28`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
mpp.vindicosuite.com GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Frame ID: CDF676E221D42E32D0DA64A124AC36C0
Requests: 37 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Frame ID: 28F72E836119BF9173FFCD3AAC9B46AB
Requests: 4 HTTP requests in this frame

Frame: https://kohls.demdex.net/dest5.html?d_nsid=0
Frame ID: 43B0FC76C571086574ECA1A4E57CC059
Requests: 41 HTTP requests in this frame

Frame: https://fiservsolutions-1.demdex.net/dest5.html?d_nsid=0
Frame ID: EDB44F176E334DADC1F117F358F3799F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eCustomer Service

Page URL History Show full URLs

http://click.t.kohls.com/?qs=13c09eb6d3aac3a92c57f15ab68764b5b4be1bcabb2403302b32d1e5ebca80c14d9e5c59... HTTP 302
https://credit.kohls.com/eCustService/?om_mid=_Account_Update&om_etid=539117635&utm_source=TRA&utm_me... HTTP 301
https://credit.kohls.com/ HTTP 303
https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Detected technologies

Zip (Payment processors) Expand

Overall confidence: 100%
Detected patterns

zip\.co

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

83
Requests

57 %
HTTPS

26 %
IPv6

44
Domains

58
Subdomains

39
IPs

6
Countries

1273 kB
Transfer

3747 kB
Size

39
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kohls.com/
Title: Shop at Kohl's Now!

Search URL Search Domain Scan URL

URL: https://apply.kohls.com/
Title: Apply now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.t.kohls.com/?qs=13c09eb6d3aac3a92c57f15ab68764b5b4be1bcabb2403302b32d1e5ebca80c14d9e5c5994b5c597205a501a0428f759508e45aa9cf84222 HTTP 302
https://credit.kohls.com/eCustService/?om_mid=_Account_Update&om_etid=539117635&utm_source=TRA&utm_medium=ET&utm_term=539117635&utm_content=852100&utm_campaign=_Account_Update&mi_u=539117635 HTTP 301
https://credit.kohls.com/ HTTP 303
https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668397588847 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668397588847

Request Chain 24

https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif HTTP 301
https://credit.kohls.com/ HTTP 303
https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Request Chain 27

https://cm.everesttech.net/cm/dd?d_uuid=78146235252183706050585098214212843391 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3G6FQAAAB2nVAOJ

Request Chain 39

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=78146235252183706050585098214212843391 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219103204335000156620

Request Chain 41

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2733671800359917938

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzgxNDYyMzUyNTIxODM3MDYwNTA1ODUwOTgyMTQyMTI4NDMzOTE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzgxNDYyMzUyNTIxODM3MDYwNTA1ODUwOTgyMTQyMTI4NDMzOTE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH0VaAsCsASkB0SlTPCN4ao&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 46

https://navdmp.com/req?adID=78146235252183706050585098214212843391 HTTP 301
https://cdn.navdmp.com/req?adID=78146235252183706050585098214212843391

Request Chain 49

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEPpYSo58yZ_7buCpbGeoA-I&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 50

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPpYSo58yZ_7buCpbGeoA-I&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 51

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEPpYSo58yZ_7buCpbGeoA-I&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 53

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEPpYSo58yZ_7buCpbGeoA-I&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 54

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPpYSo58yZ_7buCpbGeoA-I&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 55

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pxufnz8ul HTTP 302
https://3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 56

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pxufnz8ul HTTP 302
https://eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 59

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5431E21617308C&gdpr=0&gdpr_consent=

Request Chain 60

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GAvXawsZ35CTKBFIimQf7ZyMAu5kJAa2&gdpr=0&gdpr_consent=

Request Chain 61

https://ps.eyeota.net/match?bid=6j5b2cv&uid=78146235252183706050585098214212843391&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 62

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=78146235252183706050585098214212843391&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9_fH2MFE2pE4_wGdfuL1mxox.HWPRlwjszY-~A

Request Chain 63

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=78146235252183706050585098214212843391 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=361677013873804170

Request Chain 64

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7216839921986462150&uid=Q7216839921986462150&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 66

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=78146235252183706050585098214212843391&rn=1668397589491&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D78146235252183706050585098214212843391 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=78146235252183706050585098214212843391&rn=1668397589491&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D78146235252183706050585098214212843391 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=78146235252183706050585098214212843391

Request Chain 67

https://abp.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D530_F9518A54_BBE2BF8&redir=https://abp.mxptint.net/sn.ashx?ak=1

Request Chain 69

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID} HTTP 302
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=40839da2-8066-4099-a039-89ddd078761d

Request Chain 70

https://usermatch.krxd.net/um/v2?partner=adobe&id=78146235252183706050585098214212843391 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78146235252183706050585098214212843391

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNHNkZRQUFBQjJuVkFPSg==

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3G6FQAAAB2nVAOJ&expires=90

Request Chain 74

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3G6FQAAAB2nVAOJ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3G6FQAAAB2nVAOJ&C=1

Request Chain 75

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y3G6FQAAAB2nVAOJ

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3G6FQAAAB2nVAOJ

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3G6FQAAAB2nVAOJ

Request Chain 78

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3G6FQAAAB2nVAOJ&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3G6FQAAAB2nVAOJ&img=1&__user_check__=1&sync_id=eef5b937-63ce-11ed-9c3c-16877d160106

Request Chain 79

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3G6FQAAAB2nVAOJ&t=2592000&o=0

Request Chain 80

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=78146235252183706050585098214212843391&_ct=img HTTP 302
https://mid.rkdms.com/restricted

Request Chain 81

https://pixel.onaudience.com/?partner=130&mapped=78146235252183706050585098214212843391&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
credit.kohls.com/ecs/auth/
Redirect Chain

http://click.t.kohls.com/?qs=13c09eb6d3aac3a92c57f15ab68764b5b4be1bcabb2403302b32d1e5ebca80c14d9e5c5994b5c597205a501a0428f759508e45aa9cf84222
https://credit.kohls.com/eCustService/?om_mid=_Account_Update&om_etid=539117635&utm_source=TRA&utm_medium=ET&utm_term=539117635&utm_content=852100&utm_campaign=_Account_Update&mi_u=539117635
https://credit.kohls.com/
https://credit.kohls.com/ecs/auth?cid=AAAA4151001
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

4 KB
3 KB

194ms
194ms

Document
text/html

107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

f4b8880ba554e8613fa520b398ad892cb638a1622682dd3fc1c2e1421bd689b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Y2M2ODE1NzMtNDc1YS00MTQ3LTlhMDgtNmE0NWIwMTgxMzhk'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Y2M2ODE1NzMtNDc1YS00MTQ3LTlhMDgtNmE0NWIwMTgxMzhk'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Nov 2022 03:46:27 GMT
ETag: W/"f0a-uRxak3ILUPkbrmugO0IBMhI2GDE"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 fra1-bit10021
X-Content-Type-Options: nosniff nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block 1; mode=block
expires: -1d

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 215
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 03:46:27 GMT
Location: /ecs/auth/?cid=AAAA4151001
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Vary: Accept-Encoding
Via: 1.1 fra1-bit10021
X-Content-Type-Options: nosniff nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block 1; mode=block
expires: -1d

