get.underweark.com Open in urlscan Pro
2606:4700:3035::6815:14d7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nmg.soundestlink.com/link/64300cc97bc68c0018b5023b/642f83922e49a0d6e10ec4c5/63de4d6415a929001c4e7295?signature=b66208...
Effective URL:
https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_m...
Submission: On April 07 via manual (April 7th 2023, 12:57:19 pm UTC) from UA — Scanned from CA

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 78 HTTP transactions. The main IP is 2606:4700:3035::6815:14d7, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.underweark.com.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2023. Valid for: 3 months.

This is the only time get.underweark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:1ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3035::6815:14d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
16	2600:9000:20e... 2600:9000:20ed:7e00:1a:f135:a7c0:21	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.47.65.93 23.47.65.93	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.219.93.73 23.219.93.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
14	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
78	12

1 2606:4700::6812:1ff3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nmg.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:14d7 (United States)

ASN13335 (CLOUDFLARENET, US)

get.underweark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:20ed:7e00:1a:f135:a7c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1y4tm6t3pzfj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.65.93 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-65-93.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.219.93.73 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-93-73.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cloudfront.net d1y4tm6t3pzfj.cloudfront.net	4 MB
14	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	399 B
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	783 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	349 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100	630 B
5	underweark.com get.underweark.com	96 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8209	729 B
4	google.com www.google.com — Cisco Umbrella Rank: 2	729 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 781	100 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2602 tr.outbrain.com — Cisco Umbrella Rank: 2509	8 KB
1	soundestlink.com 1 redirects nmg.soundestlink.com	331 B
78	12

	Domain	Requested by
16	d1y4tm6t3pzfj.cloudfront.net	get.underweark.com
14	www.facebook.com	get.underweark.com
8	connect.facebook.net	get.underweark.com connect.facebook.net
8	www.googletagmanager.com	get.underweark.com www.googletagmanager.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	stats.g.doubleclick.net	www.google-analytics.com
5	get.underweark.com	get.underweark.com
4	www.google.ca	get.underweark.com
4	www.google.com	get.underweark.com
4	analytics.tiktok.com	get.underweark.com analytics.tiktok.com
3	tr.outbrain.com	amplify.outbrain.com get.underweark.com
1	amplify.outbrain.com	get.underweark.com
1	nmg.soundestlink.com	1 redirects
78	13

This site contains no links.

Subject Issuer	Validity	Valid
*.underweark.com GTS CA 1P5	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-14` - `2023-04-14`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Frame ID: D8F9314C8B48BAC40313BA4863569B4F
Requests: 78 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Be Careful of Tight Shoes! Millions Are Snapping up These Wide Toe Box Sneakers！

Page URL History Show full URLs

https://nmg.soundestlink.com/link/64300cc97bc68c0018b5023b/642f83922e49a0d6e10ec4c5/63de4d6415a929001c4e7... HTTP 302
https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f4... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

78
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

13
Subdomains

12
IPs

1
Countries

5445 kB
Transfer

8310 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nmg.soundestlink.com/link/64300cc97bc68c0018b5023b/642f83922e49a0d6e10ec4c5/63de4d6415a929001c4e7295?signature=b662080c46b07cadf9fb15e9f11d11d7e70b3d4913f1ff90665020aaaeee0c40 HTTP 302
https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request view1659 Show response
get.underweark.com/me/new/Zekear/Shoes/
Redirect Chain

https://nmg.soundestlink.com/link/64300cc97bc68c0018b5023b/642f83922e49a0d6e10ec4c5/63de4d6415a929001c4e7295?signature=b662080c46b07cadf9fb15e9f11d11d7e70b3d4913f1ff90665020aaaeee0c40
https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295

41 KB
11 KB

1184ms
1122ms

Document
text/html

2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24
Resource Hash: b6a29aadaabe90f647637560d1170b26a7b579af07dea90aef638b15e8b805ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7b426f5d0f2c53e9-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Apr 2023 12:57:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOQvAE9TeNFZgKWGKX5Nip%2FpU%2B8CE%2FxiA0XXU8i16givELqwuWuNsbq%2BAoPhfRM3%2B5WY0Bn%2BoWdVMX0J04UKBa2IHBUQGswYKMcj%2FfAnM%2BZC9P9WawD8rzg7qYHE2mBel%2BKvZHmOUycNCXfIhJyO71o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b426f5c3c73ca67-YUL
content-length: 0
date: Fri, 07 Apr 2023 12:57:12 GMT
location: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
server: cloudflare
strict-transport-security: max-age=15552000
via: 1.1 google
x-envoy-upstream-service-time: 2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 92ms
40ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11863764

