urlscan.io logo urlscan.io
SecurityTrails logo

credit.kohls.com Open in urlscan Pro
107.162.230.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.t.kohls.com/?qs=bc4f8d3da707f2e7c2502448e590df7d5c70b035b00c12c57306cd4f48b0415ff1586f6f537bd5e885f3936f769e...
Effective URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Submission: On November 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 5 countries across 43 domains to perform 82 HTTP transactions. The main IP is 107.162.230.34, located in United States and belongs to DEFENSE-NET, US. The main domain is credit.kohls.com. The Cisco Umbrella rank of the primary domain is 134059.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 14th 2022. Valid for: a year.
This is the only time credit.kohls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 68.232.203.70 22606 (EXACT-7)
6 13 107.162.230.34 55002 (DEFENSE-NET)
1 2600:9000:224... 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 104.75.88.194 16625 (AKAMAI-AS)
8 2600:9000:226... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 18 52.19.27.104 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 104.18.114.97 13335 (CLOUDFLAR...)
2 2600:9000:224... 16509 (AMAZON-02)
1 54.77.35.16 16509 (AMAZON-02)
4 13.36.218.177 16509 (AMAZON-02)
7 7 34.249.11.23 16509 (AMAZON-02)
1 54.154.180.60 16509 (AMAZON-02)
1 1 52.28.224.208 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
2 3 185.89.210.122 29990 (ASN-APPNEX)
1 67.202.105.23 32748 (STEADFAST)
7 8 172.217.18.2 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
5 10 34.253.48.159 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
1 35.186.236.204 15169 (GOOGLE)
1 1 209.197.3.19 20446 (STACKPATH...)
2 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 3.121.27.153 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 2600:1901:0:8... 15169 (GOOGLE)
2 3 23.79.154.245 16625 (AKAMAI-AS)
1 192.132.33.46 ()
2 2 99.86.4.2 16509 (AMAZON-02)
1 1 38.67.14.224 ()
1 1 52.22.210.48 ()
1 1 52.5.99.161 ()
1 1 107.22.173.254 ()
1 54.72.167.131 ()
1 52.49.181.242 ()
8 8 151.101.66.49 ()
1 69.173.144.165 ()
1 2 185.80.39.216 ()
1 34.98.64.218 ()
1 185.64.190.80 ()
1 2 185.94.180.125 ()
1 2a03:2880:f12... ()
1 2 3.230.248.213 ()
1 1 141.94.170.77 ()
82 36
1    68.232.203.70 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s6.exacttarget.com
click.t.kohls.com
13    107.162.230.34 (United States)

ASN55002 (DEFENSE-NET, US)
credit.kohls.com
1    2600:9000:224a:1200:1b:64b0:3080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.firstdata.com
3    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
8    2600:9000:2261:200:0:ed0d:63c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3ksttzjeov72n.cloudfront.net
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
17de4c13.akstat.io
18    52.19.27.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    104.18.114.97 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
2    2600:9000:224a:7e00:19:6e5a:51c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1kjcdrfrq03t3.cloudfront.net
1    54.77.35.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-16.eu-west-1.compute.amazonaws.com
fiservsolutions-1.demdex.net
4    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
cashedge.d1.sc.omtrdc.net
ww8.kohls.com
7    34.249.11.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-11-23.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    54.154.180.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-180-60.eu-west-1.compute.amazonaws.com
kohls.demdex.net
1    52.28.224.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-224-208.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
dp2.33across.com
8    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
2    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
navdmp.com
cdn.navdmp.com
1    2606:4700:4400::6812:25fe (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
10    34.253.48.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-48-159.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com
mpp.vindicosuite.com
1    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
3    23.79.154.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-154-245.deploy.static.akamaitechnologies.com
px.owneriq.net
1    192.132.33.46 (None, )

ASN- ()
bttrack.com
2    99.86.4.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-2.fra6.r.cloudfront.net
ads.scorecardresearch.com
1    38.67.14.224 (None, )

ASN- ()
abp.mxptint.net
1    52.22.210.48 (None, )

ASN- ()
aorta.clickagy.com
1    52.5.99.161 (None, )

ASN- ()
sync.ipredictive.com
1    107.22.173.254 (None, )

ASN- ()
usermatch.krxd.net
1    54.72.167.131 (None, )

ASN- ()
beacon.krxd.net
1    52.49.181.242 (None, )

ASN- ()
sync.crwdcntrl.net
8    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
2    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
1    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
1    185.64.190.80 (None, )

ASN- ()
image2.pubmatic.com
2    185.94.180.125 (None, )

ASN- ()
sync.search.spotxchange.com
1    2a03:2880:f12d:83:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
2    3.230.248.213 (None, )

ASN- ()
mid.rkdms.com
1    141.94.170.77 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
25 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1007
pixel.everesttech.net — Cisco Umbrella Rank: 4212
sync-tm.everesttech.net
9 KB
20 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
fiservsolutions-1.demdex.net — Cisco Umbrella Rank: 77437
kohls.demdex.net — Cisco Umbrella Rank: 11841
25 KB
16 kohls.com
click.t.kohls.com — Cisco Umbrella Rank: 50881
credit.kohls.com — Cisco Umbrella Rank: 134059
ww8.kohls.com — Cisco Umbrella Rank: 22051
315 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
157 KB
10 cloudfront.net
d3ksttzjeov72n.cloudfront.net
d1kjcdrfrq03t3.cloudfront.net
523 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 944
85 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 913
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
3 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 492
65 KB
2 rkdms.com
mid.rkdms.com
71 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com
1 KB
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
529 B
2 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 2380
601 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 390
758 B
2 navdmp.com
navdmp.com — Cisco Umbrella Rank: 4524
cdn.navdmp.com — Cisco Umbrella Rank: 5989
230 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321
107 B
2 omtrdc.net
cashedge.d1.sc.omtrdc.net — Cisco Umbrella Rank: 49307
468 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1270
c.go-mpulse.net — Cisco Umbrella Rank: 611
51 KB
1 onaudience.com
pixel.onaudience.com
248 B
1 facebook.com
www.facebook.com
545 B
1 pubmatic.com
image2.pubmatic.com
449 B
1 openx.net
us-u.openx.net
273 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 ipredictive.com
sync.ipredictive.com
464 B
1 clickagy.com
aorta.clickagy.com
431 B
1 mxptint.net
abp.mxptint.net
675 B
1 bttrack.com
bttrack.com
263 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2443
322 B
1 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 835
678 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 926
418 B
1 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 746
552 B
1 vindicosuite.com
mpp.vindicosuite.com — Cisco Umbrella Rank: 5170
24 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
265 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 528
394 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1653
205 B
1 33across.com
dp2.33across.com — Cisco Umbrella Rank: 9063
68 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
478 B
1 akstat.io
17de4c13.akstat.io — Cisco Umbrella Rank: 12218
202 B
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 11992
397 B
1 firstdata.com
cdn.firstdata.com — Cisco Umbrella Rank: 95524
49 KB
0 netmng.com Failed
adb2waycm-atl.netmng.com Failed
82 43
Domain Requested by
18 dpm.demdex.net 1 redirects s.go-mpulse.net
13 credit.kohls.com 6 redirects credit.kohls.com
s.go-mpulse.net
10 pixel.everesttech.net 5 redirects
8 sync-tm.everesttech.net 8 redirects
8 cm.g.doubleclick.net 7 redirects
8 d3ksttzjeov72n.cloudfront.net credit.kohls.com
d3ksttzjeov72n.cloudfront.net
7 cm.everesttech.net 7 redirects
4 tags.tiqcdn.com credit.kohls.com
tags.tiqcdn.com
3 px.owneriq.net 2 redirects
3 ib.adnxs.com 2 redirects
3 securepubads.g.doubleclick.net credit.kohls.com
securepubads.g.doubleclick.net
3 assets.adobedtm.com credit.kohls.com
assets.adobedtm.com
2 mid.rkdms.com 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ads.scorecardresearch.com 2 redirects
2 gum.criteo.com 2 redirects
2 idsync.rlcdn.com
2 ww8.kohls.com s.go-mpulse.net
assets.adobedtm.com
2 cashedge.d1.sc.omtrdc.net s.go-mpulse.net
2 d1kjcdrfrq03t3.cloudfront.net credit.kohls.com
1 pixel.onaudience.com 1 redirects
1 www.facebook.com
1 image2.pubmatic.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 sync.crwdcntrl.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 sync.ipredictive.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 abp.mxptint.net 1 redirects
1 bttrack.com
1 fei.pro-market.net 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 ps.eyeota.net 1 redirects
1 servedby.flashtalking.com 1 redirects
1 mpp.vindicosuite.com
1 match.adsrvr.org
1 analytics.twitter.com
1 idpix.media6degrees.com
1 cdn.navdmp.com
1 navdmp.com 1 redirects
1 dp2.33across.com
1 aa.agkn.com 1 redirects
1 17de4c13.akstat.io s.go-mpulse.net
1 kohls.demdex.net assets.adobedtm.com
1 fiservsolutions-1.demdex.net tags.tiqcdn.com
1 ipv4.icanhazip.com s.go-mpulse.net
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net credit.kohls.com
1 cdn.firstdata.com credit.kohls.com
1 click.t.kohls.com 1 redirects
0 adb2waycm-atl.netmng.com Failed
82 54