GET
H/1.1 200
OK 1.61751cfc4f2cd4c09890.css
credit.kohls.com/ecs/auth/ 156 KB
24 KB 355ms
354ms Stylesheet
text/css 107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.kohls.com/ecs/auth/1.61751cfc4f2cd4c09890.css

Requested by

Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZjE4Y2Q4MTktMDdiNS00ZWJkLTg3NGMtNTAxOTJjMTk3ZmZi'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZjE4Y2Q4MTktMDdiNS00ZWJkLTg3NGMtNTAxOTJjMTk3ZmZi'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Date: Mon, 14 Nov 2022 03:46:28 GMT
Via: 1.1 fra1-bit10021
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control: off
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 04:37:10 GMT
ETag: W/"27007-183f3ae4cf0"
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges: bytes
expires: -1d

GET
H/1.1 200
OK main.61751cfc4f2cd4c09890.css
credit.kohls.com/ecs/auth/ 818 B
2 KB 735ms
670ms Stylesheet
text/css 107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.css

Requested by

Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

5dc8c16ae1b739482d01922a747406d2a209e8ae81f5e4278e2c2650c88e1f4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Y2FiZTExOTQtMWQ3OC00NjBjLTliY2EtNmI0OGU1MzBkODNj'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Y2FiZTExOTQtMWQ3OC00NjBjLTliY2EtNmI0OGU1MzBkODNj'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date: Mon, 14 Nov 2022 03:46:28 GMT
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Via: 1.1 fra1-bit1004
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 818
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 04:37:10 GMT
ETag: W/"332-183f3ae4cf0"
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges: bytes
expires: -1d

GET
H2 200 fontawesome-all.min.css
cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/ 49 KB
49 KB 164ms
35ms Stylesheet
text/css 2600:9000:2453:3000:1b:64b0:3080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/fontawesome-all.min.css
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:3000:1b:64b0:3080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: z0BouNAw_Ue0nfki3a47GipUh4LG9Ovr
date: Mon, 14 Nov 2022 01:06:07 GMT
via: 1.1 ebfd02322356b60fe506d9cd1ca49956.cloudfront.net (CloudFront)
last-modified: Thu, 30 Apr 2020 21:40:09 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P1
age: 10871
x-amz-server-side-encryption: AES256
etag: "fa458861897529425cdf08dffe6146a4"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 49945
x-amz-cf-id: Pu47EYrYTn8EcX5eq1SvQtFuZQ4s48SOqSDJPy5wXia-kpm6AheUDA==

GET
H2 200 launch-368ee32ad013.min.js Show response
assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/ 134 KB
43 KB 114ms
20ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f9e5db2d0dd841b403c591b80839f11fce95b7a395d8f17ff60fe8c7a9a1e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:28 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 19:31:19 GMT
server: AkamaiNetStorage
etag: "e1d1caa4e6875af89d97c9e38c650be6:1588620679.97007"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://credit.kohls.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43291
expires: Mon, 14 Nov 2022 04:46:28 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/fiserv/ecs/prod/ 190 KB
62 KB 552ms
457ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34a13102936e59edbebcffd52dd7a5f56027208abe9f526bc978622602dda678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:29 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 07:28:00 GMT
server: AkamaiNetStorage
etag: "7e7dcad057bae87e8909963cf3749123:1663054080.627598"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Mon, 14 Nov 2022 03:51:29 GMT

GET
H2 200 published_main_13.css
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/ 1 KB
877 B 152ms
78ms Stylesheet
text/css 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/published_main_13.css
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: qBmca3nvlJBew.nyV4JoTL4LZHwO7Bp_
content-encoding: gzip
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date: Mon, 14 Nov 2022 03:46:28 GMT
last-modified: Fri, 30 Jul 2021 14:03:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 602
x-amz-server-side-encryption: AES256
x-amz-meta-x-amz-meta-title: /ecs/banks/AAAA4151001/templates/cfi/saved_main.css
vary: Accept-Encoding
etag: W/"3427d8d110efae5852b0b0560554321e"
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-id: JdcLMQlbH4VyuTnRoX_APf1Xk2uK0TaNLcsyLdFD_DtRjI9WP0XMCw==

GET
H2 200 auth_styles.1.0.css
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/ 949 KB
151 KB 95ms
21ms Stylesheet
text/css 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd53fb3dca94672551a3853e0724accb63486af504d431674b0d0846f990ee6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 07:14:59 GMT
x-amz-version-id: raVOGaM7WlzylvBPyAomvAWa1p3mfj8a
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 04:30:29 GMT
server: AmazonS3
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"a9b55e0911d6ced41a7101c16dfd27b3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 73890
x-amz-cf-id: MJW6g04Y2CcgO6ShmL4FJIu_O6NqPGl9p36aFn0WBV3QXb3V6c21tQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 83ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2129ccd6aca391fa9315ee075c416a0f5d99c86c917cd750d9e8fb0c86aac5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27297
x-xss-protection: 0
server: sffe
etag: "1391 / 96 of 1000 / last-modified: 1668207947"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Nov 2022 03:46:28 GMT

GET
H/1.1 200
OK vendors~main.61751cfc4f2cd4c09890.js Show response
credit.kohls.com/ecs/auth/ 700 KB
194 KB 928ms
858ms Script
application/javascript 107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.kohls.com/ecs/auth/vendors~main.61751cfc4f2cd4c09890.js

Requested by

Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

e340a56dd0f761773f43c37d410127ec7c8f848bc0c6b48644d5a9eceaf024fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-NDc0NDkzMmUtMTgzOC00OWRlLWFjNDEtOWY1MmE1OWI2ZTUy'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-NDc0NDkzMmUtMTgzOC00OWRlLWFjNDEtOWY1MmE1OWI2ZTUy'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Date: Mon, 14 Nov 2022 03:46:28 GMT
Via: 1.1 fra1-bit10021
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control: off
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 04:37:10 GMT
ETag: W/"af1c2-183f3ae4cf0"
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges: bytes
expires: -1d

GET
H/1.1 200
OK main.61751cfc4f2cd4c09890.js Show response
credit.kohls.com/ecs/auth/ 242 KB
54 KB 1048ms
848ms Script
application/javascript 107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.js

Requested by

Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

cecd77b0f4875d4da09911d54df7f149541ffcd47251c63644b225f292ec4cc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MzdkNzk5NzEtNTYzOS00MGYxLWEyZTEtMjM5MTE1NThiOGFj'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MzdkNzk5NzEtNTYzOS00MGYxLWEyZTEtMjM5MTE1NThiOGFj'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Date: Mon, 14 Nov 2022 03:46:28 GMT
Via: 1.1 fra1-bit12024
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control: off
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 04:37:10 GMT
ETag: W/"3c76b-183f3ae4cf0"
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges: bytes
expires: -1d

GET
H2 200 3H6HN-HCW87-4HZF3-YWYL6-C7HHH Show response
s.go-mpulse.net/boomerang/ Frame 28F7 205 KB
50 KB 80ms
22ms Script
application/javascript 2a02:26f0:3400:180::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3400:180::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:28 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 12:35:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 50393

