urlscan.io logo urlscan.io
SecurityTrails logo

emea.moosend.com Open in urlscan Pro
18.198.161.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://emea.msnd33.com/tracking/lc/8f1ec8ed-a090-402b-89a8-1066b98b3fc8/00d97e09-d981-4925-b66d-5fd1237ee3b7/67bb3cb6-6...
Effective URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campa...
Submission Tags: falconsandbox
Submission: On August 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 7 countries across 36 domains to perform 126 HTTP transactions. The main IP is 18.198.161.41, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is emea.moosend.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 4th 2024. Valid for: a year.
This is the only time emea.moosend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.75.71.96 16509 (AMAZON-02)
2 6 18.198.161.41 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 18.244.18.5 16509 (AMAZON-02)
1 104.18.11.207 13335 (CLOUDFLAR...)
7 18.245.46.103 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
14 99.86.8.175 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.251.183.232 16509 (AMAZON-02)
2 35.166.226.67 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2600:9000:264... 16509 (AMAZON-02)
23 29 2a05:d018:cc3... 16509 (AMAZON-02)
2 2a05:d018:cc3... 16509 (AMAZON-02)
2 54.74.19.115 16509 (AMAZON-02)
2 2a05:d018:cc3... 16509 (AMAZON-02)
4 157.240.0.6 32934 (FACEBOOK)
2 35.214.149.91 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
1 3 104.18.36.155 13335 (CLOUDFLAR...)
2 69.173.144.139 26667 (RUBICONPR...)
2 35.244.159.8 396982 (GOOGLE-CL...)
2 64.202.112.159 22075 (AS-OUTBRAIN)
2 185.64.191.210 62713 (AS-PUBMATIC)
2 3.71.149.231 16509 (AMAZON-02)
2 141.226.228.48 200478 (TABOOLA-AS)
2 76.223.111.18 16509 (AMAZON-02)
1 3 185.89.211.116 29990 (ASN-APPNEX)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 2a04:4e42::485 54113 (FASTLY)
2 142.250.186.42 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 141.193.213.20 209242 (CLOUDFLAR...)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 151.101.193.229 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 172.217.18.100 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42::396 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 151.101.65.140 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
126 50
1    3.75.71.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-71-96.eu-central-1.compute.amazonaws.com
emea.msnd33.com
6    18.198.161.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-161-41.eu-central-1.compute.amazonaws.com
emea.moosend.com
identity.moosend.com
ec1-user-domain-assets.moosend.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    18.244.18.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-5.fra56.r.cloudfront.net
cdn.transifex.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
7    18.245.46.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-103.fra56.r.cloudfront.net
frontend-editor.ui.moosend.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
14    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.251.183.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-183-232.eu-west-1.compute.amazonaws.com
telemetry.svc.transifex.net
2    35.166.226.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-226-67.us-west-2.compute.amazonaws.com
api.segment.io
3    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
2    2606:4700::6812:213 (United States)

ASN13335 (CLOUDFLARENET, US)
app.satismeter.com
8    2600:9000:2644:4000:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
29    2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    2a05:d018:cc3:fe0a:16d3:262d:99f9:d03c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
x.adroll.com
2    54.74.19.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-19-115.eu-west-1.compute.amazonaws.com
ipv4.d.adroll.com
2    2a05:d018:cc3:fe0a:7a55:d15d:3e71:35ee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
x.adroll.com
4    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
2    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
moosend.com
2    2a02:26f0:780::210:a47a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.moosend.com
1    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net
www.google.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2606:4700::6812:1fb0 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.g2crowd.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.de
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
Apex Domain
Subdomains		 Transfer
43 adroll.com
s.adroll.com — Cisco Umbrella Rank: 5194
d.adroll.com — Cisco Umbrella Rank: 2660
x.adroll.com — Cisco Umbrella Rank: 8113
ipv4.d.adroll.com — Cisco Umbrella Rank: 15429
98 KB
16 moosend.com
emea.moosend.com
frontend-editor.ui.moosend.com
identity.moosend.com
moosend.com — Cisco Umbrella Rank: 225129
ec1-user-domain-assets.moosend.com
cdn.moosend.com
4 MB
14 segment.com
cdn.segment.com — Cisco Umbrella Rank: 3005
92 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
347 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
15 KB
5 transifex.com
cdn.transifex.com — Cisco Umbrella Rank: 127020
28 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
3 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 19182
2 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
79 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
3 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102
2 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
886 B
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 14623
140 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3241
alb.reddit.com — Cisco Umbrella Rank: 1969
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
195 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3773
961 B
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
26 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
279 B
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 2197
179 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
166 B
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373
1022 B
2 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1277
436 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 864
361 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
478 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646 Failed
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 499
470 B
2 satismeter.com
app.satismeter.com — Cisco Umbrella Rank: 77753
39 KB
2 segment.io
api.segment.io — Cisco Umbrella Rank: 1485
347 B
2 transifex.net
telemetry.svc.transifex.net — Cisco Umbrella Rank: 119194
377 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
7 KB
1 msnd33.com
emea.msnd33.com
564 B
126 36
Domain Requested by
29 d.adroll.com 23 redirects s.adroll.com
emea.moosend.com
14 cdn.segment.com emea.moosend.com
cdn.segment.com
8 s.adroll.com 1 redirects cdn.segment.com
emea.moosend.com
s.adroll.com
7 frontend-editor.ui.moosend.com emea.moosend.com
frontend-editor.ui.moosend.com
5 fonts.gstatic.com fonts.googleapis.com
5 cdn.transifex.com emea.moosend.com
cdn.transifex.com
4 www.facebook.com emea.moosend.com
4 connect.facebook.net s.adroll.com
connect.facebook.net
4 x.adroll.com s.adroll.com
emea.moosend.com
4 fonts.googleapis.com emea.moosend.com
ajax.googleapis.com
3 tracking.g2crowd.com emea.moosend.com
tracking.g2crowd.com
3 cdn.jsdelivr.net emea.moosend.com
3 ib.adnxs.com 1 redirects emea.moosend.com
3 dsum-sec.casalemedia.com 1 redirects emea.moosend.com
3 fast.appcues.com cdn.segment.com
fast.appcues.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 www.googletagmanager.com cdn.segment.com
www.googletagmanager.com
2 cdn.moosend.com emea.moosend.com
2 ec1-user-domain-assets.moosend.com 2 redirects
2 use.fontawesome.com emea.moosend.com
use.fontawesome.com
2 identity.moosend.com emea.moosend.com
2 eb2.3lift.com emea.moosend.com
2 sync.taboola.com emea.moosend.com
2 ups.analytics.yahoo.com emea.moosend.com
2 image2.pubmatic.com emea.moosend.com
2 sync.outbrain.com emea.moosend.com
2 us-u.openx.net emea.moosend.com
2 pixel.rubiconproject.com emea.moosend.com
2 cm.g.doubleclick.net emea.moosend.com
2 pixel.tapad.com emea.moosend.com
2 x.bidswitch.net emea.moosend.com
2 ipv4.d.adroll.com emea.moosend.com
2 app.satismeter.com cdn.segment.com
frontend-editor.ui.moosend.com
2 api.segment.io cdn.segment.com
2 telemetry.svc.transifex.net cdn.transifex.com
2 ajax.googleapis.com emea.moosend.com
2 emea.moosend.com frontend-editor.ui.moosend.com
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 ajax.aspnetcdn.com emea.moosend.com
1 www.google.com emea.moosend.com
1 cdnjs.cloudflare.com emea.moosend.com
1 moosend.com emea.moosend.com
1 maxcdn.bootstrapcdn.com emea.moosend.com
1 emea.msnd33.com 1 redirects
126 49

This site contains links to these domains. Also see Links.

Domain
moosend.com
accounts.google.com
Subject Issuer Validity Valid
*.moosend.com
Sectigo RSA Organization Validation Secure Server CA		 2024-03-04 -
2025-03-28		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdn.transifex.com
Amazon RSA 2048 M03		 2023-10-11 -
2024-11-08		 a year crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.ui.moosend.com
Amazon RSA 2048 M03		 2024-01-13 -
2025-02-09		 a year crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
svc.transifex.net
Amazon RSA 2048 M02		 2024-06-24 -
2025-07-22		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-07 -
2025-07-09		 a year crt.sh
satismeter.com
WE1		 2024-08-05 -
2024-11-03		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.adroll.com
Amazon RSA 2048 M03		 2023-10-23 -
2024-11-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-06 -
2024-09-04		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
g2crowd.com
WE1		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh

This page contains 3 frames:

Primary Page: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Frame ID: E3B9AEB9F7DDE12275AC402F8F8AD884
Requests: 123 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25
Frame ID: C1AB62F9690E9928F0CB246AAF1515C5
Requests: 1 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25
Frame ID: F481E975BBEF2F60F320D02EB521553C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | Moosend

Page URL History Show full URLs

  1. https://emea.msnd33.com/tracking/lc/8f1ec8ed-a090-402b-89a8-1066b98b3fc8/00d97e09-d981-4925-b66d-5fd... HTTP 302
    https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallis... Page URL
  2. https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <a[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