This site contains links to these domains. Also see Links.

Domain
www.kohls.com
apply.kohls.com
Subject Issuer Validity Valid
credit.kohls.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-07-14 -
2023-07-14		 a year crt.sh
cdn.firstdata.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-23		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.d1.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
ww8.kohls.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-23 -
2023-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-05 -
2023-04-28		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
mpp.vindicosuite.com
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh

This page contains 4 frames:

Primary Page: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Frame ID: 830F54ECBD8724668C6A830CBE7AB513
Requests: 38 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Frame ID: 0B5263C4E0E8414757CA350C90DEF49A
Requests: 2 HTTP requests in this frame

Frame: https://fiservsolutions-1.demdex.net/dest5.html?d_nsid=0
Frame ID: C8D96557F0CF591D4EE4382EFE5A2B19
Requests: 1 HTTP requests in this frame

Frame: https://kohls.demdex.net/dest5.html?d_nsid=0
Frame ID: 8006DE3D802041FB548F3501DCF18BCD
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eCustomer Service

Page URL History Show full URLs

  1. http://click.t.kohls.com/?qs=bc4f8d3da707f2e7c2502448e590df7d5c70b035b00c12c57306cd4f48b0415ff1586f6f... HTTP 302
    https://credit.kohls.com/eCustService/?om_mid=_Account_Update_Show_Value&om_etid=539077980&utm_source... HTTP 301
    https://credit.kohls.com/ HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