GET
H2 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 20:05:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 111 B
102 B 73ms
29ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=credit.kohls.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c564d9af61d586aa7d64508fc57900fab2da77572ea13782ca213d8617b86ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Mon, 14 Nov 2022 03:46:28 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 28F7 3 KB
1 KB 236ms
177ms XHR
application/json 2a02:26f0:480:18d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=3H6HN-HCW87-4HZF3-YWYL6-C7HHH&d=credit.kohls.com&t=5561325&v=1.720.0&if=&sl=0&si=ead8e4d9-8e68-4f74-a621-56805f8226e6-rlbjte&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:18d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d83f5d3a026c8552e7d5ca6be0b158b0fd6537799487aa655fe0298f2f0a8152

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1111

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668397588847
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668397588847

8 KB
3 KB

136ms
136ms

XHR
application/json

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668397588847

Requested by

Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

43103cd40bb8a5e7d7e6cdc82ef135838d4f0f9d3c4ae838ea12bba3de50e19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 3sA7pYLFSgo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://credit.kohls.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2333
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VJ81vzrySkY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://credit.kohls.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668397588847
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ 36 KB
13 KB 20ms
20ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 22:29:22 GMT
server: AkamaiNetStorage
etag: "42fa244f36955eedb3cd8ade6f492bf6:1583879362.816163"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://credit.kohls.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 13342
expires: Mon, 14 Nov 2022 04:46:28 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ 25 KB
9 KB 21ms
21ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7037e102057d591d9adf205fef096b6bc5f05927a92abfba941bf501fb206500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 22:29:23 GMT
server: AkamaiNetStorage
etag: "ded8555987db3b546f5ba6ed52f81b8d:1583879363.172979"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://credit.kohls.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Mon, 14 Nov 2022 04:46:28 GMT

GET
H2 200 / Show response
ipv4.icanhazip.com/ 16 B
400 B 80ms
24ms XHR
text/plain 104.18.114.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.icanhazip.com/
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.114.97 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c52b0513463085c8f5fd3b61b431a81e8b24621b617c4180d221a7b206ccf9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:29 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: *
cf-ray: 769cc2a5e95a6940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16

GET
H2 200 OpenSans-Regular.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 94 KB
95 KB 62ms
20ms Font
binary/octet-stream 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Regular.ttf
Requested by: Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2

Request headers

Referer: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Origin: https://credit.kohls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: bhMbwpUWcqLtDOgd1mfKPZUQKvETAjyX
date: Sun, 13 Nov 2022 04:26:25 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 84005
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 96428
last-modified: Thu, 11 Aug 2022 04:32:04 GMT
server: AmazonS3
etag: "5a798cdadc7cd321e3f72425b70bface"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://credit.kohls.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: -udazGnTDG_AxLZzDiU-QLtAsyGjY58IzQg_OFTRqpCTL5fe5ScTmg==

GET
H2 200 OL_ENGINE.js Show response
d1kjcdrfrq03t3.cloudfront.net/assets/scripts/ 45 KB
12 KB 88ms
23ms Script
application/javascript 2600:9000:223c:fa00:19:6e5a:51c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1kjcdrfrq03t3.cloudfront.net/assets/scripts/OL_ENGINE.js
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:fa00:19:6e5a:51c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 3P5UUTQvBHcTXaruvb_UuBQ17gboRg_h
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date: Sun, 13 Nov 2022 08:17:32 GMT
last-modified: Mon, 10 May 2021 18:03:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 70138
x-amz-server-side-encryption: AES256
etag: W/"baabad5b06edc9b1df65a8f29d3ffe5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: 222Qxidqx3xAlEiwy8mza3AAO3h6A3kwrcJzmDpoSN1GIAK8Q5qZUQ==

GET
H2 200 OL_CONF_INLINE.js Show response
d1kjcdrfrq03t3.cloudfront.net/assets/scripts/ 2 KB
1 KB 88ms
23ms Script
application/javascript 2600:9000:223c:fa00:19:6e5a:51c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1kjcdrfrq03t3.cloudfront.net/assets/scripts/OL_CONF_INLINE.js
Requested by: Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:fa00:19:6e5a:51c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 16R1R8rMuOYb5UxG2uciwcbcujn4nryb
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date: Sun, 13 Nov 2022 08:17:32 GMT
last-modified: Mon, 10 May 2021 18:03:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 70138
x-amz-server-side-encryption: AES256
etag: W/"530d4cdedab8e19176884727de612674"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: gr9bUwfjr7-kZm4tJNM--gMOocUbrk6dW1qX6dC-L8FacOEJmcNRCQ==

GET
H2 200 utag.16.js Show response
tags.tiqcdn.com/utag/fiserv/ecs/prod/ 399 B
623 B 22ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.16.js?utv=ut4.47.202107121809
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 51e53f49d8f809b76a75e0eaf09716b8b6e818034335c528ef681f1d7bc2a9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 14 Nov 2022 03:46:29 GMT
last-modified: Mon, 12 Jul 2021 18:10:04 GMT
server: AkamaiNetStorage
etag: "a259b5013fc85601aed47f5956645dd9:1626113404.691193"
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 399
expires: Tue, 29 Nov 2022 03:46:29 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
216 B 22ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=fiserv/ecs/202209130727&cb=1668397589438
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 14 Nov 2022 03:46:29 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 14 Nov 2022 03:56:29 GMT

GET
H/1.1 200
OK AAAA4151001 Show response
credit.kohls.com/ecs/auth/api/config/ 92 KB
20 KB 195ms
195ms XHR
application/json 107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.kohls.com/ecs/auth/api/config/AAAA4151001?language=en_US

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

dab6498e145ca5b96d872a831c8bc518ee42dad5018b219675853d829e132a3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZTQzN2YzODktYzA3Yi00OTU2LTgxOTEtYWM2ODgxNDJiOGY4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

preferredLanguage: EN
Accept: application/json, text/plain, */*
activityDateTime: 2022-11-14T03:46:29+00:00
Referer: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
accept-language: de-DE,de;q=0.9
ipAddress: 217.114.215.131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZTQzN2YzODktYzA3Yi00OTU2LTgxOTEtYWM2ODgxNDJiOGY4'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Date: Mon, 14 Nov 2022 03:46:29 GMT
Via: 1.1 fra1-bit10021
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 19176
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"16e3a-VogVkUuGn9NNfkCIgzO3g8QxIuE"
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, no-store, must-revalidate
expires: -1d

GET
H/1.1

200
OK

/
credit.kohls.com/ecs/auth/
Redirect Chain

https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif
https://credit.kohls.com/
https://credit.kohls.com/ecs/auth?cid=AAAA4151001
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

4 KB
4 KB

197ms
197ms

Image
text/html

107.162.230.34
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://credit.kohls.com/ecs/auth/?cid=AAAA4151001

Protocol

HTTP/1.1

Server

107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-NmY5ODlhZDAtMTk2Ni00YThkLTk1N2ItZTI2YmQ1NDQ0Mjhh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy: script-src 'strict-dynamic' 'unsafe-eval' 'nonce-NmY5ODlhZDAtMTk2Ni00YThkLTk1N2ItZTI2YmQ1NDQ0Mjhh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Date: Mon, 14 Nov 2022 03:46:30 GMT
Via: 1.1 fra1-bit12024
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1643
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"f0a-keM0HleSfXdKzbpXnDbnND4stds"
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
expires: -1d