Requested by

Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f3065493de1383e59cab1cf24ae330c41fbdfd5880c967abd3c4c6a305ad36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45078
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 87ms
36ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c16f416aff648f464f54ceb9093a2e7d5e1b2e2970e101828b672a0a9d6814a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44924
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H2 200 common.js Show response
get.underweark.com/js/ 2 KB
1 KB 32ms
31ms Script
application/javascript 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/js/common.js
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0fa9d32af6e8c05f58e412b1a4bacdc47774698d59ff80300f386fb867705c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23
cf-polished: origSize=2228
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Dec 2021 04:09:20 GMT
server: cloudflare
etag: W/"61b18170-8b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rc4xC9QslLG%2B4hHENWyohE2%2FebiZrLzuE0Wv11M31%2FMQMR2P%2BJoA2EiEscLo9n0UmsBOWxTyPHm3d%2BxwWQdjaSZQfU7XfIdgIWtLem8cGlrpjZufGXchoiC%2FZxdkmdzN0tMyLPBJt2NFUdOL4mXhoMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7b426f641d5f53e9-YYZ
expires: Sat, 08 Apr 2023 00:56:50 GMT

GET
H2 200 font-awesome.min.css
get.underweark.com/css/ 30 KB
7 KB 142ms
141ms Stylesheet
text/css 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/css/font-awesome.min.css
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b0fb0efcff1c6685a952a2ce350cac267e2950859f0fe394c0d76bc0a3e47f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 08:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62a99b7d-7929"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDEYemr8YshIReKNo5B%2Fi7gCnSTv%2FRmQYBw8ieMVbo52W6oo0%2FH28X4vaF80LV78VcnXhEqwyPP5WRagKAWScKcStCRO5M8dPJFJYybg1xbtNMEfhIOKYn1%2F%2F0vW2nLsCULb9tHzvhewTvFm8HktXVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7b426f641d5b53e9-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 08 Apr 2023 00:57:13 GMT

GET
H2 200 1655787184_RWCZPK%7B1GA9%5B%60O3CJ%606%7D%25%7B7.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 24 KB
24 KB 248ms
84ms Image
image/png 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787184_RWCZPK%7B1GA9%5B%60O3CJ%606%7D%25%7B7.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d13618ae23b6092aacbb993641b84df3da2d8d0c91286ea1d79622b3faf4979

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:27:05 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:53:05 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 84624
etag: "67f4ad6b021981eac3bb269229e8d370"
x-amz-meta-width: 124
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 120
accept-ranges: bytes
content-length: 24212
x-amz-cf-id: lTW2Zk4DKy3AbNpWaPqNEnQL7Xm3Ui1Hhn0ktq7vDy_kHVu_DuUEOg==

GET
H2 200 1657787174_0714-KN-03.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 59 KB
60 KB 265ms
101ms Image
image/jpeg 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787174_0714-KN-03.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c138db1d21a230313f48b05de382efbc504fe941d57f992bdd8533e81b6d500

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:08:03 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:15 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 60551
etag: "ede26d8bae820a188834c1d4eaef99e7"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/jpeg
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 60528
x-amz-cf-id: s1iby9-j5Yfusm9natibC6ocXClwSSU8Hjw4ISGyBqTky6VVdx6rFg==

GET
H2 200 1660537988_1657623729_2.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 1 MB
1 MB 527ms
364ms Image
image/gif 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1660537988_1657623729_2.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 113af6e44c1cdce0562094dbd246be8203975fe4408425d3797e367fd5ff469b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:35:27 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 04:33:09 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 1307
etag: "a9c4c6437c68309083aed99c7fcc66ae"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 1363313
x-amz-cf-id: KD8CtqsqP4q8V3uq6MOzonzpYyrxwATYuur5EqfMpgqC0XFK4bHTuQ==

GET
H2 200 1657617922_0712-KN-01.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 20 KB
20 KB 638ms
475ms Image
image/jpeg 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657617922_0712-KN-01.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c90a8ce5a38f7eeeefec4fd600b5fe74a970bf4a2f667eb9a97ff4d6e2218b1c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 10:07:14 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jul 2022 09:25:23 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 10428
etag: "96587c5a9dc14cc9afff1ce7daf07230"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/jpeg
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 20508
x-amz-cf-id: LQUtR2B6L8ZbrUhSd8K3F2SBzbc46v31OQD7SrnHs7wZCHgz4PRVkg==

GET
H2 200 1657787185_0714-KN-02.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 78 KB
78 KB 265ms
101ms Image
image/jpeg 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787185_0714-KN-02.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89cddaea647f633e274d1ac23b48cd7f797b5c2caba8ae0b2a727bb32eb5f7e2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:06:04 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 10266
etag: "dc8ff66427c056c99433922c04751127"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/jpeg
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 79772
x-amz-cf-id: N0khbs3jOhCPRGjPcyMeyiF456RByQ4edQv4SjK-3Y7O-_kQp5sLuQ==

GET
H2 200 1657787192_0714-KN-04.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 49 KB
50 KB 508ms
345ms Image
image/jpeg 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787192_0714-KN-04.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89696acb6a83d45df78fa0d802a6501d25e300838c39250113e638b81a9dff70

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 715
etag: "acd097274811b216df7c3781d24ccd8c"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/jpeg
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 50422
x-amz-cf-id: VQmSf-bcQe_A9WxOguNzKHbaNIsoRbDOJES5pFm7h4eX-gHKC_u0qw==