82
Requests

57 %
HTTPS

24 %
IPv6

43
Domains

54
Subdomains

36
IPs

5
Countries

1273 kB
Transfer

3747 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.t.kohls.com/?qs=bc4f8d3da707f2e7c2502448e590df7d5c70b035b00c12c57306cd4f48b0415ff1586f6f537bd5e885f3936f769e00bafc25332340c70ab6 HTTP 302
    https://credit.kohls.com/eCustService/?om_mid=_Account_Update_Show_Value&om_etid=539077980&utm_source=TRA&utm_medium=ET&utm_term=539077980&utm_content=852099&utm_campaign=_Account_Update_Show_Value&mi_u=539077980 HTTP 301
    https://credit.kohls.com/ HTTP 303
    https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
    https://credit.kohls.com/ecs/auth/?cid=AAAA4151001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668293185038 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668293185038
Request Chain 24
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif HTTP 301
  • https://credit.kohls.com/ HTTP 303
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001 HTTP 301
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Request Chain 34
  • https://cm.everesttech.net/cm/dd?d_uuid=70544871538192741552399540770076364816 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ
Request Chain 37
  • https://cm.everesttech.net/cm/dd?d_uuid=67902917441178352962285269079853058672 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ&d_uuid=67902917441178352962285269079853058672
Request Chain 40
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=67902917441178352962285269079853058672 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=216863104333003647361
Request Chain 42
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3344689410031540966
Request Chain 46
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Njc5MDI5MTc0NDExNzgzNTI5NjIyODUyNjkwNzk4NTMwNTg2NzI= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Njc5MDI5MTc0NDExNzgzNTI5NjIyODUyNjkwNzk4NTMwNTg2NzI=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHS7bJq3wdzb-78TtIXfGkc&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 47
  • https://navdmp.com/req?adID=67902917441178352962285269079853058672 HTTP 301
  • https://cdn.navdmp.com/req?adID=67902917441178352962285269079853058672
Request Chain 50
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEI-txNA9dNypOTOXGZesw8Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 51
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEI-txNA9dNypOTOXGZesw8Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 52
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEI-txNA9dNypOTOXGZesw8Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 53
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEI-txNA9dNypOTOXGZesw8Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 54
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEI-txNA9dNypOTOXGZesw8Y&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 57
  • https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54295AFD8E80CD&gdpr=0&gdpr_consent=
Request Chain 59
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LDNcVqshqWorJZujpctFxWEbsJwdCh48&gdpr=0&gdpr_consent=
Request Chain 60
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=67902917441178352962285269079853058672&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 61
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=67902917441178352962285269079853058672&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-O0bBZXhE2pFVKVJ99QToJKidVCr_wjtpdIE-~A
Request Chain 62
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=67902917441178352962285269079853058672 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=6079302958092995623
Request Chain 63
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7215795901437965409&uid=Q7215795901437965409&ref=%2Feucm%2Fp%2Fadpq HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 65
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=67902917441178352962285269079853058672&rn=1668293186339&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D67902917441178352962285269079853058672 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=67902917441178352962285269079853058672&rn=1668293186339&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D67902917441178352962285269079853058672 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=67902917441178352962285269079853058672
Request Chain 66
  • https://abp.mxptint.net/sn.ashx HTTP 302
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_F9419C1C_70920DBF&redir=https://abp.mxptint.net/sn.ashx?ak=1
Request Chain 67
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=67902917441178352962285269079853058672&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29ac93c99c7595fe2cbe5e533eef8bbe
Request Chain 68
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=2340&dpuuid=448e7074-2762-4b43-b692-677d9d732266
Request Chain 69
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=67902917441178352962285269079853058672 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=67902917441178352962285269079853058672
Request Chain 71
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNBaVFnQUFBRzR0Z0FPSg==
Request Chain 72
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3AiQgAAAG4tgAOJ&expires=90
Request Chain 73
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3AiQgAAAG4tgAOJ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3AiQgAAAG4tgAOJ&C=1
Request Chain 74
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y3AiQgAAAG4tgAOJ
Request Chain 75
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3AiQgAAAG4tgAOJ
Request Chain 76
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3AiQgAAAG4tgAOJ
Request Chain 77
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3AiQgAAAG4tgAOJ&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3AiQgAAAG4tgAOJ&img=1&__user_check__=1&sync_id=da2c7447-62db-11ed-80b7-10b91cd50206
Request Chain 78
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3AiQgAAAG4tgAOJ&t=2592000&o=0
Request Chain 79
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=67902917441178352962285269079853058672&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 80
  • https://pixel.onaudience.com/?partner=130&mapped=67902917441178352962285269079853058672&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
credit.kohls.com/ecs/auth/
Redirect Chain
  • http://click.t.kohls.com/?qs=bc4f8d3da707f2e7c2502448e590df7d5c70b035b00c12c57306cd4f48b0415ff1586f6f537bd5e885f3936f769e00bafc25332340c70ab6
  • https://credit.kohls.com/eCustService/?om_mid=_Account_Update_Show_Value&om_etid=539077980&utm_source=TRA&utm_medium=ET&utm_term=539077980&utm_content=852099&utm_campaign=_Account_Update_Show_Value...
  • https://credit.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
878f9fa2e13d06f0721015ce915eabadd70d347bae541cb559d4163efb8317dc
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MWFkNjBlNDUtOWU1OC00MDY2LTg4NjYtOWRkMDRkOWQ0Zjlh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MWFkNjBlNDUtOWU1OC00MDY2LTg4NjYtOWRkMDRkOWQ0Zjlh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Sat, 12 Nov 2022 22:46:23 GMT
ETag
W/"f0a-Sf+Qn4i0r4eEvz52wrSUuyds1Og"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 fra1-bit12024
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
215
Content-Security-Policy
default-src 'none'
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Nov 2022 22:46:23 GMT
Location
/ecs/auth/?cid=AAAA4151001
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
Vary
Accept-Encoding
Via
1.1 fra1-bit12024
X-Content-Type-Options
nosniff nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1; mode=block
expires
-1d
1.61751cfc4f2cd4c09890.css
credit.kohls.com/ecs/auth/ 		156 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/1.61751cfc4f2cd4c09890.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-OWU4OTZhMDMtNWRiZC00NGM2LWIxNzItYTUzYzk1NmY5YjJj'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-OWU4OTZhMDMtNWRiZC00NGM2LWIxNzItYTUzYzk1NmY5YjJj'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Date
Sat, 12 Nov 2022 22:46:24 GMT
Via
1.1 fra1-bit12024
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 04:37:10 GMT
ETag
W/"27007-183f3ae4cf0"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
expires
-1d
main.61751cfc4f2cd4c09890.css
credit.kohls.com/ecs/auth/ 		818 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
5dc8c16ae1b739482d01922a747406d2a209e8ae81f5e4278e2c2650c88e1f4a
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZGQ4NmE2NjAtN2MxZS00OWE5LTgzNTEtZDAzOTQ1ODM2MTg5'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZGQ4NmE2NjAtN2MxZS00OWE5LTgzNTEtZDAzOTQ1ODM2MTg5'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Date
Sat, 12 Nov 2022 22:46:24 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Via
1.1 fra1-bit1004
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
818
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 04:37:10 GMT
ETag
W/"332-183f3ae4cf0"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
expires
-1d
fontawesome-all.min.css
cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/ 		49 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.firstdata.com/global/stylesheets/vendor/fontawesome-pro-5.0.12/css/fontawesome-all.min.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:1200:1b:64b0:3080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
z0BouNAw_Ue0nfki3a47GipUh4LG9Ovr
date
Sat, 12 Nov 2022 04:34:12 GMT
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified
Thu, 30 Apr 2020 21:40:09 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
65532
x-amz-server-side-encryption
AES256
etag
"fa458861897529425cdf08dffe6146a4"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
49945
x-amz-cf-id
AXWe-Vugn0PEc1Q993X6IPT3lORkLDcUH7Vnmq7uMk30KM40I8_DVg==
launch-368ee32ad013.min.js
assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/ 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f9e5db2d0dd841b403c591b80839f11fce95b7a395d8f17ff60fe8c7a9a1e3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:24 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 19:31:19 GMT
server
AkamaiNetStorage
etag
"e1d1caa4e6875af89d97c9e38c650be6:1588620679.97007"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://credit.kohls.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43291
expires
Sat, 12 Nov 2022 23:46:24 GMT
utag.js
tags.tiqcdn.com/utag/fiserv/ecs/prod/ 		190 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
34a13102936e59edbebcffd52dd7a5f56027208abe9f526bc978622602dda678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:25 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 07:28:00 GMT
server
AkamaiNetStorage
etag
"7e7dcad057bae87e8909963cf3749123:1663054080.627598"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Sat, 12 Nov 2022 22:51:25 GMT
published_main_13.css
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/ 		1 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/templates/cfi/published_main_13.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
qBmca3nvlJBew.nyV4JoTL4LZHwO7Bp_
content-encoding
gzip
via
1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
date
Sat, 12 Nov 2022 02:37:38 GMT
last-modified
Fri, 30 Jul 2021 14:03:53 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
72527
x-amz-server-side-encryption
AES256
x-amz-meta-x-amz-meta-title
/ecs/banks/AAAA4151001/templates/cfi/saved_main.css
vary
Accept-Encoding
etag
W/"3427d8d110efae5852b0b0560554321e"
content-type
text/css
x-cache
Hit from cloudfront
x-amz-cf-id
3v_c7eXLy6BpEP4V6IgYwNAly2vrbAlRJraVuHBDcYf-V_HGYD0AWQ==
auth_styles.1.0.css
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/ 		949 KB
151 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd53fb3dca94672551a3853e0724accb63486af504d431674b0d0846f990ee6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
raVOGaM7WlzylvBPyAomvAWa1p3mfj8a
content-encoding
gzip
via
1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
date
Sat, 12 Nov 2022 09:59:17 GMT
last-modified
Thu, 11 Aug 2022 04:30:29 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
46028
x-amz-server-side-encryption
AES256
etag
W/"a9b55e0911d6ced41a7101c16dfd27b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
-KJ2rAk8FI0y_nX4Hj5Vscfm3OaJRWVmUBAl9WoJ37er6lor87OFXg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2129ccd6aca391fa9315ee075c416a0f5d99c86c917cd750d9e8fb0c86aac5f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27297
x-xss-protection
0
server
sffe
etag
"1391 / 322 of 1000 / last-modified: 1668207947"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 12 Nov 2022 22:46:24 GMT
vendors~main.61751cfc4f2cd4c09890.js
credit.kohls.com/ecs/auth/ 		700 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/vendors~main.61751cfc4f2cd4c09890.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
e340a56dd0f761773f43c37d410127ec7c8f848bc0c6b48644d5a9eceaf024fe
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ODVjNGExN2ItNmFjNS00NDFkLWI1Y2ItZGZkMGYyODdmNDBk'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ODVjNGExN2ItNmFjNS00NDFkLWI1Y2ItZGZkMGYyODdmNDBk'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Date
Sat, 12 Nov 2022 22:46:24 GMT
Via
1.1 fra1-bit7006
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 04:37:10 GMT
ETag
W/"af1c2-183f3ae4cf0"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
expires
-1d
main.61751cfc4f2cd4c09890.js
credit.kohls.com/ecs/auth/ 		242 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
cecd77b0f4875d4da09911d54df7f149541ffcd47251c63644b225f292ec4cc0
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZDNmODVmY2YtMmE5YS00ODc1LWFmYzEtMTk5MTIwMGVjZWIx'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZDNmODVmY2YtMmE5YS00ODc1LWFmYzEtMTk5MTIwMGVjZWIx'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Date
Sat, 12 Nov 2022 22:46:24 GMT
Via
1.1 fra1-bit1004
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 04:37:10 GMT
ETag
W/"3c76b-183f3ae4cf0"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=2592000, no-cache, no-store, must-revalidate
Accept-Ranges
bytes
expires
-1d
3H6HN-HCW87-4HZF3-YWYL6-C7HHH
s.go-mpulse.net/boomerang/ Frame 0B52 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:24 GMT
content-encoding
br
last-modified
Sat, 15 Oct 2022 12:35:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
pubads_impl_2022110801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131898
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:38:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 12 Nov 2023 17:41:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		111 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=credit.kohls.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c564d9af61d586aa7d64508fc57900fab2da77572ea13782ca213d8617b86ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77
x-xss-protection
0
expires
Sat, 12 Nov 2022 22:46:25 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668293185038
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668293185038
8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668293185038
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8be9f60521f06d94b705fafc77acf783ce33659f3a94b43c72369c80f200001c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
rAx3gUGjQiI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://credit.kohls.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2335
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-078626053.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
CVro353PT6I=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://credit.kohls.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&d_nsid=0&ts=1668293185038
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 22:29:22 GMT
server
AkamaiNetStorage
etag
"42fa244f36955eedb3cd8ade6f492bf6:1583879362.816163"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://credit.kohls.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
13342
expires
Sat, 12 Nov 2022 23:46:25 GMT
config.json
c.go-mpulse.net/api/ Frame 0B52 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=3H6HN-HCW87-4HZF3-YWYL6-C7HHH&d=credit.kohls.com&t=5560977&v=1.720.0&if=&sl=0&si=3d6ad364-c4e0-41d2-a763-88040b03eee4-rl9b9a&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
57918de891e723a07170c50f73ee94388b058c4244f5934edcda4333d4e6804a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1046
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7037e102057d591d9adf205fef096b6bc5f05927a92abfba941bf501fb206500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 22:29:23 GMT
server
AkamaiNetStorage
etag
"ded8555987db3b546f5ba6ed52f81b8d:1583879363.172979"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://credit.kohls.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Sat, 12 Nov 2022 23:46:25 GMT
/
ipv4.icanhazip.com/ 		14 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.114.97 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc148910f3fa6566f79c5afec49464eab688a660f85381b31c9be34c014ee26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
7692cdb93c649279-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14
OpenSans-Regular.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Regular.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2