126
Requests

79 %
HTTPS

38 %
IPv6

36
Domains

49
Subdomains

50
IPs

7
Countries

4967 kB
Transfer

13051 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://emea.msnd33.com/tracking/lc/8f1ec8ed-a090-402b-89a8-1066b98b3fc8/00d97e09-d981-4925-b66d-5fd1237ee3b7/67bb3cb6-6cc4-4a62-926f-03b8827256b1/ HTTP 302
    https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8 Page URL
  2. https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://emea.msnd33.com/tracking/lc/8f1ec8ed-a090-402b-89a8-1066b98b3fc8/00d97e09-d981-4925-b66d-5fd1237ee3b7/67bb3cb6-6cc4-4a62-926f-03b8827256b1/ HTTP 302
  • https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Request Chain 30
  • https://s.adroll.com/j/pre/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 41
  • https://d.adroll.com/cm/b/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Request Chain 42
  • https://d.adroll.com/cm/experian/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
Request Chain 43
  • https://d.adroll.com/cm/g/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
Request Chain 44
  • https://d.adroll.com/cm/index/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367399 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367399&C=1
Request Chain 46
  • https://d.adroll.com/cm/n/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
Request Chain 47
  • https://d.adroll.com/cm/o/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
Request Chain 48
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
Request Chain 49
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 50
  • https://d.adroll.com/cm/r/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 51
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Request Chain 52
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
Request Chain 53
  • https://d.adroll.com/cm/x/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DM2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Request Chain 65
  • https://ec1-user-domain-assets.moosend.com/redirect/setting/PlatformDomain/LoginLogo?customDomain=emea.moosend.com&defaultRedirect=https%3A%2F%2Fcdn.moosend.com%2Fassets%2Fimages%2Flogo.svg HTTP 302
  • https://cdn.moosend.com/assets/images/logo.svg
Request Chain 83
  • https://ec1-user-domain-assets.moosend.com/redirect/setting/PlatformDomain/Favicon?customDomain=emea.moosend.com&defaultRedirect=https%3A%2F%2Fcdn.moosend.com%2Fassets%2Fimages%2Ficons%2Flogo.png HTTP 302
  • https://cdn.moosend.com/assets/images/icons/logo.png
Request Chain 107
  • https://d.adroll.com/cm/b/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Request Chain 108
  • https://d.adroll.com/cm/experian/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
Request Chain 109
  • https://d.adroll.com/cm/g/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
Request Chain 110
  • https://d.adroll.com/cm/index/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367402
Request Chain 112
  • https://d.adroll.com/cm/n/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
Request Chain 113
  • https://d.adroll.com/cm/o/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
Request Chain 114
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
Request Chain 115
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 116
  • https://d.adroll.com/cm/r/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 117
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Request Chain 118
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
Request Chain 119
  • https://d.adroll.com/cm/x/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25 HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cityam.com
emea.moosend.com/design/
Redirect Chain
  • https://emea.msnd33.com/tracking/lc/8f1ec8ed-a090-402b-89a8-1066b98b3fc8/00d97e09-d981-4925-b66d-5fd1237ee3b7/67bb3cb6-6cc4-4a62-926f-03b8827256b1/
  • https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.198.161.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-161-41.eu-central-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
d47630ee905ec0af654a1fa4bb9520c21e50313ae7e6f67bd95273fb40a80a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
2167
content-encoding
gzip
content-type
text/html
date
Wed, 28 Aug 2024 07:13:52 GMT
etag
W/"5faac220ae71c5ab370cfad7c790bd44"
last-modified
Fri, 02 Aug 2024 10:49:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
via
1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront)
x-amz-cf-id
17Vy13dEVXuzFVs0QBiT91uEVhsCm5-HBsZVBNzLS3STTWn3i1_zmg==
x-amz-cf-pop
FRA56-P9
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
600
content-length
0
date
Wed, 28 Aug 2024 07:49:57 GMT
location
https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
referrer-policy
no-referrer
server
Kestrel
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 07:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 07:49:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 07:49:58 GMT
live.js
cdn.transifex.com/ 		96 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transifex.com/live.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ac06f0260e4f88ec780156809becb32b9f1b48c87e3c33aa33de77007418395

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
v497APf6s4w5dtCug3rvoXIyLBX8WgGf
content-encoding
gzip
via
1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 00:40:56 GMT
last-modified
Tue, 23 Jul 2024 11:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
25749
x-amz-server-side-encryption
AES256
etag
W/"2ad3d948f864f65b2e25671757bc9df2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
lKjarEr1x4cZeYw9iU4sfpTSoWUpwmRmytC6UFjW8Opq5b-_-oporg==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1047
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
14473735
cdn-cachedat
10/31/2023 18:58:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9bd489b3b47817325036093612d128df
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8ba2b52f1e4d1ca1-FRA
cdn-requestpullsuccess
True
f2fbd3452bd572517f78.js
frontend-editor.ui.moosend.com/ 		2 MB
953 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-editor.ui.moosend.com/f2fbd3452bd572517f78.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b654176a52866cd625bd09c3b725fceead1372f8124eff2f7b24faf2bba92c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:37:58 GMT
content-encoding
gzip
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
4921
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Aug 2024 10:49:27 GMT
server
AmazonS3
etag
W/"02456723fb32c2730cb80f7966a354a8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
ba20TuFAw9_H4wcIFEfRtZKr0eBShenszlw34TVQWGvqo6wWoFN1Kw==
editorloader.gif
frontend-editor.ui.moosend.com/assets/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frontend-editor.ui.moosend.com/assets/images/editorloader.gif
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a94adf989cb95838d6002d0ddf16ceb7f6bebff7d2fcd7c27bf37bd7074f0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:46:29 GMT
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
210
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26955
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Aug 2024 10:46:12 GMT
server
AmazonS3
etag
"8c2d08bbc7fbfc07b12c7113f1dcd7b2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
1R0eym3-IUMdCuhRajs0DGpf0yQ-omeKbpwp4j3VKNtYWgg_1NbMyQ==
le.min.js
frontend-editor.ui.moosend.com/lib/le_js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-editor.ui.moosend.com/lib/le_js/le.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37c3c48e08e3f45df82a38bdaf298b063254cd6d6b0022c060d9df8c4236c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:37:58 GMT
content-encoding
gzip
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
1335
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 11 Jan 2023 15:17:55 GMT
server
AmazonS3
etag
W/"78755a5abb05faa818ce8131ea5b54c6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
RuX1Ic_c5wtbxLTYBsT7dwcskoK0ZhFemq4dK6gkUJ-FgFvi_O1c_w==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 13:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Aug 2025 13:10:21 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:15:10 GMT
manifest.jsonp
cdn.transifex.com/415beb5bbfa248578cc3b024c5836934/latest/ 		3 KB
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transifex.com/415beb5bbfa248578cc3b024c5836934/latest/manifest.jsonp
Requested by
Host: cdn.transifex.com
URL: https://cdn.transifex.com/live.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6056cfa6b34fa87b9198c2aa662d8a234ee02781074407d2bba92df112aeb950

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
lsCNnectW_z_HPe_Bc3JQtKXLYeJZY4X
content-encoding
br
via
1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
date
Tue, 27 Aug 2024 08:42:19 GMT
last-modified
Tue, 25 Oct 2022 08:06:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
83260
x-amz-server-side-encryption
AES256
etag
W/"f3e5717cdfc437571b9089fbc820165d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
P2US8gNL9-2iqWyv37Utz6f7lXN82o7GIp-hICo2oI-h-gkpoHr66A==
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,400italic,600,700&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2e4537e92ee06780895bca5b7c31216e42b5bf36a2b79b67b63c129f2725c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 07:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 07:49:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 07:49:58 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29856e7fe690d5a6b05af509153f72bf35a016be285f8e204209901c7183757a

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NiP0MjZSWAWQuI1jjmx8o4hCGL8_d27N
content-encoding
br
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 07:49:10 GMT
x-amz-cf-pop
FRA6-C1
age
48
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 29 Jul 2024 19:11:33 GMT
server
AmazonS3
etag
W/"71e93ae9cb656991ca39f3040beaa166"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
a2fodUNjRdPo4-VoZot_TpF_XR6QpeRfD_d5RmSJNUUSqs_UEe1tjg==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,400italic,600,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
63995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 14:03:23 GMT
memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,400italic,600,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:59:15 GMT
x-content-type-options
nosniff
age
64243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19280
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 13:59:15 GMT
289.css
frontend-editor.ui.moosend.com/ 		899 KB
659 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend-editor.ui.moosend.com/289.css
Requested by
Host: frontend-editor.ui.moosend.com
URL: https://frontend-editor.ui.moosend.com/f2fbd3452bd572517f78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a28fbd83030e21074108ceb994fb32a4682e0ce8655d752e3ce409a710bc990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:38:11 GMT
content-encoding
gzip
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
4920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Aug 2024 10:46:06 GMT
server
AmazonS3
etag
W/"6a68bfbfc3d9d86b4fc18da92b2691ce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
xHDMqRoMWpZUbwrloGTa2QlMRJlnp7CpUnc9XC50rwOk5pCHxaIoRA==
3999fa5839da803a2842.js
frontend-editor.ui.moosend.com/ 		2 MB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-editor.ui.moosend.com/3999fa5839da803a2842.js
Requested by
Host: frontend-editor.ui.moosend.com
URL: https://frontend-editor.ui.moosend.com/f2fbd3452bd572517f78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
127c316fb915284aa12468ce4706291076d4375bce50d1a6f9974715182fe185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:38:11 GMT
content-encoding
gzip
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
2871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Aug 2024 10:46:06 GMT
server
AmazonS3
etag
W/"ec8067ca949b1661e8e56c12714373a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
tdazpvdDtkX9icvvSWRsxPTxMx0DYv-wumspAYdvagz03xH29_-v7g==
867.css
frontend-editor.ui.moosend.com/ 		91 B
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend-editor.ui.moosend.com/867.css
Requested by
Host: frontend-editor.ui.moosend.com
URL: https://frontend-editor.ui.moosend.com/f2fbd3452bd572517f78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e50a267b59a93212ffdd807f6c73ce74a1ff4ed6c2dc719469b949f656040f26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:02:37 GMT
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
4920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
91
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Aug 2024 10:46:07 GMT
server
AmazonS3
etag
"48784dbd4e223453070f5800548e03e5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
QGQjjcEgB6KGLjEilLqgzfD41KFn4x21yXXKQ39oVLkW2Pw6lspvdw==
c806febeea7f224674e3.js
frontend-editor.ui.moosend.com/ 		4 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-editor.ui.moosend.com/c806febeea7f224674e3.js
Requested by
Host: frontend-editor.ui.moosend.com
URL: https://frontend-editor.ui.moosend.com/f2fbd3452bd572517f78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
399793d096e7c8cdfda6ff4d4b7b70949ce1eb3141333ad75eeeb5382544c917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:38:11 GMT
content-encoding
gzip
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
x-amz-cf-pop
FRA56-P9
age
1552
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Aug 2024 10:49:26 GMT
server
AmazonS3
etag
W/"971a127fea74fb8b21ab911bdee14571"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
a2HJ1R7gx0KwagB81L6prGcJdtowNNJSMZo-fyUErM_KWmAgA9l6kw==
integration
telemetry.svc.transifex.net/live/ 		30 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetry.svc.transifex.net/live/integration
Requested by
Host: cdn.transifex.com
URL: https://cdn.transifex.com/live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.183.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-183-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7dbea0062e5c176468cb3f86519df0fed69432a59a01b2dab85043f9b45d6664