Redirect headers

Content-Security-Policy: default-src 'none'
Date: Mon, 14 Nov 2022 03:46:30 GMT
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Via: 1.1 fra1-bit12024
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 215
X-XSS-Protection: 1; mode=block, 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: /ecs/auth/?cid=AAAA4151001
Cache-Control: no-cache, no-store, must-revalidate
expires: -1d

GET
H/1.1 200
OK dest5.html Show response
kohls.demdex.net/ Frame 43B0 7 KB
3 KB 788ms
214ms Document
text/html 52.209.199.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kohls.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.199.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-199-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://credit.kohls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-016466e2e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: om/Iz0/mRDE=
content-encoding: gzip
date: Mon, 14 Nov 2022 03:46:30 GMT
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
vary: accept-encoding

GET
H2 200 id Show response
ww8.kohls.com/ 48 B
458 B 410ms
140ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ww8.kohls.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&mid=73035853945120883250087324523313872471&ts=1668397589568

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

7ca96988e27203bca1cfcc5320460135da8449db680e41bd6bc41182168eee0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://credit.kohls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Nov 2022 03:46:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://credit.kohls.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y3G6FQAAAB2nVAOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=78146235252183706050585098214212843391
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3G6FQAAAB2nVAOJ

42 B
942 B

212ms
139ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3G6FQAAAB2nVAOJ

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-07303b075.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7ger1cZDSuk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3G6FQAAAB2nVAOJ
Date: Mon, 14 Nov 2022 03:46:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 OpenSans-SemiBold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 98 KB
99 KB 21ms
21ms Font
binary/octet-stream 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-SemiBold.ttf
Requested by: Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104

Request headers

Referer: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Origin: https://credit.kohls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 04:26:26 GMT
x-amz-version-id: EVuKfqftIUSq8D4VCw1jTX1jQKm5r5_K
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 84004
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 100256
last-modified: Thu, 11 Aug 2022 04:32:08 GMT
server: AmazonS3
etag: "096d8c73bb18e4328284f25138b47ac6"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://credit.kohls.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: PiyFAJCUA3_M5PLkq_grX8XwiT9fFaVQw6E3mc1O45duoIneXC4BsA==

GET
H2 200 OpenSans-Bold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 101 KB
102 KB 21ms
21ms Font
binary/octet-stream 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Bold.ttf
Requested by: Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199

Request headers

Referer: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Origin: https://credit.kohls.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 04:26:26 GMT
x-amz-version-id: nUKUekj8ArdJHhoBL0vGfyN1uodHat23
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 84004
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 103616
last-modified: Thu, 11 Aug 2022 04:31:43 GMT
server: AmazonS3
etag: "0062c34665a3fc0f2278cd4e955702ec"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://credit.kohls.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: FjmsvdynDmejdX_UnulzT6MgkRtbdD0-vGpnzIZHP9704n1SfIMUXA==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 376 B
1 KB 139ms
139ms XHR
application/json 34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=88C5E33B558DAFB57F000101%40AdobeOrg&d_nsid=0&ts=1668397589676

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

253197a335b84aa9cfbd6707abe5d208c28f2efd6ed834b36af4d7e66b24aa4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://credit.kohls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-0f14bb97f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: z/RSFINrTY0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://credit.kohls.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 317
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.19.js Show response
tags.tiqcdn.com/utag/fiserv/ecs/prod/ 65 KB
22 KB 27ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.19.js?utv=ut4.47.202209130727
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd0cbf1efb2b3e31c78463c4fbe7bdde2e5e62f2a5a7220babd0496e51fe40fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:29 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 07:28:02 GMT
server: AkamaiNetStorage
etag: "deb5410dec7fb64d785e34c5ea941fdd:1663054082.18721"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 21776
expires: Tue, 29 Nov 2022 03:46:29 GMT

GET
H2 200 LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 54 KB
54 KB 22ms
21ms Image
image/png 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: OoGFlH5pOQnYl1Y8oka0OwHtpKMYun4T
date: Sun, 13 Nov 2022 04:24:13 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Thu, 08 Apr 2021 04:57:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 84136
x-amz-server-side-encryption: AES256
etag: "d3ef2a1238f2c7a80fe17f03f277aacb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 54955
x-amz-cf-id: pGmLOc5sBvT5cl1SZ9adiWUzTspcQNjN25ws23pfdX1fTsE7otWb6g==

GET
H2 200 not-visible.svg
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/ 992 B
1 KB 26ms
25ms Image
image/svg+xml 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/not-visible.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: tQeT04l3xpkhZn0F0CCDj1tkPm_onaXR
date: Sun, 13 Nov 2022 05:55:36 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Thu, 11 Aug 2022 04:37:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 78654
x-amz-server-side-encryption: AES256
etag: "6fce3ff9699a8ccf4c184be7b2ae8e9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 992
x-amz-cf-id: Fc16LOOrBgXfGJk7kva5_oZ6-5Pj6ATUAfORgYqX_3u04zPucoa2ng==

GET
H2 200 LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 6 KB
6 KB 27ms
26ms Image
image/jpeg 2600:9000:2156:f400:0:ed0d:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: NhqLAlKuOQnJQapzoCD0jNza90AjFrK6
date: Sun, 13 Nov 2022 10:49:14 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Thu, 08 Apr 2021 04:57:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 61036
x-amz-server-side-encryption: AES256
etag: "05406680debd225230e676efede11868"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 6032
x-amz-cf-id: b8svHr4eIDVRNDU-_875A7DrZSl_xTrXpVliaFt2TQkDGTVUNmTfyw==

GET
H/1.1 200
OK dest5.html Show response
fiservsolutions-1.demdex.net/ Frame EDB4 7 KB
3 KB 555ms
148ms Document
text/html 18.202.164.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fiservsolutions-1.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.164.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-164-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://credit.kohls.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-0ced04f65.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: KxRVd65MTgE=
content-encoding: gzip
date: Mon, 14 Nov 2022 03:46:30 GMT
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
vary: accept-encoding

GET
H2 200 id Show response
cashedge.d1.sc.omtrdc.net/ 2 B
267 B 492ms
187ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cashedge.d1.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=88C5E33B558DAFB57F000101%40AdobeOrg&mid=78176417779128140150581077393782696685&ts=1668397589822

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://credit.kohls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Nov 2022 03:46:30 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://credit.kohls.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 s18141119825027 Show response
ww8.kohls.com/b/ss/kohlscomprod/10/JS-2.20.0-LAS8/ 8 KB
8 KB 166ms
166ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ww8.kohls.com/b/ss/kohlscomprod/10/JS-2.20.0-LAS8/s18141119825027?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=14%2F10%2F2022%203%3A46%3A29%201%200&d.&nsid=0&jsonv=1&.d&mid=73035853945120883250087324523313872471&aamlh=6&ce=UTF-8&cdp=3&fpCookieDomainPeriods=3&pageName=credit%3Alogin&g=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&c.&k.&pageDomain=credit.kohls.com&.k&mcid.&version=4.6.0&icsmcvid=-false&mcidcto=-false&aidcto=-false&.mcid&.c&cc=USD&v0=AAAA4151001&products=%3Bproductmerch1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=external&c4=credit&c9=credit%7C&c18=mon%7Cweekday%7C03%3A00%20am&v18=mon%7Cweekday%7C03%3A00%20am&c22=2022-11-14&v22=desktop&v40=cloud17&c50=D%3Ds_tempsess&c53=D%3DpageName&c64=VisitorAPI%20Present&v68=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9f9d3a64f09cec604dc1e52595a2e28534b008fd2690a6033f7eade0976d562b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-aam-tid: S/K28DfCQYw=
date: Mon, 14 Nov 2022 03:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 8306
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v045-0f9127447.edge-irl1.demdex.com 4 ms
pragma: no-cache
last-modified: Tue, 15 Nov 2022 03:46:30 GMT
server: jag
etag: 3582856543239569408-4619693678381412295
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 13 Nov 2022 03:46:30 GMT