GET
H2 200 1657787201_0714-KN-04.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 828 KB
829 KB 452ms
450ms Image
image/gif 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787201_0714-KN-04.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d78c04018b61b681beb00d9cb54b099bdcef08cb81e2c9eec84d1ec1a8566f0e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:08:03 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 60551
etag: "e3bb39a501ae9059ca08b457d8429355"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 847362
x-amz-cf-id: X5VCKeqfJytF6EpgOMknGRo6Wyr7Hbi8Re2nkdx_TpLtZDSK9ju7Jg==

GET
H2 200 1657787212_0714-KN-05.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 881 KB
882 KB 454ms
452ms Image
image/gif 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787212_0714-KN-05.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd0dac9fa7bbe50935b6c9f84e6c609e62e408c776a1d3831d6d718d81bc3db6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:08:04 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:55 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 60550
etag: "148792b1e19adaff3a38cacf61d55c51"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 902199
x-amz-cf-id: MQoAoKfrQa5aE0hT27FmoIKiEW5FWxd8J2o5nMZgMuZafTgHoBnOMw==

GET
H2 200 1657787224_0714-KN-01.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 71 KB
72 KB 451ms
450ms Image
image/jpeg 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787224_0714-KN-01.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97c1f181dc969b04f7ea79b23d980c76764b424bd176480bee0c25223082229a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:06:04 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:27:05 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 5710
etag: "487058d941424a2928f74961db3d2d49"
x-amz-meta-width: 1000
vary: Accept-Encoding
content-type: image/jpeg
x-cache: Hit from cloudfront
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 72796
x-amz-cf-id: SKvKnHE3IFnJPDXDKDL2CxZTTtprUAkADliJkau2pHAigtbiiCnyhg==

GET
H2 200 1655787337_%7DH%2880985%40KA6A%29%7DAO8_N3SH.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 59 KB
59 KB 453ms
451ms Image
image/png 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787337_%7DH%2880985%40KA6A%29%7DAO8_N3SH.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e985bbf32dd33d9c9c659bd195dd36b7f3004441e713d0d48e6dc225f4d0a32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 10:25:39 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:55:38 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 22167
etag: "e6d2d91c6dfbbb25fa28bdc7fa09471a"
x-amz-meta-width: 268
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 275
accept-ranges: bytes
content-length: 60245
x-amz-cf-id: ff5sBR4jHkN6KDUAeB-jozNBc3a1utg62vYVrcL7Z-ckLj7hP-zW2A==

GET
H2 200 1655787359_NYX2_5%7DDO1%5BPE%40S834FSPJT.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 59 KB
59 KB 453ms
452ms Image
image/png 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787359_NYX2_5%7DDO1%5BPE%40S834FSPJT.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 415a387651469a1111375f0d66ebfd399fec3377c42f30f7daad6723904dfc35

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 18:50:20 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:56:00 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 65214
etag: "fc6994c3b84e1fc5bf6f7143ad464818"
x-amz-meta-width: 268
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-height: 275
accept-ranges: bytes
content-length: 60084
x-amz-cf-id: zvIBhPjwXaQsmNy2zRD2CQCivw_VczzLytOD95cPpRGi6WEZt068kg==

GET
H2 200 1655787383_SD~WC56A%7D50KH%25PWNF~%29UTE.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 63 KB
64 KB 453ms
452ms Image
image/png 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787383_SD~WC56A%7D50KH%25PWNF~%29UTE.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e66835236955f7011c82074aeeff7f88ebad593d021e022415bd66f76ea85189

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 03:17:54 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:56:24 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 34760
etag: "78023b313ba56f94357c8ed40296883d"
x-amz-meta-width: 268
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 275
accept-ranges: bytes
content-length: 65000
x-amz-cf-id: -5NqIM_HWPx7NOXss_76R0xn7-aLOQJp1SV2AQIvzdnZiasXuJMOBg==

GET
H2 200 1655787303_6.jpg
d1y4tm6t3pzfj.cloudfront.net/other/images/ 290 KB
291 KB 452ms
451ms Image
image/jpeg 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655787303_6.jpg
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82335add5269929fc3c0fb260691f0316c40d35c87dceda5b6db352a78b453e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 18:50:19 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 04:55:04 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 65214
etag: "bb57eeff88bef8d74a2469ace5257413"
x-amz-meta-width: 1000
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-meta-height: 600
accept-ranges: bytes
content-length: 296882
x-amz-cf-id: RNazoyHjSUmKwq_wKEK06K1DcnLl4oNXuotCA6K8p323SvFXU7Fukg==

GET
H2 200 1657787166_0714-KN-06.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 130 KB
130 KB 108ms
89ms Image
image/gif 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787166_0714-KN-06.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e266b2dca89ca3e60a17eee3cd23274ef877899741038ab1fd12684537e7ec57