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 07:49:58 GMT
etag
W/"1e-GPKVsaTKBS5s/s17MlmchlMue8Y"
content-length
30
vary
Accept-Encoding
content-type
application/json; charset=utf-8
settings
cdn.segment.com/v1/projects/ndqwrcxbk31kiit2aymi/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/ndqwrcxbk31kiit2aymi/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
badbd8c32b82f320168846b742fd3cf2023512c7119e046764e33a714a46f27e

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
HBklVFQ7B5GSoQY1gRN3w68sMU7iDlQQ
content-encoding
br
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 06:00:26 GMT
x-amz-cf-pop
FRA6-C1
age
6659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 25 Jul 2024 17:47:48 GMT
server
AmazonS3
etag
W/"e417e7658449ea5d28b9c9057df52638"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
b7nhVaZvNkVF7eXHfSKmQn0ZDZ6toZ1FeJoHFsXzA7kKdpcRKgYrdg==
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:52 GMT
x-amz-version-id
y1rPlIgvelxNE1YxH.dn4iIroP2Pnn0U
content-encoding
br
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5571126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
ojMK0R5xJsU3RYu2E3oK1k4yuHXpDPmaWaqwwUG-vShMea6Kk_WLkw==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:54 GMT
x-amz-version-id
fFM2.Q5O21tbOz6I0BWTT24IeUb4pa6L
content-encoding
br
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5571125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
9jNh9yd4UHq6VKjP81RbGRGavmwnUxJkvxaG0yodBgW72-YLH8VOQw==
adroll.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/adroll/2.2.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/adroll/2.2.1/adroll.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46be4c132a98b553f6be5f57274731e39217b2783a6478cf6c9adc0b4e9f80c0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 10:25:42 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id
dlS7Y2Jkcqy.IFllZPnm9tPOau1vUhk3
x-amz-cf-pop
FRA6-C1
age
3187457
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1485
last-modified
Mon, 03 Jun 2024 14:40:12 GMT
server
AmazonS3
etag
"61e57642f055ce7a864cebf86bade39a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
lXpWO-7KwLsbAu_bjGgtHtS5TPkDOk3vjE280esIUOVLSUeacybCFA==
appcues.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/appcues/2.3.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/appcues/2.3.0/appcues.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a42f5583b68a1816c0f5cd2cf83264499334671d2ed15609c342e7fa7805376

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 03:13:50 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id
5pviAGIq8u3kGc8NDBjurk5Ah3oPokNR
x-amz-cf-pop
FRA6-C1
age
2176569
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1180
last-modified
Mon, 03 Jun 2024 14:40:12 GMT
server
AmazonS3
etag
"dcd4dcb2c7c21b89d914f0a4a68ff4f6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
h-ic2-QQkD9xVZ4keL60ETk06xDjq-mA2eFAWW5YDBtEVeZx-JVeTQ==
satismeter.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/satismeter/2.0.3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/satismeter/2.0.3/satismeter.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6669e7413fb9334a7ef5662dace6bf7ef124b85cc1d69761cbdf6b2da4696608

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:55:22 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id
DjeflaI9rMgBMXAPgn9p0D1eSis9niPw
x-amz-cf-pop
FRA6-C1
age
3664477
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1226
last-modified
Mon, 03 Jun 2024 14:40:13 GMT
server
AmazonS3
etag
"1ef6dd3c4f6cf0dd0c0562dee20e63ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
f2mJZapQ2am-0TSnoj2B72UToIg_h-tXTNqstU8K-MePAUY7IQvXvg==
p
api.segment.io/v1/ 		21 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.226.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-226-67.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://emea.moosend.com
date
Wed, 28 Aug 2024 07:49:59 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ndqwrcxbk31kiit2aymi/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:24:19 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id
aAixXKmCEkR1rfYrRzV2.EPYhnGmH0W2
x-amz-cf-pop
FRA6-C1
age
87940
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Thu, 08 Aug 2024 06:57:13 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
o4whs7lX-orKHW354hLULxu2_3yeXCmsiiZa8977fE7dJU7kx3MUMA==
61242.js
fast.appcues.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/61242.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
3a448ddd6504da9ac28a25dcef4e99daef7fa0d3cf8d14ac6a87b2694cc6ad7a

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
5307
x-request-id
F-_VBPmZ2CVfRG8IPTui
x-served-by
cache-cph2320022-CPH
server
Cowboy
x-timer
S1724831399.056711,VS0,VE682
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
0
js
app.satismeter.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.satismeter.com/js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb76e5756721efbe76ecd449908b40e4d619415e6a6b59151fcc4e236f28e0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=315360000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=315360000
via
kong/3.7.1
cf-cache-status
HIT
content-encoding
br
age
3
x-kong-proxy-latency
0
x-kong-upstream-latency
3
cross-origin-resource-policy
cross-origin
x-kong-request-id
8928a7189bc5d936bfa875511caacf28
x-request-id
208b513c-39dd-4ad2-98d2-848c1fbae92a
server
cloudflare
etag
W/"813e-RUzHTEDkjQcmU4lWYmrkGGe3AfE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8ba2b5341e0071d7-FRA
expires
Wed, 28 Aug 2024 11:49:59 GMT
roundtrip.js
s.adroll.com/j/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
M_2AOfSDCQx2zhzkh6_SJDABrsA.7Kgg
Content-Encoding
gzip
Via
1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
Date
Wed, 28 Aug 2024 06:59:00 GMT
Age
3060
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 22 Aug 2024 15:43:23 GMT
Server
AmazonS3
Etag
W/"8477adc58c3f773d12fe1e360fd6ff0c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
KbIJWhMMecQBUcCDQ7J6TA4DghNSuFiow-It7ca02J6s3SqvBoO5_Q==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
HTTP/1.1
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Wed, 28 Aug 2024 02:47:19 GMT
Via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
Age
18161
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
OYO4LxlnPBCAd5hzIzhZthMWKVDK_jBJeGpq34kMUc81G5yT6oYb9g==

Redirect headers

Date
Tue, 27 Aug 2024 21:54:24 GMT
Via
1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
Age
35734
X-Amz-Cf-Pop
FRA60-P6
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
9wFok8IN3UH2ScgZ8Fa8EO2SJWogQ5fFxh6Ri1U3cPc35AsOKDzdfw==
index.js
s.adroll.com/j/pre/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
dxCQWVvVHVvhwmNXTxM1bqFdd0BrG3I6
Date
Wed, 28 Aug 2024 07:02:03 GMT
Via
1.1 75f70026bed8fa7e14f645c02f074728.cloudfront.net (CloudFront)
Age
2970
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Sat, 24 Aug 2024 11:42:17 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Ad7lDdfOrxVx5xKotdyDp2I4TLOSMaBiSFnUHWpokaJ0a0rr6w5RMQ==
widget
app.satismeter.com/api/ 		0
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.satismeter.com/api/widget
Requested by
Host: frontend-editor.ui.moosend.com
URL: https://frontend-editor.ui.moosend.com/f2fbd3452bd572517f78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=315360000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=315360000
via
kong/3.7.1
cf-cache-status
DYNAMIC
x-kong-proxy-latency
1
x-kong-upstream-latency
24
cross-origin-resource-policy
cross-origin
x-kong-request-id
5a52255dc7d0742323cedf58eb9c2a36
x-request-id
a096ad03-0a6e-484a-bda0-5ce1deef47c2
server
cloudflare
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
access-control-allow-methods
PUT,POST
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cf-ray
8ba2b5361b0937ea-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
QQBVR2SHD5B5BDMBMHKI25
d.adroll.com/consent/check/ 		542 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/QQBVR2SHD5B5BDMBMHKI25?flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&_s=139ba2435a8515e8168f18f035f58780&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
6560609462c69b585f06f804e4e19b615d62b2494056549583cd1f7be6597d08

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
542
content-type
application/javascript
iframe_content.html
x.adroll.com/pxl/ Frame C1AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:cc3:fe0a:16d3:262d:99f9:d03c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://emea.moosend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
ad-auction-allowed
true
content-encoding
zstd
content-length
427
content-type
text/html
date
Wed, 28 Aug 2024 07:49:59 GMT
last-modified
Tue, 27 Aug 2024 21:44:51 GMT
RTBDCG3ZOBGTJNQ3ORI2MV
d.adroll.com/pixel/QQBVR2SHD5B5BDMBMHKI25/ 		548 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/pixel/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&cookie=&adroll_s_ref=&keyw=&p0=1085&xa4=1
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e9106115770844fd84ed794c4777b96317bacc53fd4340ee4aab8809950aef92