GET
H2 200 s15973983185139
cashedge.d1.sc.omtrdc.net/b/ss/ceecsprod/1/JS-2.21.0/ 43 B
200 B 118ms
118ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cashedge.d1.sc.omtrdc.net/b/ss/ceecsprod/1/JS-2.21.0/s15973983185139?AQB=1&ndh=1&pf=1&t=14%2F10%2F2022%203%3A46%3A30%201%200&sdid=657FB988D39C2468-3A51C35D6D97B990&mid=78176417779128140150581077393782696685&aamlh=6&ce=UTF-8&ns=cashedge&pageName=Login&g=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&cc=USD&v0=AAAA4151001&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=Login&v1=Login&c2=10%3A46%20PM%7CSunday&v2=10%3A46%20PM%7CSunday&v3=New&c4=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&v4=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&v5=fiserv.ecs&v6=b5060cc21bbd852437346f09f143b72d59e4cc77cf2980a38d6a2429502987aa&v7=78176417779128140150581077393782696685&v44=AAAA4151001&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=88C5E33B558DAFB57F000101%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://credit.kohls.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 03:46:30 GMT
server: jag
etag: 3582856544594821120-4619851489058054956
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 13 Nov 2022 03:46:30 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=219103204335000156620
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=78146235252183706050585098214212843391
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219103204335000156620

42 B
942 B

137ms
137ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=219103204335000156620

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0826e4ce6.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: N4tYFtD7RZI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:30 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=219103204335000156620
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame 43B0 0
98 B 100ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=78146235252183706050585098214212843391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=2733671800359917938
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2733671800359917938

42 B
942 B

141ms
141ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=2733671800359917938

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-028e6f909.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ugJHC99OTJE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Mon, 14 Nov 2022 03:46:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 641dcfea-9b08-4132-a94d-a5479a757282
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=2733671800359917938
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 451 365868.gif
idsync.rlcdn.com/ Frame 43B0 0
9 B 69ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=78146235252183706050585098214212843391
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 /
dp2.33across.com/ps/ Frame 43B0 0
68 B 1025ms
121ms Image
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp2.33across.com/ps/?pid=897&random=1210496566
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP009 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-33x-status: 208
date: Mon, 14 Nov 2022 03:46:31 GMT
server: 33XP009

GET /
adb2waycm-atl.netmng.com/cm/ Frame 43B0 0
0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEH0VaAsCsASkB0SlTPCN4ao&google_cver=1
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzgxNDYyMzUyNTIxODM3MDYwNTA1ODUwOTgyMTQyMTI4NDMzOTE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzgxNDYyMzUyNTIxODM3MDYwNTA1ODUwOTgyMTQyMTI4NDMzOTE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH0VaAsCsASkB0SlTPCN4ao&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

142ms
142ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH0VaAsCsASkB0SlTPCN4ao&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xXgOGXDjTMc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH0VaAsCsASkB0SlTPCN4ao&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

req
cdn.navdmp.com/ Frame 43B0
Redirect Chain

https://navdmp.com/req?adID=78146235252183706050585098214212843391
https://cdn.navdmp.com/req?adID=78146235252183706050585098214212843391

6 B
77 B

450ms
436ms

Image
application/x-javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.navdmp.com/req?adID=78146235252183706050585098214212843391
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 769cc2b1ab5c5b92-FRA
content-length: 6
content-type: application/x-javascript

Redirect headers

location: https://cdn.navdmp.com/req?adID=78146235252183706050585098214212843391
date: Mon, 14 Nov 2022 03:46:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 769cc2b09aac5b92-FRA
content-type: text/html

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame 43B0 43 B
205 B 475ms
127ms Image
image/gif 2606:4700:4400::6812:25fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=78146235252183706050585098214212843391
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:4400::6812:25fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:31 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 08 Sep 2017 18:54:28 GMT
server: cloudflare
etag: "59b2e764-2b"
content-type: image/gif
accept-ranges: bytes
cf-ray: 769cc2b31e41bc01-FRA
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 43B0 43 B
394 B 338ms
129ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=78146235252183706050585098214212843391&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 14 Nov 2022 03:46:31 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 13886a33fa8d9cdc
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: acfa80beef6d3c9b007e3672fc15ca20af740b0ba14935534fd4cdb43a7202a4
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 43B0
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEPpYSo58yZ_7buCpbGeoA-I&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

41ms
41ms

Image
image/png

54.76.137.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.137.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-137-80.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 14 Nov 2022 03:46:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 43B0
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEP...
https://pixel.everesttech.net/1x1

128 B
691 B

41ms
41ms

Image
image/png

54.76.137.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.137.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-137-80.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 14 Nov 2022 03:46:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 43B0
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

42ms
41ms

Image
image/png

54.76.137.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.137.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-137-80.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 14 Nov 2022 03:46:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 204 /
17de4c1a.akstat.io/ 0
202 B 210ms
180ms Ping
image/gif 2a02:26f0:3400:180::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://17de4c1a.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3400:180::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://credit.kohls.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:31 GMT
content-type: image/gif
access-control-allow-origin: https://credit.kohls.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 14 Nov 2022 03:46:31 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 43B0
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

43ms
43ms

Image
image/png

54.76.137.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.137.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-137-80.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 14 Nov 2022 03:46:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 43B0
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNHNkZRQUFBQjJuVkFPSg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

43ms
42ms

Image
image/png

54.76.137.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.76.137.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-137-80.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 14 Nov 2022 03:46:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

results.txt Show response
3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net/eum/ Frame 28F7
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pxufnz8ul
https://3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

282ms
20ms

XHR
text/plain

95.101.54.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.54.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 14 Nov 2022 03:46:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net/eum/ Frame 28F7
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pxufnz8ul
https://eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

107ms
20ms

XHR
text/plain

2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 14 Nov 2022 03:46:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 43B0 70 B
265 B 139ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=credit.kohls.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
mpp.vindicosuite.com/sync/ Frame 43B0 24 B
24 B 171ms
110ms Image
text/plain 35.186.236.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mpp.vindicosuite.com/sync/?pid=27&fr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.236.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 03:46:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24
content-type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=5431E21617308C&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5431E21617308C&gdpr=0&gdpr_consent=

42 B
942 B

141ms
141ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5431E21617308C&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0f9127447.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9I/9TqJLQEk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5431E21617308C&gdpr=0&gdpr_consent=
Pragma: no-cache
Date: Mon, 14 Nov 2022 03:46:32 GMT
Cache-Control: no-cache, no-store
Server: prod-xre-app5.frk11
Connection: close
X-HW: 1668397592.dop218.fr8.t,1668397592.cds276.fr8.shn,1668397592.dop218.fr8.t,1668397592.cds004.fr8.sc,1668397592.cds004.fr8.p