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 16:11:23 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:26:07 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 74751
etag: "0f706303b82b1f24ed7db9433ac31dc4"
x-amz-meta-width: 480
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-meta-height: 480
accept-ranges: bytes
content-length: 133100
x-amz-cf-id: COXNYfzmSe4alIGUW0yQl2YEGvEsZ_ZbXVXz5LMzIM7q0CUVDp_Lsg==

GET
H2 200 1655799144_YVKJK_HO%7BJGKPT%7D~%7BZO%247A7.png
d1y4tm6t3pzfj.cloudfront.net/other/images/ 5 KB
5 KB 102ms
81ms Image
image/png 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1655799144_YVKJK_HO%7BJGKPT%7D~%7BZO%247A7.png
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 605ba7e9f2665e354649a736c35524901a5b5a2238e87298cedcd5727ee996ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 07:03:14 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 08:12:25 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 21329
etag: "daf58768b211e6bd8da37945f66b62d8"
x-amz-meta-width: 158
vary: Accept-Encoding
content-type: image/png
x-cache: Hit from cloudfront
x-amz-meta-height: 159
accept-ranges: bytes
content-length: 5199
x-amz-cf-id: bT1-coP8jXI5XHcZmbTGAJslvidu07hqHTjxwrFrH2AeESn5mQegMg==

GET
H2 200 1657787266_0714-KN-06.gif
d1y4tm6t3pzfj.cloudfront.net/other/images/ 130 KB
131 KB 391ms
372ms Image
image/gif 2600:9000:20ed:7e00:1a:f135:a7c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1y4tm6t3pzfj.cloudfront.net/other/images/1657787266_0714-KN-06.gif
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:7e00:1a:f135:a7c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e266b2dca89ca3e60a17eee3cd23274ef877899741038ab1fd12684537e7ec57

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
via: 1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 08:27:47 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 714
etag: "0f706303b82b1f24ed7db9433ac31dc4"
x-amz-meta-width: 480
vary: Accept-Encoding
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-meta-height: 480
accept-ranges: bytes
content-length: 133100
x-amz-cf-id: O1jrYC3J7SJKPLv2uz3ebDyk_NWR3TWlB8V4L3Hf4xGNmGb70yHm1Q==

GET
H2 200 smb-scroll.js Show response
get.underweark.com/js/ 949 B
632 B 272ms
269ms Script
application/javascript 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/js/smb-scroll.js
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9dbf039fb5bad9aecf243aac15ab8899b5306a5ae5d1a168e1086ac2aa00cb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 08:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62a99b7d-3b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FumpSYBuGfWbIGmfWIYzuTGNSajoWEpBmK0V9ixtFsPD635MIYckIQ0Gm%2BogzTf1iYatI7jGtyODFF02%2Bi%2BXAVGPWY8Bg25sB4CYG%2BbmyZVN4H%2BpeOnPg6GZP19hXHUh5MLGBhb9x3dVusEwkpDM%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7b426f645dc153e9-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 08 Apr 2023 00:57:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
41 KB 92ms
78ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79c2f0e942ba037aadba248d73da8a72d626b3b7db559a2f80c8e2d9325e8ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41591
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 37ms
36ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11863764&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103606589-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7846d90c0b412fd05734f6ab820a88f5038e815032ecc1c517c5e7109a25ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45115
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
20ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-103606589-13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Apr 2023 12:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3121
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 07 Apr 2023 14:05:12 GMT

GET
H3 200 fontawesome-webfont.woff2
get.underweark.com/font/ 75 KB
76 KB 1357ms
1356ms Font
font/woff2 2606:4700:3035::6815:14d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.underweark.com/font/fontawesome-webfont.woff2
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:14d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://get.underweark.com/css/font-awesome.min.css
Origin: https://get.underweark.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:15 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 08:42:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62a99b7d-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMnwfaQ%2FejnByPEwKen3RbqBg8nVrByW3U0YPjJfqWius9bP%2BGvo%2BiWBmkiUKXKN8BUPbo5PmtSDd4Rgwl9bR27UfYPhwnIvQ43QufVHfYYEBjpMJVoLYDxIgATazLHxAnrz4lU7HLRSUFMO2Fwo4T4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 7b426f651bfea246-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 35ms
34ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158751611-2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c32dc86094a13a7f13670e31d020c9716d5f707c0234a45f546501394dde847f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44935
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 61ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 12:57:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SyBsSM+ltywzPlA4cLWDi6WKhXmyojFrADeKFRu2Y+UDgrDNEo/0D8Vsmi2rOVUpYcxNWAVs7Z82la/e7MQrTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 50ms
49ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c6a68e29b36a40df0bcec65118204dc68d33a39d2b919b7a28b412ba31b5d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44940
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 1176ms
50ms Script
application/x-javascript 23.47.65.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.65.93 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-65-93.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 12:57:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2023 09:42:03 GMT
Server: AkamaiNetStorage
ETag: "838e9c2ec6e148b2af141d9d77d0f660:1680601864.72"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: CA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6771
Expires: Fri, 07 Apr 2023 13:17:14 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 144ms
93ms Script
application/javascript 23.219.93.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8TARN0O6OK0DA72RBU0&lib=ttq
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.93.73 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-93-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03cae631d244f5dd944fbad543c5f297bee561cfcd89e7ada94edb017e5bdfc6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 1286d05a.fe4a4
date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-219-93-69.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 69,23.219.93.69
server-timing: cdn-cache; desc=MISS, edge; dur=51, origin; dur=20, inner; dur=3
content-length: 1428
pragma: no-cache
server: nginx
x-tt-logid: 20230407125713DAD59C85941885D4FF7B
x-cache-remote: TCP_MISS from a23-59-250-71.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.59.250.71
x-tt-trace-host: 01727f9c048f346e5634670cad583716de26cb10ab57828760df860c5be0f93114b3e2714f3752a1a4c0ffcbbb83381ec5b31beb62bfabb9e79e36b547c17a60207acdfccc7e00d7f3ee7b29fea647a0806d9640db02cc4d1353633f09442bbd79067f0c02b441808c09517261914df4a3
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 39ms
39ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-8