Request headers

Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
bhMbwpUWcqLtDOgd1mfKPZUQKvETAjyX
date
Sat, 12 Nov 2022 03:47:07 GMT
via
1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
68358
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
96428
last-modified
Thu, 11 Aug 2022 04:32:04 GMT
server
AmazonS3
etag
"5a798cdadc7cd321e3f72425b70bface"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
HsQKxkPzBRWyX7QmMofBT96b6oGTjLzz6kTbB_xjPUcW-Lvcn0svBg==
OL_ENGINE.js
d1kjcdrfrq03t3.cloudfront.net/assets/scripts/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1kjcdrfrq03t3.cloudfront.net/assets/scripts/OL_ENGINE.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7e00:19:6e5a:51c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
3P5UUTQvBHcTXaruvb_UuBQ17gboRg_h
content-encoding
gzip
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
date
Sat, 12 Nov 2022 07:57:38 GMT
last-modified
Mon, 10 May 2021 18:03:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
53328
x-amz-server-side-encryption
AES256
etag
W/"baabad5b06edc9b1df65a8f29d3ffe5d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
TnDtT8kaYHigRU8a_a-CTE8OeftSyKAiY2T8d_YCT4KW3DwJihgRgw==
OL_CONF_INLINE.js
d1kjcdrfrq03t3.cloudfront.net/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1kjcdrfrq03t3.cloudfront.net/assets/scripts/OL_CONF_INLINE.js
Requested by
Host: credit.kohls.com
URL: https://credit.kohls.com/ecs/auth/main.61751cfc4f2cd4c09890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7e00:19:6e5a:51c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
16R1R8rMuOYb5UxG2uciwcbcujn4nryb
content-encoding
gzip
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
date
Sat, 12 Nov 2022 07:57:38 GMT
last-modified
Mon, 10 May 2021 18:03:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
53328
x-amz-server-side-encryption
AES256
etag
W/"530d4cdedab8e19176884727de612674"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
8Z7EKxaY_0XgPeBP9AVxFy4zf0JBTp5dsJAQl0z_9bi43W-vyLg3cg==
utag.16.js
tags.tiqcdn.com/utag/fiserv/ecs/prod/ 		399 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.16.js?utv=ut4.47.202107121809
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
51e53f49d8f809b76a75e0eaf09716b8b6e818034335c528ef681f1d7bc2a9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 12 Nov 2022 22:46:25 GMT
last-modified
Mon, 12 Jul 2021 18:10:04 GMT
server
AkamaiNetStorage
etag
"a259b5013fc85601aed47f5956645dd9:1626113404.691193"
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
399
expires
Sun, 27 Nov 2022 22:46:25 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=fiserv/ecs/202209130727&cb=1668293185488
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Sat, 12 Nov 2022 22:46:25 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sat, 12 Nov 2022 22:56:25 GMT
AAAA4151001
credit.kohls.com/ecs/auth/api/config/ 		92 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://credit.kohls.com/ecs/auth/api/config/AAAA4151001?language=en_US
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
03b9b73c368ed8983490a9c2c54acb1a65c785f99d8a4e2807f0d16ad0cefe96
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-OWY0ZGMwNjctYzI1Ni00MDFjLThjNjMtMGZlZTI3ODBmMmNh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

preferredLanguage
EN
Accept
application/json, text/plain, */*
activityDateTime
2022-11-12T22:46:25+00:00
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
accept-language
de-DE,de;q=0.9
ipAddress
84.19.175.183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-OWY0ZGMwNjctYzI1Ni00MDFjLThjNjMtMGZlZTI3ODBmMmNh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Date
Sat, 12 Nov 2022 22:46:25 GMT
Via
1.1 fra1-bit7006
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"16e3a-/iFL55uYDPcvwb221L1XQyGwMWs"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, no-store, must-revalidate
expires
-1d
/
credit.kohls.com/ecs/auth/
Redirect Chain
  • https://credit.kohls.com/eCustService/onlineopinionV5/oo_tab_icon_retina.gif
  • https://credit.kohls.com/
  • https://credit.kohls.com/ecs/auth?cid=AAAA4151001
  • https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
Protocol
HTTP/1.1
Server
107.162.230.34 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZjdkMmJmZGEtZThmNC00NGE5LWIxM2EtNDYxMTk1NDQ4MmJh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/ecs/auth/?cid=AAAA4151001
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
script-src 'strict-dynamic' 'unsafe-eval' 'nonce-ZjdkMmJmZGEtZThmNC00NGE5LWIxM2EtNDYxMTk1NDQ4MmJh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Date
Sat, 12 Nov 2022 22:46:26 GMT
Via
1.1 fra1-bit1004
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
X-DNS-Prefetch-Control
off
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"f0a-yamnrLSqKoZzU0oJaOjIWmKxHCg"
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d

Redirect headers

Content-Security-Policy
default-src 'none'
Date
Sat, 12 Nov 2022 22:46:26 GMT
X-Content-Type-Options
nosniff, nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains;
Via
1.1 fra1-bit1004
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
215
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
/ecs/auth/?cid=AAAA4151001
Cache-Control
no-cache, no-store, must-revalidate
expires
-1d
OpenSans-SemiBold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-SemiBold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104

Request headers

Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 02:51:05 GMT
x-amz-version-id
EVuKfqftIUSq8D4VCw1jTX1jQKm5r5_K
via
1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
71721
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
100256
last-modified
Thu, 11 Aug 2022 04:32:08 GMT
server
AmazonS3
etag
"096d8c73bb18e4328284f25138b47ac6"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
pV_PsKK31tjZ33dBMUHTH1E0nuUqosubIfnvHxULWNIT9WKaVzRpMQ==
OpenSans-Bold.ttf
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/ 		101 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/fonts/OpenSans-Bold.ttf
Requested by
Host: d3ksttzjeov72n.cloudfront.net
URL: https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199

