xincarning.cyou Open in urlscan Pro
104.21.20.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xincarning.cyou/
Submission: On December 26 via api (December 26th 2023, 7:47:05 am UTC) from US — Scanned from US

Summary HTTP 327 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 95 IPs in 6 countries across 83 domains to perform 327 HTTP transactions. The main IP is 104.21.20.61, located in and belongs to CLOUDFLARENET, US. The main domain is xincarning.cyou.
TLS certificate: Issued by GTS CA 1P5 on December 25th 2023. Valid for: 3 months.

This is the only time xincarning.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	104.21.20.61 104.21.20.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.102.6 99.86.102.6	16509 (AMAZON-02) (AMAZON-02)
3	172.217.13.168 172.217.13.168	15169 (GOOGLE) (GOOGLE)
35	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
5	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
9	104.18.3.187 104.18.3.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
8	99.86.74.50 99.86.74.50	16509 (AMAZON-02) (AMAZON-02)
12	18.160.172.87 18.160.172.87	16509 (AMAZON-02) (AMAZON-02)
1	34.98.105.146 34.98.105.146	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	104.16.228.60 104.16.228.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
28	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.14.69 104.26.14.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
7	18.160.172.47 18.160.172.47	16509 (AMAZON-02) (AMAZON-02)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	99.86.74.17 99.86.74.17	16509 (AMAZON-02) (AMAZON-02)
4	172.217.13.142 172.217.13.142	15169 (GOOGLE) (GOOGLE)
4	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	23.56.163.9 23.56.163.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	156.146.36.24 156.146.36.24	60068 (CDN77 ^_^) (CDN77 ^_^)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
5	23.44.203.147 23.44.203.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	172.217.13.138 172.217.13.138	15169 (GOOGLE) (GOOGLE)
2	172.217.13.110 172.217.13.110	15169 (GOOGLE) (GOOGLE)
4	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
2	35.190.88.7 35.190.88.7	15169 (GOOGLE) (GOOGLE)
3	13.249.59.47 13.249.59.47	16509 (AMAZON-02) (AMAZON-02)
3 5	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
8	52.45.196.192 52.45.196.192	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.13.196 172.217.13.196	15169 (GOOGLE) (GOOGLE)
1	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
2	99.86.102.24 99.86.102.24	16509 (AMAZON-02) (AMAZON-02)
3	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	99.86.74.77 99.86.74.77	16509 (AMAZON-02) (AMAZON-02)
1	99.86.102.82 99.86.102.82	16509 (AMAZON-02) (AMAZON-02)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.249.59.91 13.249.59.91	16509 (AMAZON-02) (AMAZON-02)
1	99.86.74.26 99.86.74.26	16509 (AMAZON-02) (AMAZON-02)
1	172.217.13.211 172.217.13.211	15169 (GOOGLE) (GOOGLE)
1	18.160.168.189 18.160.168.189	16509 (AMAZON-02) (AMAZON-02)
1	74.119.119.142 74.119.119.142	19750 (AS-CRITEO) (AS-CRITEO)
2	185.146.173.20 185.146.173.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.34.136 52.92.34.136	16509 (AMAZON-02) (AMAZON-02)
5	104.18.18.95 104.18.18.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.93.146 35.190.93.146	15169 (GOOGLE) (GOOGLE)
3 3	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
1 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
3 5	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
5 6	54.80.169.49 54.80.169.49	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.204.77.239 52.204.77.239	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
1	23.47.168.66 23.47.168.66	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	135.148.2.56 135.148.2.56	16276 (OVH) (OVH)
2	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.51.57.155 23.51.57.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
3 5	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2	23.44.201.172 23.44.201.172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.130.164.37 3.130.164.37	16509 (AMAZON-02) (AMAZON-02)
1	23.216.137.114 23.216.137.114	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 2	3.225.250.255 3.225.250.255	14618 (AMAZON-AES) (AMAZON-AES)
3 3	3.222.179.146 3.222.179.146	14618 (AMAZON-AES) (AMAZON-AES)
2 2	99.86.102.75 99.86.102.75	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.22.5.155 52.22.5.155	14618 (AMAZON-AES) (AMAZON-AES)
1	54.165.111.121 54.165.111.121	14618 (AMAZON-AES) (AMAZON-AES)
2	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.84.89.113 54.84.89.113	14618 (AMAZON-AES) (AMAZON-AES)
1	34.231.181.97 34.231.181.97	14618 (AMAZON-AES) (AMAZON-AES)
1	18.160.172.46 18.160.172.46	16509 (AMAZON-02) (AMAZON-02)
1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1 2	35.168.167.152 35.168.167.152	14618 (AMAZON-AES) (AMAZON-AES)
4	172.217.13.202 172.217.13.202	15169 (GOOGLE) (GOOGLE)
1	18.160.172.92 18.160.172.92	16509 (AMAZON-02) (AMAZON-02)
2	3.5.66.104 3.5.66.104	16509 (AMAZON-02) (AMAZON-02)
2	3.92.154.249 3.92.154.249	14618 (AMAZON-AES) (AMAZON-AES)
1	172.67.145.63 172.67.145.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.74.44 99.86.74.44	16509 (AMAZON-02) (AMAZON-02)
1	34.149.60.135 34.149.60.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.83.118 99.86.83.118	16509 (AMAZON-02) (AMAZON-02)
1	18.160.172.101 18.160.172.101	16509 (AMAZON-02) (AMAZON-02)
2	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
6	216.239.32.53 216.239.32.53	15169 (GOOGLE) (GOOGLE)
11 18	34.232.35.199 34.232.35.199	14618 (AMAZON-AES) (AMAZON-AES)
2	34.107.236.171 34.107.236.171	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.16.123.96 104.16.123.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
327	95