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ae8cc3a26a97dac212dbd21d91c832263ab436b7dc58417edaac00a878e4f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44933
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 55ms
55ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-103606589-2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KWPMXLS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8c5278d405a04597ef93fcaf628eb377dea71ba2e8ab27f9b3bb78a09d4d7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44935
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 12:57:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 35ms
34ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1873801340&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1707029533&gjid=1952763900&cid=1368058088.1680872234&tid=UA-103606589-13&_gid=1094575.1680872234&_r=1&gtm=457e3430&jsscut=1&z=2006210558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 86ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103606589-13&cid=1368058088.1680872234&jid=1707029533&gjid=1952763900&_gid=1094575.1680872234&_u=YEBAAUAAAAAAACAAI~&z=1898813377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
34ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1873801340&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1011063221&gjid=96920595&cid=1368058088.1680872234&tid=UA-158751611-2&_gid=1094575.1680872234&_r=1&gtm=457e3430&jsscut=1&z=537526654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3362388593882789 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3362388593882789?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23c84a76b7c70924ce872a04c6cda18f08f5e4b7afb1a05454e1e0fb6eb76956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Apr 2023 12:57:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110252
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /sfZJNw28KaDTxOyG8oA+qIPKbU67oOlBhFJ8sMFRxVvXmsUqwysmXOfns+EeEMcvcoQR+OAeGs97/qOYDdelg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 34ms
34ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1873801340&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=997126089&gjid=1922242866&cid=1368058088.1680872234&tid=UA-103606589-7&_gid=1094575.1680872234&_r=1&gtm=457e3430&jsscut=1&z=438696739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
33ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1873801340&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=549714927&gjid=1832915223&cid=1368058088.1680872234&tid=UA-103606589-8&_gid=1094575.1680872234&_r=1&gtm=457e3430&jsscut=1&z=1730209712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 34ms
33ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1873801340&t=pageview&_s=1&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&ul=en-us&de=UTF-8&dt=Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=735954721&gjid=1178294761&cid=1368058088.1680872234&tid=UA-103606589-2&_gid=1094575.1680872234&_r=1&gtm=457e3430&jsscut=1&z=976869806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 33ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-158751611-2&cid=1368058088.1680872234&jid=1011063221&gjid=96920595&_gid=1094575.1680872234&_u=aEDAAUABAAAAACAAI~&z=2144381324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 92ms
42ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-13&cid=1368058088.1680872234&jid=1707029533&_u=YEBAAUAAAAAAACAAI~&z=701268825

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 86ms
38ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-13&cid=1368058088.1680872234&jid=1707029533&_u=YEBAAUAAAAAAACAAI~&z=701268825

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 33ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103606589-7&cid=1368058088.1680872234&jid=997126089&gjid=1922242866&_gid=1094575.1680872234&_u=aEDAAUABAAAAACAAI~&z=548753362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 12:57:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTZiZDQ3NTA5MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 241 KB
66 KB 23ms
22ms Script
application/javascript 23.219.93.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8TARN0O6OK0DA72RBU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.93.73 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-93-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2f979dde1b99a98cbbd7d4040e176b20fe3b84ea0445bbfff507218c6a0f91a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: fe546
date: Fri, 07 Apr 2023 12:57:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230406150103FF4C10DBC93FBA8BE2FA
vary: Accept-Encoding
x-cache: TCP_HIT from a23-219-93-69.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01499d22caf40ae6854aefa4f754148df77ed9a0e41510e9b510509071c4be55aa8d21286ef85f4d79cbd6cfab79f56736d08443f79e68aebf47b11365c338f4bdeff3a90f033dffb5013f9f2961e24a907ddb254570b32d83ec98fc008b227c8f
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 67359

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 34ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103606589-8&cid=1368058088.1680872234&jid=549714927&gjid=1832915223&_gid=1094575.1680872234&_u=aEDAAUABAAAAACAAI~&z=2072929643

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 679176527157374 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/679176527157374?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