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
x-conversion-value
0.00
server
nginx/1.22.1
x-rule
*
x-segment-display-name
Visitors to Unsegmented Pages
x-segment-eid
BZX4AWSO6BFAPAZE5UOGLS
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
RTBDCG3ZOBGTJNQ3ORI2MV
x-rule-type
p
x-segment-name
*
x-advertisable-eid
QQBVR2SHD5B5BDMBMHKI25
content-length
548
x-conversion-currency
RTBDCG3ZOBGTJNQ3ORI2MV
ipv4.d.adroll.com/px4/QQBVR2SHD5B5BDMBMHKI25/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/px4/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&cookie=&adroll_s_ref=&keyw=&p0=1085&xa4=1
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.19.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-19-115.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
42
content-type
image/gif
BZX4AWSO6BFAPAZE5UOGLS.js
s.adroll.com/pixel/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/BZX4AWSO6BFAPAZE5UOGLS.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c8630444709d79ca35281968ac331ee3ce7917dae1dc8fa8759eaf6e7222fa5

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
wjU1MwjnFAPczh2zHqgA9kmDQKHQvXFe
Content-Encoding
gzip
Via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
Date
Wed, 28 Aug 2024 07:02:38 GMT
Age
2970
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 06 Aug 2024 12:50:41 GMT
Server
AmazonS3
Etag
W/"ac1db01afd2a6a1484825c6e7195716f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
VamRQje_2HevH6_C99RDjrqLlNmxfa7ZcghEcUCxH9pUE_ibWC4Xqg==
trigger
x.adroll.com/attribution/ 		2 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=c577268a2f79aef6256e42bcbf1b8b4e&advertisable_eid=QQBVR2SHD5B5BDMBMHKI25&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:cc3:fe0a:7a55:d15d:3e71:35ee Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"17425771214734799875","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"17425771214734799875","filters":{"source_type":["navigation"]}}],"debug_key":"2598951269126440978","debug_reporting":true,"filters":{"0":["QQBVR2SHD5B5BDMBMHKI25"]}}
content-length
2
content-type
text/plain; charset=utf-8
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/BZX4AWSO6BFAPAZE5UOGLS.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Aug 2024 07:49:59 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4283, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
KyIO/mHsYMtnUoq5Akx9VN3AZzpC8mwMGEiN3mjh9JYFUUG8MwIH31i5CFuJqMO0/E8lGdsT/t9ejqdsdw3wUQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sendrolling.js
s.adroll.com/j/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV/BZX4AWSO6BFAPAZE5UOGLS.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding
gzip
Via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
Date
Wed, 28 Aug 2024 07:49:02 GMT
Age
58
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 21 Jun 2023 16:22:01 GMT
Server
AmazonS3
Etag
W/"4a64112c69b3c4b3f104f38d9547a094"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ieFyz9KCPcAFEVCJCujRgwKshMwXKhaXFoVmzsYanuJGV_GIlY2ZRA==
sync
x.bidswitch.net/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewslet...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
HTTP/1.1
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 07:49:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
96
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://d.adroll.com/cm/experian/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewslet...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
99
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnew...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367399
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367399&C=1
43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367399&C=1
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uzpi9z%2BF0TkHjUnx6Q64s4lu7JL2jliwNZeh2UOK4IlqLK6Dvul4a1BrHSSGmSkSs96UPB2Ewp6DpZEjshzngz5mdQ%2BTUdpEKtcjTlqlyS7bUcDiqJUoAb1jfO%2FPT6ZKHWFHwfTL8J48g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8ba2b539f98e2671-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovUeyjb6jgiI1vhojZ6i%2FgPuY8hpqtlyIL%2BH1uuW0ZLk3ObLVRB%2FGIAZe3SZsR5DGGWAFND4LRbKgcbRRZFzpIEHjC8L3j7qkqeld6kWi5mYalA540xCYA%2FanMUDHPICWBv7qxzM2GBwhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367399&C=1
cache-control
no-cache
cf-ray
8ba2b53978f22671-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewslet...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewslet...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
108
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3D...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:00 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
02bb3da379d123e070c6d6106af7c4cb
content-length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3D...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
content-type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewslet...
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
169
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dn...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40552

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
102
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=75040879465.01048&arrfrr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewslet...
  • https://ib.adnxs.com/setuid?entity=172&code=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DM2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DM2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
an-x-request-uuid
1f7c8503-77db-4618-85ff-7e7a97292cee
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.117; 80.255.7.117; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:49:59 GMT
an-x-request-uuid
1bda1941-f0a3-4a73-9629-56658cd87491
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DM2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.117; 80.255.7.117; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
appcues.main.37c675fb5e2bda615a7b768ac06082e017429ff1.js
fast.appcues.com/generic/main/6.2.21/ 		467 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/6.2.21/appcues.main.37c675fb5e2bda615a7b768ac06082e017429ff1.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/61242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4c820d4d48f5dd4f98291113d926cf9b55c7fd1c50cee912c339d1e0061c1f8

Request headers

Referer
https://emea.moosend.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:49:59 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
S1JYEC1MBD3PG01C
age
491694
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
134784
x-amz-id-2
YxiJOl5ssfihC4kRcMvKO9lgnXSd9K6cJMyt5esp86bzzkrIHSd//fPU/xCxc7ZDLBiw6CDhtu+g14KVstbP9Q==
x-served-by
cache-cph2320024-CPH
last-modified
Thu, 22 Aug 2024 14:39:36 GMT
server
AmazonS3
x-timer
S1724831400.864344,VS0,VE0
etag
"a949f1df7eb424928c8d059123ad5a92"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
5918
278738296456258
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/278738296456258?v=2.9.166&r=stable&domain=emea.moosend.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
6aaade5fc7247db39be76ccf7f34cbaaf95d99f4bfcaf390d5f10143080b3eda
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Aug 2024 07:49:59 GMT
document-policy
force-load-at-top
x-fb-server-load
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13155
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=74, mss=1232, tbw=66923, tp=62, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
Xw8FtQYvuE0SGlnYFkuG4Ty9VPmF3q18oRitaFIgJRNejAaHqMDFmGNQNo4QSo09H5VPlyAGrFw0JXXkNveLNQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278738296456258&ev=PageView&dl=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&rl=&if=false&ts=1724831399912&cd[segment_eid]=BZX4AWSO6BFAPAZE5UOGLS&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4125&fbp=fb.1.1724831399911.704638670699985828&ler=empty&cdl=API_unavailable&it=1724831399817&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=10, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Aug 2024 07:50:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=278738296456258&ev=PageView&dl=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&rl=&if=false&ts=1724831399912&cd[segment_eid]=BZX4AWSO6BFAPAZE5UOGLS&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4125&fbp=fb.1.1724831399911.704638670699985828&ler=empty&cdl=API_unavailable&it=1724831399817&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 28 Aug 2024 07:50:00 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408094455827565665", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=137, ullat=0
pragma
no-cache
x-fb-debug
nUpl0l8t4O3Mdi3UrIL53WVhPuZfrmBv2xch6kB+Iy3wRX2qTy+veEHAfFV7e81qgG8KzkKmlGSDsER8lUBlBA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408094455827565665"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
container.37c675fb5e2bda615a7b768ac06082e017429ff1.css
fast.appcues.com/generic/main/6.2.21/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/6.2.21/container.37c675fb5e2bda615a7b768ac06082e017429ff1.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/6.2.21/appcues.main.37c675fb5e2bda615a7b768ac06082e017429ff1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer
https://emea.moosend.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:00 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
9STR8AGJZZSN006D
age
491675
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
iDa35+y2yXs2lmjzdyvdeATyNht4lQAT5JUNBmK/XT483hEQNjsXg9Pc4602ETADxNdjabmbx3s=
x-served-by
cache-cph2320024-CPH
last-modified
Thu, 22 Aug 2024 14:39:36 GMT
server
AmazonS3
x-timer
S1724831400.051028,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
5818
Primary Request login
emea.moosend.com/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Requested by
Host: frontend-editor.ui.moosend.com
URL: https://frontend-editor.ui.moosend.com/c806febeea7f224674e3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.198.161.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-161-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e9fca8f120b8ba986be9c10aed63a5cd52c3e7287031f0200fd65111cacc819c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-length
8571
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 07:50:01 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-apigw-id
dNZ6fHscFiAEcVA=
x-amzn-requestid
9f67d12d-40a7-492f-a877-d60bd887bb75
x-amzn-trace-id
Root=1-66ced6a9-0c9d424b0fc6bcc577ff9684;Parent=63249b037b6ee196;Sampled=0;lineage=1:44f3f008:0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emea.moosend.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Aug 2024 07:50:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
3724007
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26373
x-served-by
cache-fra-eddf8230063-FRA, cache-cph2320038-CPH
x-jsd-version-type
version
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
site.min.css
identity.moosend.com/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.moosend.com/css/site.min.css
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.198.161.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-161-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7e1381dbada073783bdd46365e99d6015ef2a3a3354c52e0f9e5c44db95650d3