Request headers

Referer
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/auth_styles.1.0.css
Origin
https://credit.kohls.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 10:45:41 GMT
x-amz-version-id
nUKUekj8ArdJHhoBL0vGfyN1uodHat23
via
1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P4
age
43245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
103616
last-modified
Thu, 11 Aug 2022 04:31:43 GMT
server
AmazonS3
etag
"0062c34665a3fc0f2278cd4e955702ec"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://credit.kohls.com
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
NBMiSph1kgEAFxPdqLyygxPkcOAuYc60W4zsuei0nZ_0efBy7F4VPw==
id
dpm.demdex.net/ 		376 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=88C5E33B558DAFB57F000101%40AdobeOrg&d_nsid=0&ts=1668293185736
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8a51c8ff495fc25bfdd773f3626a923e4bb50dd838f4dd6e67c7badc78d2e85c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v045-078626053.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
B4Ul2F3GTkA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://credit.kohls.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
316
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.19.js
tags.tiqcdn.com/utag/fiserv/ecs/prod/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.19.js?utv=ut4.47.202209130727
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd0cbf1efb2b3e31c78463c4fbe7bdde2e5e62f2a5a7220babd0496e51fe40fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:25 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 07:28:02 GMT
server
AkamaiNetStorage
etag
"deb5410dec7fb64d785e34c5ea941fdd:1663054082.18721"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
21776
expires
Sun, 27 Nov 2022 22:46:25 GMT
LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Marketing_Image_2021-01-27T12:06:50.899Z.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
OoGFlH5pOQnYl1Y8oka0OwHtpKMYun4T
date
Sat, 12 Nov 2022 03:58:08 GMT
via
1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:51 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
67698
x-amz-server-side-encryption
AES256
etag
"d3ef2a1238f2c7a80fe17f03f277aacb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54955
x-amz-cf-id
utaIATaYaAglRTEEVhQx_od8VBsRIh1Lj9pv6uZpZcTMJmGwKSeT2w==
not-visible.svg
d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/ 		992 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/templates/cfi/assets/images/not-visible.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
tQeT04l3xpkhZn0F0CCDj1tkPm_onaXR
date
Sat, 12 Nov 2022 04:43:14 GMT
via
1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
last-modified
Thu, 11 Aug 2022 04:37:06 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
64992
x-amz-server-side-encryption
AES256
etag
"6fce3ff9699a8ccf4c184be7b2ae8e9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
992
x-amz-cf-id
gmOGjY95SV6VTo4A52HJndKpXpH9Je9DOUMYXkhzOMGZP1MGlOH0eA==
LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ksttzjeov72n.cloudfront.net/ecs/banks/AAAA4151001/images/LandingPage_Logo_Image_2020-12-01T20:33:03.919Z.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:200:0:ed0d:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 10:45:41 GMT
x-amz-version-id
NhqLAlKuOQnJQapzoCD0jNza90AjFrK6
via
1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 04:57:53 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
43245
etag
"05406680debd225230e676efede11868"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
6032
x-amz-cf-id
fpwa-67eK0u8xe7b7PazqSCNVAVIxx2C4d9JsZmPsnUrYDCwLs3-PQ==
dest5.html
fiservsolutions-1.demdex.net/ Frame C8D9 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fiservsolutions-1.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/fiserv/ecs/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://credit.kohls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v045-0826e4ce6.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Ac2ojhsdT84=
content-encoding
gzip
date
Sat, 12 Nov 2022 22:46:26 GMT
last-modified
Fri, 28 Oct 2022 11:02:57 GMT
vary
accept-encoding
id
cashedge.d1.sc.omtrdc.net/ 		2 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cashedge.d1.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=88C5E33B558DAFB57F000101%40AdobeOrg&mid=70549897260002238012396522944513330562&ts=1668293186282
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Nov 2022 22:46:27 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://credit.kohls.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=70544871538192741552399540770076364816
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v052-0f73f706c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
B/g7DsPXTzw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ
Date
Sat, 12 Nov 2022 22:46:26 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
dest5.html
kohls.demdex.net/ Frame 8006 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kohls.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6d2e783bbfe3/6ae90c745b0a/launch-368ee32ad013.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.180.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-180-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://credit.kohls.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LbgRiOt1T74=
content-encoding
gzip
date
Sat, 12 Nov 2022 22:46:27 GMT
last-modified
Fri, 28 Oct 2022 11:02:58 GMT
vary
accept-encoding
id
ww8.kohls.com/ 		48 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww8.kohls.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&mid=62744695687943165521629874907875754840&ts=1668293186624
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
0b87812751426604493d4aaf0a0b24100738e39a58682f7da9ad383493d8c02b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 12 Nov 2022 22:46:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://credit.kohls.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ&d_uuid=67902917441178352962285269079853058672
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=67902917441178352962285269079853058672
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ&d_uuid=67902917441178352962285269079853058672
0
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ&d_uuid=67902917441178352962285269079853058672
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0687cfe76.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
MuGJoyOqQPQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3AiQgAAAG4tgAOJ&d_uuid=67902917441178352962285269079853058672
Date
Sat, 12 Nov 2022 22:46:26 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s19344671930503
cashedge.d1.sc.omtrdc.net/b/ss/ceecsprod/1/JS-2.21.0/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashedge.d1.sc.omtrdc.net/b/ss/ceecsprod/1/JS-2.21.0/s19344671930503?AQB=1&ndh=1&pf=1&t=12%2F10%2F2022%2022%3A46%3A27%206%200&sdid=3BCC5DCB6E36DC3A-79534315C9044291&mid=70549897260002238012396522944513330562&aamlh=6&ce=UTF-8&ns=cashedge&pageName=Login&g=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&cc=USD&v0=AAAA4151001&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Login&v1=Login&c2=5%3A46%20PM%7CSaturday&v2=5%3A46%20PM%7CSaturday&v3=New&c4=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&v4=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&v5=fiserv.ecs&v6=b5060cc21bbd852437346f09f143b72d59e4cc77cf2980a38d6a2429502987aa&v7=70549897260002238012396522944513330562&v44=AAAA4151001&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=88C5E33B558DAFB57F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 13 Nov 2022 22:46:27 GMT
server
jag
etag
3582632340760756224-4619635445553341705
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 11 Nov 2022 22:46:27 GMT
/
17de4c13.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://17de4c13.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/3H6HN-HCW87-4HZF3-YWYL6-C7HHH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://credit.kohls.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:27 GMT
content-type
image/gif
access-control-allow-origin
https://credit.kohls.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sat, 12 Nov 2022 22:46:27 GMT
ibs:dpid=21&dpuuid=216863104333003647361
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=67902917441178352962285269079853058672
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=216863104333003647361
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=216863104333003647361
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hvTM+ze/SWw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:27 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=216863104333003647361
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
365868.gif
idsync.rlcdn.com/ Frame 8006 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=67902917441178352962285269079853058672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ibs:dpid=358&dpuuid=3344689410031540966
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3344689410031540966
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3344689410031540966
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0f14bb97f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
SJBrlzgHRLQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Sat, 12 Nov 2022 22:46:28 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a4130346-cd32-448c-8bf8-c2837b741562
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3344689410031540966
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
365868.gif
idsync.rlcdn.com/ Frame 8006 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=67902917441178352962285269079853058672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dp2.33across.com/ps/ Frame 8006 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dp2.33across.com/ps/?pid=897&random=851313965
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-33x-status
208
date
Sat, 12 Nov 2022 22:46:28 GMT
server
33XP020
/
adb2waycm-atl.netmng.com/cm/ Frame 8006 		0
0
ibs:dpid=771&dpuuid=CAESEHS7bJq3wdzb-78TtIXfGkc&google_cver=1
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Njc5MDI5MTc0NDExNzgzNTI5NjIyODUyNjkwNzk4NTMwNTg2NzI=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Njc5MDI5MTc0NDExNzgzNTI5NjIyODUyNjkwNzk4NTMwNTg2NzI=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHS7bJq3wdzb-78TtIXfGkc&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHS7bJq3wdzb-78TtIXfGkc&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-078a58cff.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5rGyM24USvI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHS7bJq3wdzb-78TtIXfGkc&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ Frame 8006
Redirect Chain
  • https://navdmp.com/req?adID=67902917441178352962285269079853058672
  • https://cdn.navdmp.com/req?adID=67902917441178352962285269079853058672
6 B
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.navdmp.com/req?adID=67902917441178352962285269079853058672
Protocol
H2
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7692cdcf7fa45c38-FRA
content-length
6
content-type
application/x-javascript