674a5a75445e8aaa3852990c8efdf97811aa4a6325420a8c60791b8d41d7ad67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Apr 2023 12:57:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110494
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: stmCUksaTUbTtjdzzWWu3Kwvlu6bSMGX3rr2eXQpFZP1d+HYbmX72wpGW0sbFserYCGp/AqYtBB6kEBmW8dpuA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 60ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3362388593882789&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872233997&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 33ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103606589-2&cid=1368058088.1680872234&jid=735954721&gjid=1178294761&_gid=1094575.1680872234&_u=aEDAAUABAAAAACAAI~&z=1581169767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.underweark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 54ms
42ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-7&cid=1368058088.1680872234&jid=997126089&_u=aEDAAUABAAAAACAAI~&z=1975791695

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 48ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-7&cid=1368058088.1680872234&jid=997126089&_u=aEDAAUABAAAAACAAI~&z=1975791695

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 44ms
41ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-8&cid=1368058088.1680872234&jid=549714927&_u=aEDAAUABAAAAACAAI~&z=1108373673

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 39ms
38ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-8&cid=1368058088.1680872234&jid=549714927&_u=aEDAAUABAAAAACAAI~&z=1108373673

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 38ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-2&cid=1368058088.1680872234&jid=735954721&_u=aEDAAUABAAAAACAAI~&z=812005200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 37ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-103606589-2&cid=1368058088.1680872234&jid=735954721&_u=aEDAAUABAAAAACAAI~&z=812005200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 12:57:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_821f6.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 22ms
22ms Script
application/javascript 23.219.93.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_821f6.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.93.73 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-93-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: fe5a4
date: Fri, 07 Apr 2023 12:57:14 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023040614445743054CBD37CA9F6D57D6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-219-93-69.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01de3ac25bfc3038d5a3ac2d765d50b749296c8b501da8f251319e40b447ee611b0212660fcaa27389f4deaedd4a1ea9bb0b4cf9d37098923deacb320b02ac9eecdb08b585418d61a8ee7bb19aa6fdd7ac15021c3af13065946d22848adbf4ead9
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 30849

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
687 B 68ms
67ms Ping
text/plain 23.219.93.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.93.73 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-93-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.underweark.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1286d693.fe60a
date: Fri, 07 Apr 2023 12:57:14 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-219-93-69.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 42,23.219.93.69
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=38, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230407125714853C71FED059526C1ABC
x-cache-remote: TCP_MISS from a23-59-250-71.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.59.250.71
x-tt-trace-host: 01727f9c048f346e5634670cad583716de26cb10ab57828760df860c5be0f93114b3e2714f3752a1a4c0ffcbbb83381ec5601fc73ae780e13c0b0082442dd2bb0a22c65b8e9cb2ffc49400fec71a448d47f0df74292a7a0ba71c64b4765dce0dedd0236bf34600771ea1f8a6673df514f2
expires: Fri, 07 Apr 2023 12:57:14 GMT

GET
H3 200 1188815008409875 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 22ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1188815008409875?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

991dcfd1b2e50c10ae6abdb16a4d2785f386b86b2ad01301a2267fcc3eb89e04

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110436
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: C63Uu1B/toPqzegmqNExzmRo31Kl8Tiqij473tQXiJsjVBAq5vVz/mafbTF1i6wpc95X0++6RsOvyFY+OyGd6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=679176527157374&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872234172&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 685835109853492 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/685835109853492?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d83efa7ff42b446980ca82a443132495880602ddb82d8969f3fbf259d611a6e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110260
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: paGivWCxmDtDUUb66ZTMb/92c48/AodiiVYuzZg2Bi0c188AZFpwaS5ThUZdySOF3ulEPrRLsIXvgFp5tneJ4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1188815008409875&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872234213&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1571229833398058 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1571229833398058?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec02d727ff9bc7d713c267b7ec07f41682399ac75d2f47da1d12b8abef46fdfa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110261
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: c0vzVuHM7YehUYs4g5kCIcmWrmCvC2boKcFqMfze/Wspc8qE9H7IxUdayzei087jzuUwRxZooEmj+52FJWtn7w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=685835109853492&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872234258&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 105478522442200 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/105478522442200?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d80fb4afd90cd307c46e87f136d94620e4d31c51ed7dc93db33c2940ecacd372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Apr 2023 12:57:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110259
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6vy4u/Sq3aBAnAlvbhLNhej2eo705Ff/l0TYrdT1nla4IFacfl2PON/gjjADjU5TqtVlGYJLx2e6caS5Z+JdaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1571229833398058&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872234296&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 684449170077845 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/684449170077845?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3f183e81f79210a38450041293f270a54c28a09593189afff6c04a6af237271