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
x-amzn-remapped-content-length
10789
last-modified
Tue, 06 Feb 2024 15:31:39 GMT
etag
"1da591193cf15a5"
x-amzn-requestid
5e71291a-7d1e-4c8b-b199-e4c0e1a478db
x-amzn-trace-id
Root=1-66ced6a9-6653d6296742686d2ed397ba;Parent=07c960d2ac2c01f2;Sampled=0;lineage=1:44f3f008:0
content-type
text/css
accept-ranges
bytes
x-amz-apigw-id
dNZ6gHpWliAEDkg=
content-length
10789
css
fonts.googleapis.com/ 		4 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind%3A300%2C400%2C500%2C700&ver=1.0
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
42ccd327aba73e7b9c683dc0d8dee3e56ce7f58abb5ad705b4f8dda0d90fb91a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 07:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 07:46:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 07:50:01 GMT
css
fonts.googleapis.com/ 		8 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700&ver=1.0
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
acd8905fe971baf49475990716cd2bae599a94fe8b3836d781f35d2224042bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 07:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 06:03:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 07:50:01 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css?ver=1.0
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
280554
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YGSK5MWctC3XSFq1g79euGfPECPEcmyGgcnbjN1zfqcL06jSfdDfHkz778YrvH%2FzUI3f6HD%2Fv%2B7%2BPuq%2BF2276U8GkDUE7Zni95ZHHaH4bXuAHihgcK801C1WBuwl1tpMZh2KitriNyvFS%2FFFReSnAKn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
8ba2b5433e3e2c76-FRA
alt-svc
h3=":443"; ma=86400
login-icon.png
moosend.com/wp-content/uploads/2019/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moosend.com/wp-content/uploads/2019/10/login-icon.png
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34b35ed94c719c988df889402668117cda76aaa8982e09aaacc92a446b3d495

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
cf-cache-status
HIT
age
773455
cf-polished
origFmt=png, origSize=40681
content-disposition
inline; filename="login-icon.webp"
alt-svc
h3=":443"; ma=86400
content-length
19504
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Apr 2022 23:17:41 GMT
server
cloudflare
etag
"626b2095-9ee9"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8ba2b5432e056a77-TXL
logo.svg
cdn.moosend.com/assets/images/
Redirect Chain
  • https://ec1-user-domain-assets.moosend.com/redirect/setting/PlatformDomain/LoginLogo?customDomain=emea.moosend.com&defaultRedirect=https%3A%2F%2Fcdn.moosend.com%2Fassets%2Fimages%2Flogo.svg
  • https://cdn.moosend.com/assets/images/logo.svg
9 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.moosend.com/assets/images/logo.svg
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
HTTP/1.1
Server
2a02:26f0:780::210:a47a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1926e7f194165afce34237818f3241f03766883dda9cb3408f37d94c5899ad26
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; report-uri https://csp-logging.m-operations.com/cspheaders; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.moosend.com *.moostaging.com cdn.transifex.com cdn.segment.com *.adroll.com fast.appcues.com widget.intercom.io www.google-analytics.com app.satismeter.com js.intercomcdn.com ajax.googleapis.com cdn.tiny.cloud social.uploadcare.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com pay.google.com songbird.cardinalcommerce.com songbirdstag.cardinalcommerce.com *.paypal.com kit.fontawesome.com storage.googleapis.com js.pusher.com labs.pathfix.com connect.facebook.net sitecoredelivr.sitecorecloud.io portal-staging.sitecore-staging.cloud portal.sitecorecloud.io; object-src 'none';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; report-uri https://csp-logging.m-operations.com/cspheaders; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.moosend.com *.moostaging.com cdn.transifex.com cdn.segment.com *.adroll.com fast.appcues.com widget.intercom.io www.google-analytics.com app.satismeter.com js.intercomcdn.com ajax.googleapis.com cdn.tiny.cloud social.uploadcare.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com pay.google.com songbird.cardinalcommerce.com songbirdstag.cardinalcommerce.com *.paypal.com kit.fontawesome.com storage.googleapis.com js.pusher.com labs.pathfix.com connect.facebook.net sitecoredelivr.sitecorecloud.io portal-staging.sitecore-staging.cloud portal.sitecorecloud.io; object-src 'none';
Content-Encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload
Date
Wed, 28 Aug 2024 07:50:01 GMT
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
3632
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
Last-Modified
Tue, 23 Jul 2024 11:16:45 GMT
Server
AmazonS3
ETag
W/"653a6822cc4a474e8efa256640cde3ad"
x-frame-options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/svg+xml
x-amz-cf-id
JPQgctA29Mm8XuYtnnSHNE_2C3rChwosdOIYamsS-txg1fB-sb-3zw==

Redirect headers

date
Wed, 28 Aug 2024 07:50:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
0
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
awselb/2.0
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
location
https://cdn.moosend.com/assets/images/logo.svg
x-frame-options
DENY
vary
Accept
access-control-allow-headers
Content-Type
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.7.1/dist/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Aug 2024 07:50:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
2364755
x-jsd-version
3.7.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
29596
x-served-by
cache-fra-etou8220093-FRA
x-jsd-version-type
version
etag
W/"155ed-7khZLR//lS/PBs4LZm7UeFSTr9w"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/3.0.5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/3.0.5/js.cookie.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582cc085dd8fea044917d1efde838e77e845262fd025bbfe0339f808607c81f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
466948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
740
last-modified
Sun, 07 Jan 2024 07:24:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"659a4380-2e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMfV%2Fjf0GfTV2YjbRxnJUWgbUMFe6piI3C3nPLcHL5WrpS68Ij%2BlWYo50u17xTDGVs8K3iqrUtn5r8j8RR1n4OEgmUW50WxfDX6tQ98BNaKdbBFlU7CeH5A1XPt2abxk7WxkvicI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ba2b5445d7e9745-FRA
expires
Mon, 18 Aug 2025 07:50:01 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emea.moosend.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Aug 2024 07:50:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
4949971
x-jsd-version
4.6.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23636
x-served-by
cache-fra-etou8220105-FRA, cache-cph2320038-CPH
x-jsd-version-type
version
etag
W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
site.min.js
identity.moosend.com/js/ 		981 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.moosend.com/js/site.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.198.161.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-161-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8c9414d159b3379bbee2768f43784bb5d86b2922e5fb9ba34ceaa7537143109c

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
x-amzn-remapped-content-length
981
last-modified
Tue, 06 Feb 2024 15:31:39 GMT
etag
"1da591193cf3c55"
x-amzn-requestid
d7a2baa9-8e59-497e-b592-00aede979465
x-amzn-trace-id
Root=1-66ced6a9-4a87af335799b8cf39c020d0;Parent=29e1a58d651b5bf1;Sampled=0;lineage=1:44f3f008:0
content-type
application/javascript
accept-ranges
bytes
x-amz-apigw-id
dNZ6iE9nliAENHA=
content-length
981
live.js
cdn.transifex.com/ 		96 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transifex.com/live.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ac06f0260e4f88ec780156809becb32b9f1b48c87e3c33aa33de77007418395

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
v497APf6s4w5dtCug3rvoXIyLBX8WgGf
content-encoding
gzip
via
1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 00:40:56 GMT
last-modified
Tue, 23 Jul 2024 11:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
25749
x-amz-server-side-encryption
AES256
etag
W/"2ad3d948f864f65b2e25671757bc9df2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
lKjarEr1x4cZeYw9iU4sfpTSoWUpwmRmytC6UFjW8Opq5b-_-oporg==
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f100.1e100.net
Software
GSE /
Resource Hash
476dd34cc54442b0c8c3dec0ce3c59b546a2e1103116bcd8cb179b03f7eb83a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 28 Aug 2024 07:50:01 GMT
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCC) /
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13579323
x-cache
HIT
content-length
6807
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:30 GMT
server
ECAcc (frc/4CCC)
etag
"0b7a471d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
analytics.min.js
cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e59f46752e458cf79bd47a63b72487f295ea574b9108f52c918c07c18f3a09

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
0SONWulHOb6BJvOgxSK3MPOlBS_TnNfd
content-encoding
br
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 07:50:03 GMT
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 29 Jul 2024 22:52:18 GMT
server
AmazonS3
etag
W/"31ba32756328e711722d16768dde9d34"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
M1YHJBgbTTv1TK6Kb8yvNhmaL49Tho3_7eXLJVjpFbSVAegmJlmQKg==
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind%3A300%2C400%2C500%2C700&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:37:35 GMT
x-content-type-options
nosniff
age
173546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16216
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:37:35 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:58:44 GMT
x-content-type-options
nosniff
age
64277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 13:58:44 GMT
5aU19_a8oxmIfJpbERySjQ.woff2
fonts.gstatic.com/s/hind/v16/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind%3A300%2C400%2C500%2C700&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 12:11:27 GMT
x-content-type-options
nosniff
age
70714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16788
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 12:11:27 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css?ver=1.0
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:01 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e6257a726a0cf6ec8c6fec22821c055f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=px8OHpYbFf2VI5Heu8GdyVuGomKk5ccDfzDZo%2F9vE7W7plEP47d08zi9Nx2u69T8X0CyaFzQkTdC19jararlm95vTN%2Br8CUqUkNyljDu5yd%2F%2BRJ97RyBVeEcQ7t2YVePbAaJTsl7oDAoY3qajwvQ0iGf"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8ba2b544accb3649-FRA
alt-svc
h3=":443"; ma=86400
content-length
13552
live.js
cdn.transifex.com/ 		96 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transifex.com/live.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ac06f0260e4f88ec780156809becb32b9f1b48c87e3c33aa33de77007418395