Redirect headers

location
https://cdn.navdmp.com/req?adID=67902917441178352962285269079853058672
date
Sat, 12 Nov 2022 22:46:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7692cdcc6ad65c38-FRA
content-type
text/html
hbpix
idpix.media6degrees.com/orbserv/ Frame 8006 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=67902917441178352962285269079853058672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:4400::6812:25fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:28 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 08 Sep 2017 18:54:25 GMT
server
cloudflare
etag
"59b2e761-2b"
content-type
image/gif
accept-ranges
bytes
cf-ray
7692cdcd0c9e92ba-FRA
content-length
43
adsct
analytics.twitter.com/i/ Frame 8006 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=67902917441178352962285269079853058672&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time
104
date
Sat, 12 Nov 2022 22:46:28 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
b402ba6354682c28
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
5548d6c35c6cc241e8fd5fe3e16ab620986312afa516b02e318b6625c4cbef2c
content-length
43
1x1
pixel.everesttech.net/ Frame 8006
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEI-txNA9dNypOTOXGZesw8Y&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
34.253.48.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-48-159.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:29 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Sat, 12 Nov 2022 22:46:28 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 8006
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEI...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
34.253.48.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-48-159.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:29 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Sat, 12 Nov 2022 22:46:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 8006
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
34.253.48.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-48-159.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:29 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b516-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Sat, 12 Nov 2022 22:46:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 8006
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
34.253.48.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-48-159.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:29 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b516-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Sat, 12 Nov 2022 22:46:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 8006
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTNBaVFnQUFBRzR0Z0FPSg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
34.253.48.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-48-159.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:29 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Sat, 12 Nov 2022 22:46:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
generic
match.adsrvr.org/track/cmf/ Frame 8006 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=credit.kohls.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
mpp.vindicosuite.com/sync/ Frame 8006 		24 B
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mpp.vindicosuite.com/sync/?pid=27&fr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.236.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 22:46:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24
content-type
text/plain; charset=utf-8
ibs:dpid=3047&dpuuid=54295AFD8E80CD&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54295AFD8E80CD&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54295AFD8E80CD&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
43Z+h0N2QXc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=54295AFD8E80CD&gdpr=0&gdpr_consent=
Pragma
no-cache
Date
Sat, 12 Nov 2022 22:46:29 GMT
Cache-Control
no-cache, no-store
Server
prod-xre-app8.frk11
Connection
close
X-HW
1668293189.dop137.fr8.t,1668293189.cds009.fr8.shn,1668293189.dop137.fr8.t,1668293189.cds240.fr8.sc,1668293189.cds240.fr8.p
s14128014840182
ww8.kohls.com/b/ss/kohlscomprod/10/JS-2.20.0-LAS8/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww8.kohls.com/b/ss/kohlscomprod/10/JS-2.20.0-LAS8/s14128014840182?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=12%2F10%2F2022%2022%3A46%3A29%206%200&d.&nsid=0&jsonv=1&.d&mid=62744695687943165521629874907875754840&aamlh=6&ce=UTF-8&cdp=3&fpCookieDomainPeriods=3&pageName=credit%3Alogin&g=https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001&c.&k.&pageDomain=credit.kohls.com&.k&mcid.&version=4.6.0&icsmcvid=-false&mcidcto=-false&aidcto=-false&.mcid&.c&cc=USD&v0=AAAA4151001&products=%3Bproductmerch1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v3=external&c4=credit&c9=credit%7C&c18=sat%7Cweekend%7C10%3A00%20pm&v18=sat%7Cweekend%7C10%3A00%20pm&c22=2022-11-12&v22=desktop&v40=cloud17&c50=D%3Ds_tempsess&c53=D%3DpageName&c64=VisitorAPI%20Present&v68=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F0EF5E09512D2CD20A490D4D%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP308220a2a4c4403f97fc1960100db40f/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
b848bb3629f819d58c2cd9213a93d924ae09a26e66d1f78921a163699ebe93d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://credit.kohls.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-aam-tid
OSeiXOiWSnk=
date
Sat, 12 Nov 2022 22:46:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
8306
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v045-0f14bb97f.edge-irl1.demdex.com 11 ms
pragma
no-cache
last-modified
Sun, 13 Nov 2022 22:46:29 GMT
server
jag
etag
3582632344316968960-4619683204545100201
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Fri, 11 Nov 2022 22:46:29 GMT
ibs:dpid=28645&dpuuid=LDNcVqshqWorJZujpctFxWEbsJwdCh48&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LDNcVqshqWorJZujpctFxWEbsJwdCh48&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LDNcVqshqWorJZujpctFxWEbsJwdCh48&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0ced04f65.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/5vi/ra8Rl8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LDNcVqshqWorJZujpctFxWEbsJwdCh48&gdpr=0&gdpr_consent=
date
Sat, 12 Nov 2022 22:46:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
2086418
content-length
0
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=67902917441178352962285269079853058672&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-06ebc79ba.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FoQjdatcRYg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Sat, 12 Nov 2022 22:46:29 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=67902917441178352962285269079853058672&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-O0bBZXhE2pFVKVJ99QToJKidVCr_wjtpdIE-~A
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-O0bBZXhE2pFVKVJ99QToJKidVCr_wjtpdIE-~A
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bDXLQ1ObSs0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Sat, 12 Nov 2022 22:46:29 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-O0bBZXhE2pFVKVJ99QToJKidVCr_wjtpdIE-~A
content-length
0
ibs:dpid=575&dpuuid=6079302958092995623
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=67902917441178352962285269079853058672
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=6079302958092995623
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=6079302958092995623
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZGTkfZy9QzE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=6079302958092995623
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
noop
px.owneriq.net/ Frame 8006
Redirect Chain
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7215795901437965409&uid=Q7215795901437965409&ref=%2Feucm%2Fp%2Fadpq
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Protocol
HTTP/1.1
Server
23.79.154.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-154-245.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Sat, 12 Nov 2022 22:46:30 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sat, 12 Nov 2022 22:46:30 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
user
bttrack.com/dmp/adobe/ Frame 8006 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/dmp/adobe/user?dd_uuid=67902917441178352962285269079853058672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:13 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
35
expires
-1
ibs:dpid=73426&dpuuid=67902917441178352962285269079853058672
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=67902917441178352962285269079853058672&rn=1668293186339&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D679029174411783...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=67902917441178352962285269079853058672&rn=1668293186339&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D67902917441178...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=67902917441178352962285269079853058672
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=67902917441178352962285269079853058672
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0e1f48b6d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
35hQmVmRQMM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=67902917441178352962285269079853058672
date
Sat, 12 Nov 2022 22:46:30 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
RiBks7pZQZl7WBoZXOC3hVJu3KaKpQXA-9dr11pBccivvKlBraxx3w==
x-cache
Miss from cloudfront
sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_F9419C1C_70920DBF&redir=https://abp.mxptint.net/ Frame 8006
Redirect Chain
  • https://abp.mxptint.net/sn.ashx
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_F9419C1C_70920DBF&redir=https://abp.mxptint.net/sn.ashx?ak=1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_F9419C1C_70920DBF&redir=https://abp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0e1f48b6d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
WoYBzyobTao=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_F9419C1C_70920DBF&redir=https://abp.mxptint.net/sn.ashx?ak=1
Date
Sat, 12 Nov 2022 22:46:30 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-351279990; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
237
Content-Type
text/html; charset=utf-8
ibs:dpid=79908&dpuuid=c:29ac93c99c7595fe2cbe5e533eef8bbe
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=67902917441178352962285269079853058672&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29ac93c99c7595fe2cbe5e533eef8bbe
42 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29ac93c99c7595fe2cbe5e533eef8bbe
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tTDfcwRgQlI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Sat, 12 Nov 2022 22:46:30 GMT
server
Aorta/20221109.cd7826bc8
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29ac93c99c7595fe2cbe5e533eef8bbe
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
b249c1d90e86
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
ibs:dpid=2340&dpuuid=448e7074-2762-4b43-b692-677d9d732266
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID}
  • https://dpm.demdex.net/ibs:dpid=2340&dpuuid=448e7074-2762-4b43-b692-677d9d732266
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=448e7074-2762-4b43-b692-677d9d732266
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nzal5L4ZTRY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=448e7074-2762-4b43-b692-677d9d732266
Date
Sat, 12 Nov 2022 22:46:30 GMT
Connection
keep-alive
X-CI-RTID
8dd1ae38-4ee4-45d0-8207-8f9028a2156f
Content-Length
107
Content-Type
text/html; charset=utf-8
usermatch.gif
beacon.krxd.net/ Frame 8006
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=67902917441178352962285269079853058672
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=67902917441178352962285269079853058672
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=67902917441178352962285269079853058672
Protocol
H2
Server
54.72.167.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n017-dub-prod.krxd.net
date
Sat, 12 Nov 2022 22:46:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1668293191
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=67902917441178352962285269079853058672
date
Sat, 12 Nov 2022 22:46:30 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
tpid=67902917441178352962285269079853058672
sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame 8006 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=67902917441178352962285269079853058672?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.181.242 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.66
content-length
49
expires
0
pixel
cm.g.doubleclick.net/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNBaVFnQUFBRzR0Z0FPSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNBaVFnQUFBRzR0Z0FPSg==
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn4040-HHN
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668293191.891530,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTNBaVFnQUFBRzR0Z0FPSg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3AiQgAAAG4tgAOJ&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3AiQgAAAG4tgAOJ&expires=90
Protocol
HTTP/1.1
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-hhn4040-HHN
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668293191.940197,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y3AiQgAAAG4tgAOJ&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3AiQgAAAG4tgAOJ
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3AiQgAAAG4tgAOJ&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3AiQgAAAG4tgAOJ&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 12 Nov 2022 22:46:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 12 Nov 2022 22:46:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=Y3AiQgAAAG4tgAOJ&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
ib.adnxs.com/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y3AiQgAAAG4tgAOJ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y3AiQgAAAG4tgAOJ
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 12 Nov 2022 22:46:31 GMT
AN-X-Request-Uuid
fbc607af-a42b-412e-bd70-446832ee848d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-hhn4040-HHN
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668293191.141625,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y3AiQgAAAG4tgAOJ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3AiQgAAAG4tgAOJ
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3AiQgAAAG4tgAOJ
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 22:46:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-hhn4040-HHN
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668293191.245605,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y3AiQgAAAG4tgAOJ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3AiQgAAAG4tgAOJ
1 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3AiQgAAAG4tgAOJ
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 12 Nov 2022 22:46:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-hhn4040-HHN
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668293191.347775,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3AiQgAAAG4tgAOJ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3AiQgAAAG4tgAOJ&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3AiQgAAAG4tgAOJ&img=1&__user_check__=1&sync_id=da2c7447-62db-11ed-80b7-10b91cd50206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y3AiQgAAAG4tgAOJ&img=1&__user_check__=1&sync_id=da2c7447-62db-11ed-80b7-10b91cd50206
Protocol
HTTP/1.1
Server
185.94.180.125 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 22:46:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
141
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sat, 12 Nov 2022 22:46:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y3AiQgAAAG4tgAOJ&img=1&__user_check__=1&sync_id=da2c7447-62db-11ed-80b7-10b91cd50206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
144
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 8006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3AiQgAAAG4tgAOJ&t=2592000&o=0
43 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3AiQgAAAG4tgAOJ&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f12d:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 14:46:31 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
EHJlpp3NFXfBMrL9J/KLEijhTgJLlGNx71Ic8gbT9WtlDHb6dcsC0eYfvWaJxGEUmKHFV08qIYlhp6ZXZDG+qg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
expires
Sat, 12 Nov 2022 14:46:31 PST