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110260
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RiuNpbX2qTovpPLPock1kJ17mXcUsS+p/JIeTOVT9YPsmnU4AuLvpe5R9M9zVA4aeVnGJoavAWMR9PsrMU0x8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 23ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=105478522442200&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872234334&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=684449170077845&ev=PageView&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872234377&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 89ms
20ms Script
application/javascript 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=005a5005690ff4b80ef07b9d2e996efbcd,008bc3dff22866715329b6997ac2cf5331,0034c582a98b95833339fa383b971d1dc7
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 12:57:15 GMT
X-TraceId: df7b6c41831180989527d2700904165b
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 89ms
21ms Image
image/gif 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=02090274880561518&referrer=&cht=gtm&marketerId=005a5005690ff4b80ef07b9d2e996efbcd%2C008bc3dff22866715329b6997ac2cf5331%2C0034c582a98b95833339fa383b971d1dc7&name=PAGE_VIEW&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 12:57:15 GMT
Cache-Control: no-cache
X-TraceId: 2f9eb3c2530cab864d655d355cf87e43
Content-Length: 53
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 90ms
22ms Image
image/gif 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=02537988178225965&referrer=&marketerId=005a5005690ff4b80ef07b9d2e996efbcd%2C008bc3dff22866715329b6997ac2cf5331%2C0034c582a98b95833339fa383b971d1dc7&name=View%20Content&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: get.underweark.com
URL: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/me/new/Zekear/Shoes/view1659?&utm_campaign=campaign%3A+0407+%28642f834bc96f45001409d3c7%29&utm_medium=email&utm_source=omnisend&omnisendContactID=63de4d6415a929001c4e7295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 07 Apr 2023 12:57:15 GMT
Cache-Control: no-cache
X-TraceId: 30d706b46d0da581da830321fe6e2ff0
Content-Length: 53
Content-Type: image/gif;