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
v497APf6s4w5dtCug3rvoXIyLBX8WgGf
content-encoding
gzip
via
1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 00:40:56 GMT
last-modified
Tue, 23 Jul 2024 11:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
25749
x-amz-server-side-encryption
AES256
etag
W/"2ad3d948f864f65b2e25671757bc9df2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
lKjarEr1x4cZeYw9iU4sfpTSoWUpwmRmytC6UFjW8Opq5b-_-oporg==
manifest.jsonp
cdn.transifex.com/335c3f8151ef4e9ab927d1cc9a207259/latest/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.transifex.com/335c3f8151ef4e9ab927d1cc9a207259/latest/manifest.jsonp
Requested by
Host: cdn.transifex.com
URL: https://cdn.transifex.com/live.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cd3320b555d3e7bfa0b71698ce6fbff0a0d0b3ffb2f612f9bb53c01767179d0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 15:45:14 GMT
x-amz-version-id
null
via
1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
last-modified
Wed, 24 Mar 2021 13:33:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
57888
etag
"58dab7ba7a1ee9f8b3c11ee6dd4d321f"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
747
x-amz-cf-id
HOgDEhpTQ7l19qk1VcN8L253fu2ED3jchSzPkIcQGZ11xrK0idR3jw==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
Origin
https://emea.moosend.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Aug 2025 07:11:59 GMT
integration
telemetry.svc.transifex.net/live/ 		30 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetry.svc.transifex.net/live/integration
Requested by
Host: cdn.transifex.com
URL: https://cdn.transifex.com/live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.183.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-183-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7dbea0062e5c176468cb3f86519df0fed69432a59a01b2dab85043f9b45d6664

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Aug 2024 07:50:01 GMT
etag
W/"1e-GPKVsaTKBS5s/s17MlmchlMue8Y"
content-length
30
vary
Accept-Encoding
content-type
application/json; charset=utf-8
settings
cdn.segment.com/v1/projects/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/ 		940 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a284a6fe3056d4d9c55643b4be8e25e38fa1c3c64fbf63b034a0058275b07d12

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
lMXmBgPfnpDR9qYCP74AfNEYvXeixEq6
date
Wed, 28 Aug 2024 07:08:33 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
8412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
940
last-modified
Fri, 26 Jul 2024 13:27:07 GMT
server
AmazonS3
etag
"2f8c477a501cc0774d82788bbca3ebd8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
oJoqiEeZlStx_aO-PnsS00ONFDStCCc0h0vhJxh7tJhWaPQ72oWgxA==
logo.png
cdn.moosend.com/assets/images/icons/
Redirect Chain
  • https://ec1-user-domain-assets.moosend.com/redirect/setting/PlatformDomain/Favicon?customDomain=emea.moosend.com&defaultRedirect=https%3A%2F%2Fcdn.moosend.com%2Fassets%2Fimages%2Ficons%2Flogo.png
  • https://cdn.moosend.com/assets/images/icons/logo.png
4 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.moosend.com/assets/images/icons/logo.png
Protocol
HTTP/1.1
Server
2a02:26f0:780::210:a47a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c24c00b544a3c306c39b275586db8fdae56b7e61f585a6527a2fd87f427e6bbe
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; report-uri https://csp-logging.m-operations.com/cspheaders; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.moosend.com *.moostaging.com cdn.transifex.com cdn.segment.com *.adroll.com fast.appcues.com widget.intercom.io www.google-analytics.com app.satismeter.com js.intercomcdn.com ajax.googleapis.com cdn.tiny.cloud social.uploadcare.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com pay.google.com songbird.cardinalcommerce.com songbirdstag.cardinalcommerce.com *.paypal.com kit.fontawesome.com storage.googleapis.com js.pusher.com labs.pathfix.com connect.facebook.net sitecoredelivr.sitecorecloud.io portal-staging.sitecore-staging.cloud portal.sitecorecloud.io; object-src 'none';
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; report-uri https://csp-logging.m-operations.com/cspheaders; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.moosend.com *.moostaging.com cdn.transifex.com cdn.segment.com *.adroll.com fast.appcues.com widget.intercom.io www.google-analytics.com app.satismeter.com js.intercomcdn.com ajax.googleapis.com cdn.tiny.cloud social.uploadcare.com js.braintreegateway.com assets.braintreegateway.com www.paypalobjects.com *.paypal.com pay.google.com songbird.cardinalcommerce.com songbirdstag.cardinalcommerce.com *.paypal.com kit.fontawesome.com storage.googleapis.com js.pusher.com labs.pathfix.com connect.facebook.net sitecoredelivr.sitecorecloud.io portal-staging.sitecore-staging.cloud portal.sitecorecloud.io; object-src 'none';
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
Date
Wed, 28 Aug 2024 07:50:02 GMT
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
4283
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
Last-Modified
Tue, 23 Jul 2024 11:15:33 GMT
Server
AmazonS3
ETag
"3bb3ccf3ba576660f0750aa78a880f2e"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
x-amz-cf-id
cAEskqGYIWatl0SrVv7Az6dfCUscYMlCnnN_zBwevPHkxN1QESWtjg==

Redirect headers

date
Wed, 28 Aug 2024 07:50:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
0
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
awselb/2.0
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
location
https://cdn.moosend.com/assets/images/icons/logo.png
x-frame-options
DENY
vary
Accept
access-control-allow-headers
Content-Type
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:52 GMT
x-amz-version-id
y1rPlIgvelxNE1YxH.dn4iIroP2Pnn0U
content-encoding
br
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5571126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
ojMK0R5xJsU3RYu2E3oK1k4yuHXpDPmaWaqwwUG-vShMea6Kk_WLkw==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:54 GMT
x-amz-version-id
fFM2.Q5O21tbOz6I0BWTT24IeUb4pa6L
content-encoding
br
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5571125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
9jNh9yd4UHq6VKjP81RbGRGavmwnUxJkvxaG0yodBgW72-YLH8VOQw==
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:18:46 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id
bdsEH.0LgrjWd4kHDEZQV0GazYAEKsCs
x-amz-cf-pop
FRA6-C1
age
714677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1343
last-modified
Thu, 08 Aug 2024 06:57:15 GMT
server
AmazonS3
etag
"a2b1aa1a0e402b1f891c929f94449d47"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
2Wz60f8wFk3U0Gwq_c86zG9VTdbnE--0k2GBu-PrDGzvsQR4hY7hgg==
p
api.segment.io/v1/ 		21 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.226.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-226-67.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://emea.moosend.com
date
Wed, 28 Aug 2024 07:50:02 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/pFMBtwdIz8t7YUuiJWilOvvkRqcURaJm/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:24:19 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id
aAixXKmCEkR1rfYrRzV2.EPYhnGmH0W2
x-amz-cf-pop
FRA6-C1
age
87940
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Thu, 08 Aug 2024 06:57:13 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
o4whs7lX-orKHW354hLULxu2_3yeXCmsiiZa8977fE7dJU7kx3MUMA==
gtm.js
www.googletagmanager.com/ 		258 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVRCBPX&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5423b0c448c69c60ffc98a2012fcf579cb9686e333764fb7c07c4bfcb9157510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90834
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Aug 2024 07:50:02 GMT
js
www.googletagmanager.com/gtag/ 		322 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9ESR66045V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVRCBPX&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e725e221babbdec49b5bc9bee36a033beffc46366527c53d9035960432ebe63f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Aug 2024 07:50:02 GMT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVRCBPX&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
420.js
tracking.g2crowd.com/attribution_tracking/conversions/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/420.js?p=https://emea.moosend.com/login?returnTo=%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&e=
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f1252a259cdde9dca5e462fd9e1f51db9df87af2e9dd679e999b8aec412ce0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-disposition
inline
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
cf-ray
8ba2b54aaf3c383a-FRA
roundtrip.js
s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/roundtrip.js
Requested by
Host: emea.moosend.com
URL: https://emea.moosend.com/design/cityam.com?utm_source=newsletter&utm_medium=email&utm_campaign=Kallist+Cosmetics&cmid=8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65c99247ce3e1433e6fc10496eba80709723309cda5314afa081ebfdb61eda3e

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
2z_TiZb7PDSsX6.M57VxjFhxoGis0yC8
Content-Encoding
gzip
Via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
Date
Wed, 28 Aug 2024 07:13:41 GMT
Age
2697
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 25 Aug 2024 12:22:53 GMT
Server
AmazonS3
Etag
W/"ae4cac2a04cc7a9dfc0e43d9ac290055"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
EhXRWKpIHEFYeSklghm7uLxsHagtf3eJ1VQzwj8Rv51fg7v4-OzwWA==
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9ESR66045V&gtm=45je48q0v892318857z8831043346za200zb831043346&_p=1724831402299&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1119881989.1724831403&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724831402&sct=1&seg=0&dl=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&dr=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&dt=Log%20in%20%7C%20Moosend&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1501
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ESR66045V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://emea.moosend.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9ESR66045V&cid=1119881989.1724831403&gtm=45je48q0v892318857z8831043346za200zb831043346&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ESR66045V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://emea.moosend.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9ESR66045V&cid=1119881989.1724831403&gtm=45je48q0v892318857z8831043346za200zb831043346&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=627667135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
pixel-config.reddit.com/pixels/a2_f87qdt9nino7/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_f87qdt9nino7/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
a2_f87qdt9nino7_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_f87qdt9nino7_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1724831402695&id=a2_f87qdt9nino7&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=ed40e4d9-dd90-49a9-992d-6bb3ad6c6cdc&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
assign
tracking.g2crowd.com/attribution_tracking/conversions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emea.moosend.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8ba2b54bac78d20a-FRA
date
Wed, 28 Aug 2024 07:50:02 GMT
server
cloudflare
assign
tracking.g2crowd.com/attribution_tracking/conversions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/420.js?p=https://emea.moosend.com/login?returnTo=%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Aug 2024 07:50:03 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
00ec7b7a-d271-4b37-ade9-2fdd0e49f20e
x-runtime
0.003077
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
OPTIONS, POST
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-cache
x-frame-options
SAMEORIGIN
cf-ray
8ba2b54c9d5dd20a-FRA
vary
Origin
QQBVR2SHD5B5BDMBMHKI25
d.adroll.com/consent/check/ 		592 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/QQBVR2SHD5B5BDMBMHKI25?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&_s=a2d967c8f5c34370a73cd585bb531fdb&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
37c4b0094272ea94930a95736d940cbaa9ba3f712db70d391bb2f9f7ee3c0af4