Redirect headers

x-served-by
cache-hhn4040-HHN
pragma
no-cache
date
Sat, 12 Nov 2022 22:46:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668293192.552406,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y3AiQgAAAG4tgAOJ&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
restricted
mid.rkdms.com/ Frame 8006
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=67902917441178352962285269079853058672&_ct=img
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Protocol
H2
Server
3.230.248.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

location
/restricted
date
Sat, 12 Nov 2022 22:46:31 GMT
server
nginx
content-length
0
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame 8006
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=67902917441178352962285269079853058672&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Protocol
HTTP/1.1
Server
52.19.27.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-27-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kohls.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-000256d3c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sOIq5Li4Ths=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adb2waycm-atl.netmng.com
URL
https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| digitalData string| environment object| GLOBAL_VARIABLES object| googletag number| BOOMR_lstart object| BOOMR object| BOOMR_mq object| ggeac object| google_tag_data object| google_js_reporting_queue object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| initializeEnv object| pagesForAbandonment function| shouldMonitorForAbandonment object| $env function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s undefined| google_measure_js_timing function| AppMeasurement_Module_AudienceManagement function| DIL boolean| utag_condload object| utag function| e function| $ function| jQuery boolean| __tealium_twc_switch object| utag_cfg_ovrd object| webpackJsonp number| BOOMR_configt object| regeneratorRuntime object| OOo number| BOOMR_onload function| startFeedback function| apl function| AppMeasurement_Module_Integrate string| scLinkCustVars object| s_i_ceecsprod string| s_tnt object| s_i_kohlscomprod

33 Cookies

Domain/Path Name / Value
.kohls.com/ecs/auth Name: productnum
Value: 1
credit.kohls.com/ Name: clientId
Value: AAAA4151001
.kohls.com/ Name: utag_main
Value: v_id:01846e05cef4000ebbf4f12f7aa503074003206c00b08$_sn:1$_se:1$_ss:1$_st:1668294985269$ses_id:1668293185269%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:kohls.com$previousPageURL:https%3A%2F%2Fcredit.kohls.com%2Fecs%2Fauth%2F%3Fcid%3DAAAA4151001%3Bexp-session$previousPageName:Login%3Bexp-session
.kohls.com/ Name: AMCVS_88C5E33B558DAFB57F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3AiQgAAAG4tgAOJ
.credit.kohls.com/ Name: AMCVS_F0EF5E09512D2CD20A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: ev_sync_dd
Value: 20221112
credit.kohls.com/ Name: TS019b3224
Value: 019b369bcba84022420313d90415200e5292b7d4a1bf895a45d5d290c164325a78119503e787d91cbaa83ffa1a983aa6a8662aac3a3275ef70d2081f725fab61065e8d4e3b62f47693f8c946fb241cdf95b526e3f6
.dpm.demdex.net/ Name: dpm
Value: 70544871538192741552399540770076364816
.demdex.net/ Name: demdex
Value: 70544871538192741552399540770076364816
.kohls.com/ Name: s_getNewRepeat
Value: 1668293187448-New
.kohls.com/ Name: s_cc
Value: true
.kohls.com/ Name: AMCV_88C5E33B558DAFB57F000101%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19309%7CMCMID%7C70549897260002238012396522944513330562%7CMCAAMLH-1668897986%7C6%7CMCAAMB-1668897986%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1668300387s%7CNONE%7CMCSYNCSOP%7C411-19316%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.credit.kohls.com/ Name: RT
Value: "z=1&dm=credit.kohls.com&si=2b485c0b-3a65-4637-9f71-a063e4c67cbb&ss=laeiopnt&sl=1&tt=3or&bcn=%2F%2F17de4c13.akstat.io%2F&ld=4gs"
.agkn.com/ Name: ab
Value: 0001%3AQsLbcfLOq3j0kIfa4D%2BV1q8UQCFluOrQ
.adnxs.com/ Name: uuid2
Value: 3344689410031540966
.doubleclick.net/ Name: IDE
Value: AHWqTUnKqjQg6AHuHVkd5-yDUUpkNj-OKM6Cq9TSY6dfdMciGqafZ9hcUXkfo4Fw9VY
.twitter.com/ Name: personalization_id
Value: "v1_m/yOdklzlmidNjUFrvjOGA=="
.everesttech.net/ Name: ev_sync_ax
Value: 20221112
.everesttech.net/ Name: everest_session_v2
Value: Y3AiRQAAAJJ4XHks
.kohls.com/ Name: s_ecid
Value: MCMID%7C62744695687943165521629874907875754840
.credit.kohls.com/ Name: s_cmp
Value: AAAA4151001
.credit.kohls.com/ Name: gpv_v9
Value: credit%3Alogin
.credit.kohls.com/ Name: s_cc
Value: true
.credit.kohls.com/ Name: AMCV_F0EF5E09512D2CD20A490D4D%40AdobeOrg
Value: -408604571%7CMCIDTS%7C19309%7CMCMID%7C62744695687943165521629874907875754840%7CMCAAMLH-1668897986%7C6%7CMCAAMB-1668897986%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1668300389s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.6.0
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=54295AFD8E80CD"
.criteo.com/ Name: uid
Value: 906f4c8f-dce9-403e-a236-f117b1151b86
.ww8.kohls.com/ Name: s_ecid
Value: MCMID%7C62744695687943165521629874907875754840
.eyeota.net/ Name: SERVERID
Value: 19459~DM
.yahoo.com/ Name: A3
Value: d=AQABBEUicGMCEKhExleBsHHH0r8J-0rUvbg&S=AQAAAjFVXu6lmaJZ_cEAprZgEyw
.owneriq.net/ Name: si
Value: Q7215795901437965409
.owneriq.net/ Name: p2
Value: adpq
.demdex.net/ Name: dextp
Value: 21-1-1668293187764|60-1-1668293187864|358-1-1668293187967|477-1-1668293188069|601-1-1668293188171|640-1-1668293188273|771-1-1668293188376|822-1-1668293188479|992-1-1668293188581|1123-1-1668293188684|1083-1-1668293188786|1085-1-1668293188888|1086-1-1668293188989|1087-1-1668293189091|1088-1-1668293189193|903-1-1668293189295|20-1-1668293189398|3047-1-1668293189500|28645-1-1668293189602|30064-1-1668293189703|30646-1-1668293189805|575-1-1668293189908|53196-1-1668293190018|49276-1-1668293190120|73426-1-1668293190223|75557-1-1668293190325|79908-1-1668293190426