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=GAvXawsZ35CTKBFIimQf7ZyMAu5kJAa2&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GAvXawsZ35CTKBFIimQf7ZyMAu5kJAa2&gdpr=0&gdpr_consent=

42 B
942 B

166ms
166ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GAvXawsZ35CTKBFIimQf7ZyMAu5kJAa2&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-02ae087c0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ktclQHeWSlU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=GAvXawsZ35CTKBFIimQf7ZyMAu5kJAa2&gdpr=0&gdpr_consent=
date: Mon, 14 Nov 2022 03:46:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1708108
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=78146235252183706050585098214212843391&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

116ms
116ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-07303b075.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FmnNPl6PRbI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Mon, 14 Nov 2022 03:46:32 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=78146235252183706050585098214212843391&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9_fH2MFE2pE4_wGdfuL1mxox.HWPRlwjszY-~A

42 B
942 B

172ms
171ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9_fH2MFE2pE4_wGdfuL1mxox.HWPRlwjszY-~A

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-037643fd0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QIKwqAnPT3Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 14 Nov 2022 03:46:32 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-9_fH2MFE2pE4_wGdfuL1mxox.HWPRlwjszY-~A
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=361677013873804170
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=78146235252183706050585098214212843391
https://dpm.demdex.net/ibs:dpid=575&dpuuid=361677013873804170

42 B
942 B

115ms
115ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=361677013873804170

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: PlUjntGgRps=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=361677013873804170
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 43B0
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7216839921986462150&uid=Q7216839921986462150&ref=%2Feucm%2Fp%2Fadpq
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

21ms
21ms

Image
image/gif

184.24.11.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Protocol: HTTP/1.1
Server: 184.24.11.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-11-75.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Mon, 14 Nov 2022 03:46:32 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 14 Nov 2022 03:46:32 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 user
bttrack.com/dmp/adobe/ Frame 43B0 35 B
263 B 366ms
117ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=78146235252183706050585098214212843391
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-servername: Track001-iad
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:06 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=78146235252183706050585098214212843391
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=78146235252183706050585098214212843391&rn=1668397589491&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D781462352521837...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=78146235252183706050585098214212843391&rn=1668397589491&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D78146235252183...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=78146235252183706050585098214212843391

42 B
942 B

199ms
199ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=78146235252183706050585098214212843391

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: w0JCS9VFQcQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=78146235252183706050585098214212843391
date: Mon, 14 Nov 2022 03:46:32 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: 52_Zl-AjhavCF3GtrX0WqLYUBTQEmSwQhKDZ4oY9xq9csSQDsiknTQ==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D530_F9518A54_BBE2BF8&redir=https://abp.mxptint.net/ Frame 43B0
Redirect Chain

https://abp.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D530_F9518A54_BBE2BF8&redir=https://abp.mxptint.net/sn.ashx?ak=1

42 B
942 B

358ms
357ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D530_F9518A54_BBE2BF8&redir=https://abp.mxptint.net/sn.ashx?ak=1

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-07bcfe959.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: oDDUY+SrTPs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D530_F9518A54_BBE2BF8&redir=https://abp.mxptint.net/sn.ashx?ak=1
Date: Mon, 14 Nov 2022 03:46:32 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-351384393; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 236
Content-Type: text/html; charset=utf-8

GET pixel.gif
aorta.clickagy.com/ Frame 43B0 0
0

GET
H/1.1

200
OK

ibs:dpid=2340&dpuuid=40839da2-8066-4099-a039-89ddd078761d
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID}
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=40839da2-8066-4099-a039-89ddd078761d

42 B
942 B

206ms
206ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=2340&dpuuid=40839da2-8066-4099-a039-89ddd078761d

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dgQo2W9EQYg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=2340&dpuuid=40839da2-8066-4099-a039-89ddd078761d
Date: Mon, 14 Nov 2022 03:46:33 GMT
Connection: keep-alive
X-CI-RTID: 0bec20a0-c825-4dd6-88ca-3a143e13d42a
Content-Length: 107
Content-Type: text/html; charset=utf-8

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 43B0
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=78146235252183706050585098214212843391
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78146235252183706050585098214212843391

0
339 B

179ms
42ms

Image
text/plain

54.72.167.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78146235252183706050585098214212843391
Protocol: H2
Server: 54.72.167.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Mon, 14 Nov 2022 03:46:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1668397593
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78146235252183706050585098214212843391
date: Mon, 14 Nov 2022 03:46:33 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H2 404 tpid=78146235252183706050585098214212843391
sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame 43B0 49 B
266 B 142ms
42ms Image
image/gif 54.75.190.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=78146235252183706050585098214212843391?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.102
content-length: 49
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNHNkZRQUFBQjJuVkFPSg==

170 B
188 B

61ms
61ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNHNkZRQUFBQjJuVkFPSg==

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4072-HHN
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668397593.468900,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNHNkZRQUFBQjJuVkFPSg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3G6FQAAAB2nVAOJ&expires=90

0
239 B

150ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3G6FQAAAB2nVAOJ&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4072-HHN
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668397594.501905,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3G6FQAAAB2nVAOJ&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3G6FQAAAB2nVAOJ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3G6FQAAAB2nVAOJ&C=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3G6FQAAAB2nVAOJ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 03:46:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 03:46:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y3G6FQAAAB2nVAOJ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y3G6FQAAAB2nVAOJ

43 B
1 KB

21ms
20ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y3G6FQAAAB2nVAOJ

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 03:46:33 GMT
AN-X-Request-Uuid: 0493f2c1-4f90-47a9-ba6e-7ddc8dec0116
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-hhn4072-HHN
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668397594.703097,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y3G6FQAAAB2nVAOJ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3G6FQAAAB2nVAOJ

43 B
273 B

105ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3G6FQAAAB2nVAOJ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn4072-HHN
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668397594.804019,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3G6FQAAAB2nVAOJ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3G6FQAAAB2nVAOJ

1 B
451 B

114ms
26ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3G6FQAAAB2nVAOJ
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 03:46:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn4072-HHN
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668397594.904858,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3G6FQAAAB2nVAOJ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3G6FQAAAB2nVAOJ&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3G6FQAAAB2nVAOJ&img=1&__user_check__=1&sync_id=eef5b937-63ce-11ed-9c3c-16877d160106

43 B
548 B

29ms
29ms

Image
image/gif

185.94.180.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3G6FQAAAB2nVAOJ&img=1&__user_check__=1&sync_id=eef5b937-63ce-11ed-9c3c-16877d160106
Protocol: HTTP/1.1
Server: 185.94.180.126 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 03:46:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 59
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 14 Nov 2022 03:46:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y3G6FQAAAB2nVAOJ&img=1&__user_check__=1&sync_id=eef5b937-63ce-11ed-9c3c-16877d160106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 61
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 43B0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3G6FQAAAB2nVAOJ&t=2592000&o=0