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
592
content-type
application/javascript
iframe_content.html
x.adroll.com/pxl/ Frame F481 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:cc3:fe0a:16d3:262d:99f9:d03c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://emea.moosend.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
ad-auction-allowed
true
content-encoding
zstd
content-length
427
content-type
text/html
date
Wed, 28 Aug 2024 07:50:02 GMT
last-modified
Tue, 27 Aug 2024 21:44:51 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/roundtrip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Aug 2024 07:49:59 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4283, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
KyIO/mHsYMtnUoq5Akx9VN3AZzpC8mwMGEiN3mjh9JYFUUG8MwIH31i5CFuJqMO0/E8lGdsT/t9ejqdsdw3wUQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sendrolling.js
s.adroll.com/j/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:4000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding
gzip
Via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
Date
Wed, 28 Aug 2024 07:49:02 GMT
Age
58
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Last-Modified
Wed, 21 Jun 2023 16:22:01 GMT
Server
AmazonS3
Etag
W/"4a64112c69b3c4b3f104f38d9547a094"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ieFyz9KCPcAFEVCJCujRgwKshMwXKhaXFoVmzsYanuJGV_GIlY2ZRA==
RTBDCG3ZOBGTJNQ3ORI2MV
d.adroll.com/segment/QQBVR2SHD5B5BDMBMHKI25/ 		42 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&cookie=QQBVR2SHD5B5BDMBMHKI25%3A1%7CRTBDCG3ZOBGTJNQ3ORI2MV%3A1%7CBZX4AWSO6BFAPAZE5UOGLS%3A1&adroll_s_ref=https%3A//emea.moosend.com/design/cityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist+Cosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&keyw=&p0=1291&adroll_external_data=&xa4=1&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/QQBVR2SHD5B5BDMBMHKI25/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
x-attribution-url
https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3Dc577268a2f79aef6256e42bcbf1b8b4e%26advertisable_eid%3DQQBVR2SHD5B5BDMBMHKI25%26conversion_type%3DPageView%26conversion_value%3D0.0%26currency%3DUSC%26flg%3D1%26pv%3D87372722432.17659%26arrfrr%3Dhttps%253A%252F%252Femea.moosend.com%252Flogin%253FreturnTo%253D%25252Fdesign%25252Fcityam.com%25253Futm_source%25253Dnewsletter%252526utm_medium%25253Demail%252526utm_campaign%25253DKallist%25252BCosmetics%252526cmid%25253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
x-segment-display-name
Login
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
b
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*/login*
x-segment-eid
COHNO2RSCVG5JMKN4HOGJ6
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
https://emea.moosend.com
access-control-expose-headers
X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
RTBDCG3ZOBGTJNQ3ORI2MV
x-organization-eid
CQ5AIYFB5JCGBJNJNF64FS
access-control-allow-headers
Content-Type, *
x-advertisable-eid
QQBVR2SHD5B5BDMBMHKI25
x-conversion-currency
x-segment-name
38710ba9
sync
x.bidswitch.net/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam....
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Protocol
HTTP/1.1
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 28 Aug 2024 07:50:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=44&user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
96
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://d.adroll.com/cm/experian/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252F...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 28 Aug 2024 07:50:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam....
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PZ7VrrU-0XkYCPQtMAAlRQ
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
99
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcit...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367402
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367402
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFFjrowa1JAgDb5uLgoxz6xbE0PM4n%2FtAXmsyVnYouXSm2Vd5uzZtt56TyMYrbkG1GJVY1Vk4KouHTPnuloERRww88Oyu3MOU6bp95aNzxBD6ISgGAMi3w6y8n6kH22BqDo2BKvFiA9Y0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8ba2b54bf8412675-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expiration=1756367402
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
139
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&advertisable=QQBVR2SHD5B5BDMBMHKI25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam....
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&expires=365
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam....
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d9ed5aeb53ed1791808f42d30002545&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
108
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252F...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
ee461ed83e9f4706e1996984f7272c19
content-length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=&us_privacy=1---
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252F...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
content-type
image/gif; charset=utf-8

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam....
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
1
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
169
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fc...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40657

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%25...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4714&xuid=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&dongle=c85e
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
102
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam....
  • https://ib.adnxs.com/setuid?entity=172&code=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=172&code=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
an-x-request-uuid
7a9b2449-a8b6-41be-afc3-8c296a2f69f2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.117; 80.255.7.117; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=172&code=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
pragma
no-cache
date
Wed, 28 Aug 2024 07:50:02 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
93
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
RTBDCG3ZOBGTJNQ3ORI2MV
ipv4.d.adroll.com/seg4/QQBVR2SHD5B5BDMBMHKI25/ 		42 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/seg4/QQBVR2SHD5B5BDMBMHKI25/RTBDCG3ZOBGTJNQ3ORI2MV?adroll_fpc=c577268a2f79aef6256e42bcbf1b8b4e-1724831399553&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&cookie=QQBVR2SHD5B5BDMBMHKI25%3A1%7CRTBDCG3ZOBGTJNQ3ORI2MV%3A1%7CBZX4AWSO6BFAPAZE5UOGLS%3A1&adroll_s_ref=https%3A//emea.moosend.com/design/cityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist+Cosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&keyw=&p0=1291&adroll_external_data=&xa4=1&adroll_version=2.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.19.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-19-115.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
x-segment-display-name
Login
x-rule-type
b
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*/login*
x-segment-eid
COHNO2RSCVG5JMKN4HOGJ6
content-type
image/gif
access-control-allow-origin
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
RTBDCG3ZOBGTJNQ3ORI2MV
x-segment-name
38710ba9
access-control-allow-headers
*
x-advertisable-eid
QQBVR2SHD5B5BDMBMHKI25
x-conversion-currency
trigger
x.adroll.com/attribution/ 		2 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=c577268a2f79aef6256e42bcbf1b8b4e&advertisable_eid=QQBVR2SHD5B5BDMBMHKI25&conversion_type=PageView&conversion_value=0.0&currency=USC&flg=1&pv=87372722432.17659&arrfrr=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:cc3:fe0a:7a55:d15d:3e71:35ee Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:50:02 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"3590251858509507060","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"3590251858509507060","filters":{"source_type":["navigation"]}}],"debug_key":"16872467569587025472","debug_reporting":true,"filters":{"0":["QQBVR2SHD5B5BDMBMHKI25"]}}
content-length
2
content-type
text/plain; charset=utf-8
278738296456258
connect.facebook.net/signals/config/ 		64 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/278738296456258?v=2.9.166&r=stable&domain=emea.moosend.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
6aaade5fc7247db39be76ccf7f34cbaaf95d99f4bfcaf390d5f10143080b3eda
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Aug 2024 07:49:59 GMT
document-policy
force-load-at-top
x-fb-server-load
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13155
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=74, mss=1232, tbw=66923, tp=62, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
Xw8FtQYvuE0SGlnYFkuG4Ty9VPmF3q18oRitaFIgJRNejAaHqMDFmGNQNo4QSo09H5VPlyAGrFw0JXXkNveLNQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278738296456258&ev=PageView&dl=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&rl=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&if=false&ts=1724831402895&cd[segment_eid]=COHNO2RSCVG5JMKN4HOGJ6&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4125&fbp=fb.1.1724831399911.704638670699985828&ler=empty&cdl=API_unavailable&it=1724831402888&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=6430, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Aug 2024 07:50:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=278738296456258&ev=PageView&dl=https%3A%2F%2Femea.moosend.com%2Flogin%3FreturnTo%3D%252Fdesign%252Fcityam.com%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DKallist%252BCosmetics%2526cmid%253D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&rl=https%3A%2F%2Femea.moosend.com%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8&if=false&ts=1724831402895&cd[segment_eid]=COHNO2RSCVG5JMKN4HOGJ6&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4125&fbp=fb.1.1724831399911.704638670699985828&ler=empty&cdl=API_unavailable&it=1724831402888&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://emea.moosend.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 28 Aug 2024 07:50:02 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408094463683807223", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=6599, tp=-1, tpl=-1, uplat=39, ullat=0
pragma
no-cache
x-fb-debug
A5eaiocjP4aN4/sae2LJiIXOrFcmSfkkTHQSJ7hUrLnUkfWg+KhN6nOdglLU8kLZjFk0pIHXU4QrrA73K6C7kw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408094463683807223"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| analytics function| $ function| jQuery object| Cookies object| bootstrap function| getSearchParams function| GetQVars function| getUrlVars object| liveSettings object| Transifex function| transifex_manifest function| passwordTypeToggler object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| google-tag-managerDeps function| google-tag-managerLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| google-tag-managerIntegration object| dataLayer object| google_tag_manager object| google_tag_data function| rdt function| initLandbot string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| adroll_custom_data function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| onYouTubeIframeAPIReady object| gaGlobal function| redditNormalizeEmail object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track function| __adroll_idem0 string| adroll_seg_eid string| adroll_rule_type