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3362388593882789&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235501&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=679176527157374&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235675&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1188815008409875&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235715&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=685835109853492&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235760&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1571229833398058&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235798&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=105478522442200&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235836&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 19ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=684449170077845&ev=Microdata&dl=https%3A%2F%2Fget.underweark.com%2Fme%2Fnew%2FZekear%2FShoes%2Fview1659%3F%26utm_campaign%3Dcampaign%253A%2B0407%2B%2528642f834bc96f45001409d3c7%2529%26utm_medium%3Demail%26utm_source%3Domnisend%26omnisendContactID%3D63de4d6415a929001c4e7295&rl=&if=false&ts=1680872235879&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Be%20Careful%20of%20Tight%20Shoes!%20Millions%20Are%20Snapping%20up%20These%20Wide%20Toe%20Box%20Sneakers%EF%BC%81%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680872233996.1638254281&it=1680872233922&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.underweark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 12:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get.underweark.com/	1970-01-20 10:54:39	Name: XSRF-TOKEN Value: eyJpdiI6InFPYXREODJsQ3QwcjFrZndHOEVIVGc9PSIsInZhbHVlIjoiV0ptcU1ic1p5ZHVIMzVGdzBrZDFEN3c1amlWblpSTkFOTWs5Uno3R1FYYU90K2grdGdkT0RyNVcrTFZpeFJEUEFKcnZPZWVlaFpncUZBOFpuQUZwd0E9PSIsIm1hYyI6ImFkZmIxMjk2NWQyYmQwYWE3ZjRmYjljNDNlMGQzOTFmMTEyNDJiNTIzN2M2YzljOGVkMDYwMTlmZTQ2ZjdkMDcifQ%3D%3D
get.underweark.com/	1970-01-20 10:54:39	Name: laravel_session Value: eyJpdiI6ImdWcDVoTjVteVBxZVl0Y2VyQm83V1E9PSIsInZhbHVlIjoiV0VyYkVnNFJtWkppelhzcXB4RjhndXJXZDFsQW9MQ1lRSGZQUXVoMmR5R1FoUXJmUW9SWkpwQTExa1RTRGNHNEZHaDhVWnJ2SmRkaW9RQlRZRkxpT3c9PSIsIm1hYyI6IjcxNTI4NGRiYWExMTNhYTkzZTQwNGNlMTBlZGEyMDJiNzg0MTc2NzI1OTAxYWNiZjQ4MzExM2UxZDQ4NWZmM2EifQ%3D%3D
.underweark.com/	1970-01-20 13:04:08	Name: _gcl_au Value: 1.1.1412576649.1680872234
.underweark.com/	1970-01-20 20:30:32	Name: _ga Value: GA1.2.1368058088.1680872234
.underweark.com/	1970-01-20 10:55:58	Name: _gid Value: GA1.2.1094575.1680872234
.underweark.com/	1970-01-20 10:54:32	Name: _gat_gtag_UA_103606589_13 Value: 1
.underweark.com/	1970-01-20 10:54:32	Name: _gat_gtag_UA_158751611_2 Value: 1
.underweark.com/	1970-01-20 10:54:32	Name: _gat_gtag_UA_103606589_7 Value: 1
.underweark.com/	1970-01-20 10:54:32	Name: _gat_gtag_UA_103606589_8 Value: 1
.tiktok.com/	1970-01-20 20:16:08	Name: _ttp Value: 2O6DeaVQyzE48NFYxCtMliEibLx
.underweark.com/	1970-01-20 10:54:32	Name: _gat_gtag_UA_103606589_2 Value: 1
.underweark.com/	1970-01-20 13:04:08	Name: _fbp Value: fb.1.1680872233996.1638254281
.underweark.com/	1970-01-20 20:16:08	Name: _tt_enable_cookie Value: 1
.underweark.com/	1970-01-20 20:16:08	Name: _ttp Value: xeKzjpPcNUziTlsWlpZmyH4NXSy
get.underweark.com/	1970-01-20 10:54:32	Name: outbrain_cid_fetch Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
connect.facebook.net
d1y4tm6t3pzfj.cloudfront.net
get.underweark.com
nmg.soundestlink.com
stats.g.doubleclick.net
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
23.219.93.73
23.47.65.93
2600:9000:20ed:7e00:1a:f135:a7c0:21
2606:4700:3035::6815:14d7
2606:4700::6812:1ff3
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2003
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
64.202.112.127
03cae631d244f5dd944fbad543c5f297bee561cfcd89e7ada94edb017e5bdfc6
0c138db1d21a230313f48b05de382efbc504fe941d57f992bdd8533e81b6d500
113af6e44c1cdce0562094dbd246be8203975fe4408425d3797e367fd5ff469b
1d13618ae23b6092aacbb993641b84df3da2d8d0c91286ea1d79622b3faf4979
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
23c84a76b7c70924ce872a04c6cda18f08f5e4b7afb1a05454e1e0fb6eb76956
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f979dde1b99a98cbbd7d4040e176b20fe3b84ea0445bbfff507218c6a0f91a6
3e985bbf32dd33d9c9c659bd195dd36b7f3004441e713d0d48e6dc225f4d0a32
415a387651469a1111375f0d66ebfd399fec3377c42f30f7daad6723904dfc35
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5
5c6a68e29b36a40df0bcec65118204dc68d33a39d2b919b7a28b412ba31b5d0d
605ba7e9f2665e354649a736c35524901a5b5a2238e87298cedcd5727ee996ea
674a5a75445e8aaa3852990c8efdf97811aa4a6325420a8c60791b8d41d7ad67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f3065493de1383e59cab1cf24ae330c41fbdfd5880c967abd3c4c6a305ad36f
79c2f0e942ba037aadba248d73da8a72d626b3b7db559a2f80c8e2d9325e8ed5
7ae8cc3a26a97dac212dbd21d91c832263ab436b7dc58417edaac00a878e4f25
82335add5269929fc3c0fb260691f0316c40d35c87dceda5b6db352a78b453e9
84b0fb0efcff1c6685a952a2ce350cac267e2950859f0fe394c0d76bc0a3e47f
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
89696acb6a83d45df78fa0d802a6501d25e300838c39250113e638b81a9dff70
89cddaea647f633e274d1ac23b48cd7f797b5c2caba8ae0b2a727bb32eb5f7e2
97c1f181dc969b04f7ea79b23d980c76764b424bd176480bee0c25223082229a
991dcfd1b2e50c10ae6abdb16a4d2785f386b86b2ad01301a2267fcc3eb89e04
9c16f416aff648f464f54ceb9093a2e7d5e1b2e2970e101828b672a0a9d6814a
b6a29aadaabe90f647637560d1170b26a7b579af07dea90aef638b15e8b805ec
b7846d90c0b412fd05734f6ab820a88f5038e815032ecc1c517c5e7109a25ee5
bd0dac9fa7bbe50935b6c9f84e6c609e62e408c776a1d3831d6d718d81bc3db6
c32dc86094a13a7f13670e31d020c9716d5f707c0234a45f546501394dde847f
c3f183e81f79210a38450041293f270a54c28a09593189afff6c04a6af237271
c90a8ce5a38f7eeeefec4fd600b5fe74a970bf4a2f667eb9a97ff4d6e2218b1c
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf0fa9d32af6e8c05f58e412b1a4bacdc47774698d59ff80300f386fb867705c
d78c04018b61b681beb00d9cb54b099bdcef08cb81e2c9eec84d1ec1a8566f0e
d80fb4afd90cd307c46e87f136d94620e4d31c51ed7dc93db33c2940ecacd372
d83efa7ff42b446980ca82a443132495880602ddb82d8969f3fbf259d611a6e5
d8c5278d405a04597ef93fcaf628eb377dea71ba2e8ab27f9b3bb78a09d4d7b7
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e266b2dca89ca3e60a17eee3cd23274ef877899741038ab1fd12684537e7ec57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66835236955f7011c82074aeeff7f88ebad593d021e022415bd66f76ea85189
ec02d727ff9bc7d713c267b7ec07f41682399ac75d2f47da1d12b8abef46fdfa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9dbf039fb5bad9aecf243aac15ab8899b5306a5ae5d1a168e1086ac2aa00cb0

get.underweark.com Open in urlscan Pro 2606:4700:3035::6815:14d7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

77 %IPv6

12 Domains

13 Subdomains

12 IPs

1 Countries

5445 kBTransfer

8310 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.underweark.com Open in urlscan Pro
2606:4700:3035::6815:14d7 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

13
Subdomains

12
IPs

1
Countries

5445 kB
Transfer

8310 kB
Size

15
Cookies

78 HTTP transactions
0 data transactions