43 B
561 B

110ms
55ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3G6FQAAAB2nVAOJ&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 19:46:34 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: bXjUvQCtidWi0Y2XAVcrCW/YAZvihugLSKXI0Bp+wzTHH5kj7TZ4omKN1hzXCeLULiQkTVwr19VXDmTVMRLnIg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
priority: u=3,i
expires: Sun, 13 Nov 2022 19:46:34 PST

Redirect headers

x-served-by: cache-hhn4072-HHN
pragma: no-cache
date: Mon, 14 Nov 2022 03:46:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668397594.106248,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3G6FQAAAB2nVAOJ&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

restricted
mid.rkdms.com/ Frame 43B0
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=78146235252183706050585098214212843391&_ct=img
https://mid.rkdms.com/restricted

0
0

112ms
112ms

Image
text/html

52.200.133.99

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Protocol: H2
Server: 52.200.133.99 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

location: /restricted
date: Mon, 14 Nov 2022 03:46:34 GMT
server: nginx
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame 43B0
Redirect Chain

https://pixel.onaudience.com/?partner=130&mapped=78146235252183706050585098214212843391&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

42 B
960 B

205ms
204ms

Image
image/gif

34.247.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

Protocol

HTTP/1.1

Server

34.247.60.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-60-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kohls.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0ebeee8d5.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MhZGff9ESwU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adb2waycm-atl.netmng.com
URL: https://adb2waycm-atl.netmng.com/cm/

Domain: aorta.clickagy.com
URL: https://aorta.clickagy.com/pixel.gif?ch=124&cm=78146235252183706050585098214212843391&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kohls.com/ecs/auth	1969-12-31 23:59:59	Name: productnum Value: 1
credit.kohls.com/	1969-12-31 23:59:59	Name: clientId Value: AAAA4151001
.demdex.net/	1970-01-20 11:45:49	Name: demdex Value: 78146235252183706050585098214212843391
.credit.kohls.com/	1969-12-31 23:59:59	Name: AMCVS_F0EF5E09512D2CD20A490D4D%40AdobeOrg Value: 1
.kohls.com/	1970-01-20 16:12:13	Name: utag_main Value: v_id:0184743ee32e0014d211136a40d803074003206c00b08$_sn:1$_se:1$_ss:1$_st:1668399389295$ses_id:1668397589295%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:kohls.com$previousPageURL:https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001%3Bexp-session$previousPageName:Login%3Bexp-session
.everesttech.net/	1970-01-20 16:12:13	Name: everest_g_v2 Value: g_surferid~Y3G6FQAAAB2nVAOJ
.kohls.com/	1969-12-31 23:59:59	Name: AMCVS_88C5E33B558DAFB57F000101%40AdobeOrg Value: 1
.dpm.demdex.net/	1970-01-20 11:45:49	Name: dpm Value: 78146235252183706050585098214212843391
.kohls.com/	1970-01-20 17:02:37	Name: s_ecid Value: MCMID%7C73035853945120883250087324523313872471
.credit.kohls.com/	1970-01-20 17:02:37	Name: AMCV_F0EF5E09512D2CD20A490D4D%40AdobeOrg Value: -408604571%7CMCIDTS%7C19311%7CMCMID%7C73035853945120883250087324523313872471%7CMCAAMLH-1669002389%7C6%7CMCAAMB-1669002389%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1668404789s%7CNONE%7CMCSYNCSOP%7C411-19318%7CMCAID%7CNONE%7CvVersion%7C4.6.0
.credit.kohls.com/	1969-12-31 23:59:59	Name: s_cmp Value: AAAA4151001
.credit.kohls.com/	1970-01-20 07:26:39	Name: gpv_v9 Value: credit%3Alogin
.credit.kohls.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.ww8.kohls.com/	1970-01-20 17:02:37	Name: s_ecid Value: MCMID%7C73035853945120883250087324523313872471
.kohls.com/	1970-01-20 08:09:49	Name: s_getNewRepeat Value: 1668397590321-New
.kohls.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.kohls.com/	1970-01-20 17:02:37	Name: AMCV_88C5E33B558DAFB57F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19311%7CMCMID%7C78176417779128140150581077393782696685%7CMCAAMLH-1669002389%7C6%7CMCAAMB-1669002389%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1668404790s%7CNONE%7CMCSYNCSOP%7C411-19318%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.agkn.com/	1970-01-20 16:12:13	Name: ab Value: 0001%3AOfwnaUemEMIOBwA%2FwjfilB6nKDv8Qbsl
credit.kohls.com/	1969-12-31 23:59:59	Name: TS019b3224 Value: 012eebaae206a2e54c3aefacf904393d5607e21a081b1a19f7bc927baca4f7909ea9f4915c00a8dd075fe209743968d6721b14cb4c7bf371ac9c2957316a90b12877512ad7037178bc4c42c95652922d41444f4ecc
.adnxs.com/	1970-01-20 09:36:13	Name: uuid2 Value: 2733671800359917938
.doubleclick.net/	1970-01-20 16:48:13	Name: IDE Value: AHWqTUmKqOajKP441LjwkO8gwZyymA4Q7ajkCxKJbEdimfkPpTnV3Y00OiJthb2NAUU
.twitter.com/	1970-01-20 17:02:37	Name: personalization_id Value: "v1_P3nhp5BtFPOC5iZ4qEclGw=="
.credit.kohls.com/	1970-01-20 07:36:42	Name: RT Value: "z=1&dm=credit.kohls.com&si=bd264fca-349e-4fb3-b60f-e55f5f6ed753&ss=lag8ug5p&sl=1&tt=3ri&bcn=%2F%2F17de4c1a.akstat.io%2F&ld=4jh"
.everesttech.net/	1970-01-20 08:11:15	Name: ev_sync_ax Value: 20221114
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Y3G6FwAABPp1lT4g
.flashtalking.com/	1970-01-20 17:02:37	Name: flashtalkingad1 Value: "GUID=5431E21617308C"
.criteo.com/	1970-01-20 16:48:13	Name: uid Value: 0a1b6fda-f9c4-43ef-81a1-04a7f92af002
.eyeota.net/	1970-01-20 07:26:38	Name: SERVERID Value: 23896~DM
.yahoo.com/	1970-01-20 16:12:35	Name: A3 Value: d=AQABBBi6cWMCEEdfdJ9dCR59vm_IJ1wZEKY&S=AQAAAocJR1L8mK6HhhoOONElYoI
.owneriq.net/	1970-01-20 17:02:37	Name: si Value: Q7216839921986462150
.owneriq.net/	1970-01-20 07:41:01	Name: p2 Value: adpq
.mxptint.net/	1970-01-20 17:02:37	Name: mxpim Value: R1D530_F9518A54_BBE2BF8.1.000000000000000000000000000000000000000000000000000000006371BA19
.ipredictive.com/	1970-01-20 16:12:13	Name: cu Value: 40839da2-8066-4099-a039-89ddd078761d\|1668397593502
.adnxs.com/	1970-01-20 09:36:13	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVP:MTGD!@wnfH)iR8PMp-v=0H`<m=:MyiJ%De0snkqmg1EBU]iEX/X%W#.wL5oa9/sZwfzrV6S<:TWBCu(lOfM!x$ppBEkm
.krxd.net/	1970-01-20 11:45:49	Name: _kuid_ Value: PMpYHUTb
.casalemedia.com/	1970-01-20 16:12:13	Name: CMID Value: Y3G6GRJ9WzNoI7p74JdCzwAA
.casalemedia.com/	1970-01-20 09:36:13	Name: CMPS Value: 1129
.casalemedia.com/	1970-01-20 09:36:13	Name: CMPRO Value: 1129
.demdex.net/	1970-01-20 11:45:49	Name: dextp Value: 21-1-1668397590369\|60-1-1668397590469\|358-1-1668397590571\|477-1-1668397590671\|601-1-1668397590772\|640-1-1668397590873\|771-1-1668397590974\|822-1-1668397591075\|992-1-1668397591175\|1123-1-1668397591276\|1083-1-1668397591377\|1085-1-1668397591478\|1086-1-1668397591578\|1087-1-1668397591679\|1088-1-1668397591780\|903-1-1668397591881\|20-1-1668397591981\|3047-1-1668397592082\|28645-1-1668397592184\|30064-1-1668397592285\|30646-1-1668397592385\|575-1-1668397592486\|53196-1-1668397592587\|49276-1-1668397592688\|73426-1-1668397592788\|75557-1-1668397592889\|79908-1-1668397592990\|2340-1-1668397593090\|66757-1-1668397593191\|121998-1-1668397593292\|144230-1-1668397593392\|144231-1-1668397593493\|144232-1-1668397593594\|144233-1-1668397593694\|144234-1-1668397593795\|144235-1-1668397593896