27 Cookies

Domain/Path Name / Value
.moosend.com/ Name: ajs_anonymous_id
Value: d9547d89-27f9-4065-995c-2e7f276cc7c0
.satismeter.com/ Name: __cf_bm
Value: dCJBGHcLcLTodvrYenyAxpezsdDAjjVR7_KIYJXeI00-1724831399-1.0.1.1-Z7rOo_lFnUMdlnZ38y2uqW41IgsIy2Zrcgjx5_eoWyoKBgQCoTaalKVKq3lHz5NgrN4jc3Cj3FuDB8.Aw7FkBg
.d.adroll.com/ Name: __adroll
Value: 3d9ed5aeb53ed1791808f42d30002545-a_1724831399
.d.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: __adroll_shared
Value: 3d9ed5aeb53ed1791808f42d30002545-a_1724831399
.moosend.com/ Name: __adroll_fpc
Value: c577268a2f79aef6256e42bcbf1b8b4e-1724831399553
x.adroll.com/ Name: ar_debug
Value: 1
.moosend.com/ Name: _fbp
Value: fb.1.1724831399911.704638670699985828
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&KRTB&22883-M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&KRTB&23504-M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU&KRTB&23615-M2Q5ZWQ1YWViNTNlZDE3OTE4MDhmNDJkMzAwMDI1NDU
.adnxs.com/ Name: XANDR_PANID
Value: mqtItjFiv3NsqwJQPQ-MnRisHeKMpKwLC9S1qNFPKULumYRW9Uqvaxrlj3LQV-XyEaDBk1thPDs6EaB66D-luSYzthZRLGS_0SZsieNzLX8.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 554531733944587422
.casalemedia.com/ Name: CMID
Value: Zs7Wp7mqPe8AAEKiADiLTgAA
.casalemedia.com/ Name: CMPS
Value: 5298
.casalemedia.com/ Name: CMPRO
Value: 5298
emea.moosend.com/ Name: .AspNetCore.Antiforgery.AsW4q1BB7-Y
Value: CfDJ8Ms7cGJsa6VJmdjj87wRddjrHfBslZSmMlf8204zxPSeqKPrM2PDNJkTQ8b_hrCvDzFSJNNce30PzPE0OyzxwR4mcTSjJh9SmV7V1A3PsWZwipU90YASNjHeLlr-3Xn0_eXHoPFc5CHa7ypSxgyRm5g
.moosend.com/ Name: _ga
Value: GA1.1.1119881989.1724831403
.moosend.com/ Name: _ga_9ESR66045V
Value: GS1.1.1724831402.1.0.1724831402.60.0.0
.moosend.com/ Name: _rdt_uuid
Value: 1724831402694.ed40e4d9-dd90-49a9-992d-6bb3ad6c6cdc
.g2crowd.com/ Name: __cf_bm
Value: 7dVtGHcbsWa.yAjz_NZsR3kFYeifFi6a3uijfMtg4vQ-1724831402-1.0.1.1-qLyY92JKG2k72yWa1mz2fY37JzgbCkb2BwLfv52fQigWMcAEasOLj77gL_Q0rZCq7h1_aHgw3VhYIQHb6nwRkA
.emea.moosend.com/ Name: __ar_v4
Value: BZX4AWSO6BFAPAZE5UOGLS%3A20240827%3A1%7CRTBDCG3ZOBGTJNQ3ORI2MV%3A20240827%3A2%7CQQBVR2SHD5B5BDMBMHKI25%3A20240827%3A2
.pubmatic.com/ Name: PugT
Value: 1724831402
.tapad.com/ Name: TapAd_TS
Value: 1724831402887
.tapad.com/ Name: TapAd_DID
Value: b87a0c84-999b-473b-90d6-7575cf34499d
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2E?kk!iW$!]tbG8i_ipexoDI?dHttYLr?/s6Js7sCBY%(ESde*O^/L(9FRTUb/39*Y'_71e_V>*NiGdUZe98GRob/TD._*PlZ[C[-kX-3sPF5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://emea.moosend.com/login?returnTo=%2Fdesign%2Fcityam.com%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DKallist%2BCosmetics%26cmid%3D8f1ec8ed-a090-402b-89a8-1066b98b3fc8
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
alb.reddit.com
api.segment.io
app.satismeter.com
cdn.jsdelivr.net
cdn.moosend.com
cdn.segment.com
cdn.transifex.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
ec1-user-domain-assets.moosend.com
emea.moosend.com
emea.msnd33.com
fast.appcues.com
fonts.googleapis.com
fonts.gstatic.com
frontend-editor.ui.moosend.com
ib.adnxs.com
identity.moosend.com
image2.pubmatic.com
ipv4.d.adroll.com
maxcdn.bootstrapcdn.com
moosend.com
pixel-config.reddit.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
s.adroll.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
telemetry.svc.transifex.net
tracking.g2crowd.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
x.adroll.com
x.bidswitch.net
pixel.tapad.com
104.17.24.14
104.18.11.207
104.18.36.155
141.193.213.20
141.226.228.48
142.250.181.227
142.250.184.194
142.250.186.42
151.101.1.140
151.101.193.229
151.101.65.140
152.199.19.160
157.240.0.6
172.217.18.100
18.198.161.41
18.244.18.5
18.245.46.103
185.64.191.210
185.89.211.116
2001:4860:4802:34::36
2600:9000:2644:4000:6:9280:1080:93a1
2606:4700:3037::ac43:8ef5
2606:4700::6812:1fb0
2606:4700::6812:213
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
2a00:1450:400c:c0d::9d
2a02:26f0:780::210:a47a
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::622
2a04:4e42::396
2a04:4e42::485
2a05:d018:cc3:fe04:8522:577c:b5a5:d3d6
2a05:d018:cc3:fe0a:16d3:262d:99f9:d03c
2a05:d018:cc3:fe0a:7a55:d15d:3e71:35ee
3.71.149.231
3.75.71.96
34.111.113.62
34.251.183.232
35.166.226.67
35.214.149.91
35.244.159.8
54.74.19.115
64.202.112.159
69.173.144.139
76.223.111.18
99.86.8.175
0ac06f0260e4f88ec780156809becb32b9f1b48c87e3c33aa33de77007418395
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10e59f46752e458cf79bd47a63b72487f295ea574b9108f52c918c07c18f3a09
127c316fb915284aa12468ce4706291076d4375bce50d1a6f9974715182fe185
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
1926e7f194165afce34237818f3241f03766883dda9cb3408f37d94c5899ad26
1a42f5583b68a1816c0f5cd2cf83264499334671d2ed15609c342e7fa7805376
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
29856e7fe690d5a6b05af509153f72bf35a016be285f8e204209901c7183757a
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
37c4b0094272ea94930a95736d940cbaa9ba3f712db70d391bb2f9f7ee3c0af4
399793d096e7c8cdfda6ff4d4b7b70949ce1eb3141333ad75eeeb5382544c917
3a448ddd6504da9ac28a25dcef4e99daef7fa0d3cf8d14ac6a87b2694cc6ad7a
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cb76e5756721efbe76ecd449908b40e4d619415e6a6b59151fcc4e236f28e0b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42ccd327aba73e7b9c683dc0d8dee3e56ce7f58abb5ad705b4f8dda0d90fb91a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
46be4c132a98b553f6be5f57274731e39217b2783a6478cf6c9adc0b4e9f80c0
476dd34cc54442b0c8c3dec0ce3c59b546a2e1103116bcd8cb179b03f7eb83a4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b654176a52866cd625bd09c3b725fceead1372f8124eff2f7b24faf2bba92c6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5423b0c448c69c60ffc98a2012fcf579cb9686e333764fb7c07c4bfcb9157510
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582cc085dd8fea044917d1efde838e77e845262fd025bbfe0339f808607c81f6
6056cfa6b34fa87b9198c2aa662d8a234ee02781074407d2bba92df112aeb950
6560609462c69b585f06f804e4e19b615d62b2494056549583cd1f7be6597d08
65c99247ce3e1433e6fc10496eba80709723309cda5314afa081ebfdb61eda3e
6669e7413fb9334a7ef5662dace6bf7ef124b85cc1d69761cbdf6b2da4696608
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6a94adf989cb95838d6002d0ddf16ceb7f6bebff7d2fcd7c27bf37bd7074f0a6
6aaade5fc7247db39be76ccf7f34cbaaf95d99f4bfcaf390d5f10143080b3eda
7c8630444709d79ca35281968ac331ee3ce7917dae1dc8fa8759eaf6e7222fa5
7cd3320b555d3e7bfa0b71698ce6fbff0a0d0b3ffb2f612f9bb53c01767179d0
7dbea0062e5c176468cb3f86519df0fed69432a59a01b2dab85043f9b45d6664
7e1381dbada073783bdd46365e99d6015ef2a3a3354c52e0f9e5c44db95650d3
7e7cf5423996cb33fa1d00f046eb950cd15eca51e98b542bb9f067ab7e68d4f6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8c9414d159b3379bbee2768f43784bb5d86b2922e5fb9ba34ceaa7537143109c
95f1252a259cdde9dca5e462fd9e1f51db9df87af2e9dd679e999b8aec412ce0
9a28fbd83030e21074108ceb994fb32a4682e0ce8655d752e3ce409a710bc990
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
a284a6fe3056d4d9c55643b4be8e25e38fa1c3c64fbf63b034a0058275b07d12
a4c820d4d48f5dd4f98291113d926cf9b55c7fd1c50cee912c339d1e0061c1f8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
acd8905fe971baf49475990716cd2bae599a94fe8b3836d781f35d2224042bb2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
badbd8c32b82f320168846b742fd3cf2023512c7119e046764e33a714a46f27e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c24c00b544a3c306c39b275586db8fdae56b7e61f585a6527a2fd87f427e6bbe
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
c34b35ed94c719c988df889402668117cda76aaa8982e09aaacc92a446b3d495
c37c3c48e08e3f45df82a38bdaf298b063254cd6d6b0022c060d9df8c4236c8f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
d2e4537e92ee06780895bca5b7c31216e42b5bf36a2b79b67b63c129f2725c89
d47630ee905ec0af654a1fa4bb9520c21e50313ae7e6f67bd95273fb40a80a03
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50a267b59a93212ffdd807f6c73ce74a1ff4ed6c2dc719469b949f656040f26
e725e221babbdec49b5bc9bee36a033beffc46366527c53d9035960432ebe63f
e9106115770844fd84ed794c4777b96317bacc53fd4340ee4aab8809950aef92
e9fca8f120b8ba986be9c10aed63a5cd52c3e7287031f0200fd65111cacc819c
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a