3 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=67902917441178352962285269079853058672
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=67902917441178352962285269079853058672
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=67902917441178352962285269079853058672?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'strict-dynamic' 'unsafe-eval' 'nonce-MWFkNjBlNDUtOWU1OC00MDY2LTg4NjYtOWRkMDRkOWQ0Zjlh'; object-src 'none'; base-uri 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17de4c13.akstat.io
aa.agkn.com
abp.mxptint.net
adb2waycm-atl.netmng.com
ads.scorecardresearch.com
analytics.twitter.com
aorta.clickagy.com
assets.adobedtm.com
beacon.krxd.net
bttrack.com
c.go-mpulse.net
cashedge.d1.sc.omtrdc.net
cdn.firstdata.com
cdn.navdmp.com
click.t.kohls.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
credit.kohls.com
d1kjcdrfrq03t3.cloudfront.net
d3ksttzjeov72n.cloudfront.net
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
fei.pro-market.net
fiservsolutions-1.demdex.net
gum.criteo.com
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.icanhazip.com
kohls.demdex.net
match.adsrvr.org
mid.rkdms.com
mpp.vindicosuite.com
navdmp.com
pixel.everesttech.net
pixel.onaudience.com
pixel.rubiconproject.com
ps.eyeota.net
px.owneriq.net
s.go-mpulse.net
securepubads.g.doubleclick.net
servedby.flashtalking.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.search.spotxchange.com
tags.tiqcdn.com
us-u.openx.net
usermatch.krxd.net
ww8.kohls.com
www.facebook.com
adb2waycm-atl.netmng.com
104.18.114.97
104.244.42.67
104.75.88.194
107.162.230.34
107.22.173.254
13.36.218.177
141.94.170.77
151.101.66.49
172.217.18.2
185.64.190.80
185.80.39.216
185.89.210.122
185.94.180.125
192.132.33.46
209.197.3.19
212.82.100.182
23.79.154.245
2600:1901:0:8eee::
2600:9000:224a:1200:1b:64b0:3080:93a1
2600:9000:224a:7e00:19:6e5a:51c0:21
2600:9000:2261:200:0:ed0d:63c0:21
2606:4700:4400::6812:25fe
2606:4700::6810:df3
2a00:1450:4001:811::2002
2a02:2638::1c
2a02:26f0:1700:391::11a6
2a02:26f0:3500:587::1e80
2a02:26f0:6c00:287::11a6
2a03:2880:f12d:83:face:b00c:0:25de
3.121.27.153
3.230.248.213
34.249.11.23
34.253.48.159
34.98.64.218
35.186.236.204
35.244.174.68
35.71.131.137
38.67.14.224
52.19.27.104
52.22.210.48
52.28.224.208
52.49.181.242
52.5.99.161
54.154.180.60
54.72.167.131
54.77.35.16
67.202.105.23
68.232.203.70
69.173.144.165
99.86.4.2
03b9b73c368ed8983490a9c2c54acb1a65c785f99d8a4e2807f0d16ad0cefe96
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b87812751426604493d4aaf0a0b24100738e39a58682f7da9ad383493d8c02b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
170f6f3bf935abdfb170ce0f871755db1fd5e473317c659b551fb542d02b2844
1f9e5db2d0dd841b403c591b80839f11fce95b7a395d8f17ff60fe8c7a9a1e3e
2129ccd6aca391fa9315ee075c416a0f5d99c86c917cd750d9e8fb0c86aac5f2
26591f0e9074e03b9b45a60e9ad21b3ef6e9c182901903949a18e21b26759ff0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
33bbfcb62d416e997c644430385e28227830e164193697c05cb8292f637ef3d4
34a13102936e59edbebcffd52dd7a5f56027208abe9f526bc978622602dda678
34ad67cfc362403e3baabe4ad0f4ef0b4b6b68e2f252dd703bbb1e10198188e2
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51e53f49d8f809b76a75e0eaf09716b8b6e818034335c528ef681f1d7bc2a9c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57918de891e723a07170c50f73ee94388b058c4244f5934edcda4333d4e6804a
5dc8c16ae1b739482d01922a747406d2a209e8ae81f5e4278e2c2650c88e1f4a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7037e102057d591d9adf205fef096b6bc5f05927a92abfba941bf501fb206500
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
878f9fa2e13d06f0721015ce915eabadd70d347bae541cb559d4163efb8317dc
8a51c8ff495fc25bfdd773f3626a923e4bb50dd838f4dd6e67c7badc78d2e85c
8be9f60521f06d94b705fafc77acf783ce33659f3a94b43c72369c80f200001c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7a41b04969454dfbe620bfbc7699647b2819d768374b3f0f90a714a0d80b199
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adfcb165c69213b0aba3c64bc549f7ff156ec82110fb8ef144b1d16ebc13b04a
ae893461bc00dc0c85f1e4b60b5059f9cf9fef356cd8c104c9aa8ebf3a1cb66c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b848bb3629f819d58c2cd9213a93d924ae09a26e66d1f78921a163699ebe93d5
bcf45c12e41f8d9b2dd5bd5c3088ce0b89f9679fabff8b1f94170b25ca1c2634
bdc148910f3fa6566f79c5afec49464eab688a660f85381b31c9be34c014ee26
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c564d9af61d586aa7d64508fc57900fab2da77572ea13782ca213d8617b86ba5
c729fb9e9113b95da37edd1ee95a983d22c46b646fc2427641943ecd3b86e104
cecd77b0f4875d4da09911d54df7f149541ffcd47251c63644b225f292ec4cc0
dd53fb3dca94672551a3853e0724accb63486af504d431674b0d0846f990ee6d
e340a56dd0f761773f43c37d410127ec7c8f848bc0c6b48644d5a9eceaf024fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaffa853efb6e9eefd32e06a2f07bd2424fdf8fe23eec828610b8f5d61b2ef49
eef93a7ff6f4d0afdf9ad3bc39ee60a915732171d405e90032bf5ee8fe4a19aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3739aaade6ba466c207142443cd08fb5c19481be06180bcf7da87291689cbfe
fd0cbf1efb2b3e31c78463c4fbe7bdde2e5e62f2a5a7220babd0496e51fe40fd