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=78146235252183706050585098214212843391 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=78146235252183706050585098214212843391 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=78146235252183706050585098214212843391?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'strict-dynamic' 'unsafe-eval' 'nonce-Y2M2ODE1NzMtNDc1YS00MTQ3LTlhMDgtNmE0NWIwMTgxMzhk'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17de4c1a.akstat.io
3fznpa27mu3ney3rxilq-pxufnz-73bd6f570-clientnsv4-s.akamaihd.net
aa.agkn.com
abp.mxptint.net
adb2waycm-atl.netmng.com
ads.scorecardresearch.com
analytics.twitter.com
aorta.clickagy.com
assets.adobedtm.com
beacon.krxd.net
bttrack.com
c.go-mpulse.net
cashedge.d1.sc.omtrdc.net
cdn.firstdata.com
cdn.navdmp.com
click.t.kohls.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
credit.kohls.com
d1kjcdrfrq03t3.cloudfront.net
d3ksttzjeov72n.cloudfront.net
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
eaarwyaqcaaagkqce3yajaaab5rxdoqx-pxufnz-48802ad76-clienttons-s.akamaihd.net
fei.pro-market.net
fiservsolutions-1.demdex.net
gum.criteo.com
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.icanhazip.com
kohls.demdex.net
match.adsrvr.org
mid.rkdms.com
mpp.vindicosuite.com
navdmp.com
pixel.everesttech.net
pixel.onaudience.com
pixel.rubiconproject.com
ps.eyeota.net
px.owneriq.net
s.go-mpulse.net
securepubads.g.doubleclick.net
servedby.flashtalking.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.search.spotxchange.com
tags.tiqcdn.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
us-u.openx.net
usermatch.krxd.net
ww8.kohls.com
www.facebook.com
adb2waycm-atl.netmng.com
aorta.clickagy.com
104.18.114.97
104.244.42.195
104.75.88.194
107.162.230.34
13.225.78.101
13.36.218.177
141.94.171.214
15.188.95.229
15.197.193.217
151.101.194.49
18.202.164.188
184.24.11.75
185.64.189.110
185.80.39.216
185.94.180.126
192.132.33.46
209.197.3.19
212.82.100.182
216.58.212.162
2600:1901:0:8eee::
2600:9000:2156:f400:0:ed0d:63c0:21
2600:9000:223c:fa00:19:6e5a:51c0:21
2600:9000:2453:3000:1b:64b0:3080:93a1
2606:4700:4400::6812:25fe
2606:4700::6810:ef3
2a00:1450:4001:803::2002
2a02:2638:1::13
2a02:26f0:3400:180::11a6
2a02:26f0:3500:591::1e80
2a02:26f0:480:18d::11a6
2a02:26f0:480:f::213:7ec8
2a02:26f0:480:f::213:7ee3
2a03:2880:f12d:83:face:b00c:0:25de
3.124.210.90
3.248.145.65
34.247.60.44
34.251.26.3
35.186.236.204
35.244.159.8
35.244.174.68
37.252.173.215
38.67.14.224
44.207.237.180
52.200.133.99
52.209.199.248
54.72.167.131
54.75.190.240
54.76.137.80
54.80.16.151
67.202.105.22
68.232.203.70
69.173.144.139
95.101.54.210
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844
1f9e5db2d0dd841b403c591b80839f11fce95b7a395d8f17ff60fe8c7a9a1e3e
2129ccd6aca391fa9315ee075c416a0f5d99c86c917cd750d9e8fb0c86aac5f2
253197a335b84aa9cfbd6707abe5d208c28f2efd6ed834b36af4d7e66b24aa4c
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4
34a13102936e59edbebcffd52dd7a5f56027208abe9f526bc978622602dda678
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
43103cd40bb8a5e7d7e6cdc82ef135838d4f0f9d3c4ae838ea12bba3de50e19d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e53f49d8f809b76a75e0eaf09716b8b6e818034335c528ef681f1d7bc2a9c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5dc8c16ae1b739482d01922a747406d2a209e8ae81f5e4278e2c2650c88e1f4a
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7037e102057d591d9adf205fef096b6bc5f05927a92abfba941bf501fb206500
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ca96988e27203bca1cfcc5320460135da8449db680e41bd6bc41182168eee0f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9f9d3a64f09cec604dc1e52595a2e28534b008fd2690a6033f7eade0976d562b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c52b0513463085c8f5fd3b61b431a81e8b24621b617c4180d221a7b206ccf9a4
c564d9af61d586aa7d64508fc57900fab2da77572ea13782ca213d8617b86ba5
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
cecd77b0f4875d4da09911d54df7f149541ffcd47251c63644b225f292ec4cc0
d83f5d3a026c8552e7d5ca6be0b158b0fd6537799487aa655fe0298f2f0a8152
dab6498e145ca5b96d872a831c8bc518ee42dad5018b219675853d829e132a3f
dd53fb3dca94672551a3853e0724accb63486af504d431674b0d0846f990ee6d
e340a56dd0f761773f43c37d410127ec7c8f848bc0c6b48644d5a9eceaf024fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe
f4b8880ba554e8613fa520b398ad892cb638a1622682dd3fc1c2e1421bd689b9
fd0cbf1efb2b3e31c78463c4fbe7bdde2e5e62f2a5a7220babd0496e51fe40fd

credit.kohls.com Open in urlscan Pro 107.162.230.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

57 %HTTPS

26 %IPv6

44 Domains

58 Subdomains

39 IPs

6 Countries

1273 kBTransfer

3747 kBSize

39 Cookies

2 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

credit.kohls.com Open in urlscan Pro
107.162.230.34 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

57 %
HTTPS

26 %
IPv6

44
Domains

58
Subdomains

39
IPs

6
Countries

1273 kB
Transfer

3747 kB
Size

39
Cookies

83 HTTP transactions
0 data transactions