39 104.21.20.61 (None, )

ASN13335 (CLOUDFLARENET, US)

xincarning.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.102.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-6.iah50.r.cloudfront.net

shopify-init.blackcrow.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.nililotan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nili-lotan.myshopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.3.187 (None, )

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

tracking-cdn.figpii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking-settings.figpii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.74.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-74-50.iah50.r.cloudfront.net

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.160.172.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-172-87.iah50.r.cloudfront.net

snapui.searchspring.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.105.146 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 146.105.98.34.bc.googleusercontent.com

app-script.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.228.60 (None, )

ASN13335 (CLOUDFLARENET, US)

crossborder-integration.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webservices.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.227.60.200 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.14.69 (None, )

ASN13335 (CLOUDFLARENET, US)

conf.config-security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

triplewhale-pixel.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.160.172.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-172-47.iah50.r.cloudfront.net

lcx-widgets.bambuser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.74.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-74-17.iah50.r.cloudfront.net

ob.powerrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.56.163.9 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-9.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.146.36.24 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 137173278.nyc.cdn77.com

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.44.203.147 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-147.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.getshogun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.110 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.31.156 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.59.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-59-47.iah50.r.cloudfront.net

gthz36.a.searchspring.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.139 (United States) 3 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.10.30 (Poland) 1 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.45.196.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-196-192.compute-1.amazonaws.com

obs.powerrobotflower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.102.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-24.iah50.r.cloudfront.net

d3k81ch9hvuctc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.74.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-74-77.iah50.r.cloudfront.net

svc-prod-us.liveshopping.bambuser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.102.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-82.iah50.r.cloudfront.net

container.pepperjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.59.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-59-91.iah50.r.cloudfront.net

d23dclunsivw3h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.74.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-74-26.iah50.r.cloudfront.net

assets1.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.211 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f19.1e100.net

shopify.rakutenadvertising.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.168.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-168-189.iah50.r.cloudfront.net

d38xvr37kwwhcm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.142 (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)

geolocation-recommendations.shopifyapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.34.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.95 (None, )

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.93.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.93.190.35.bc.googleusercontent.com

tracking.monsido.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.155 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.80.169.49 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-169-49.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.77.239 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-77-239.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.102 (Terrebonne, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.168.66 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-168-66.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.148.2.56 (United States)

ASN16276 (OVH, FR)
PTR: ip56.ip-135-148-2.us

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.200.65.202 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.201.172 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-172.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.164.37 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-164-37.us-east-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.137.114 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-137-114.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.250.255 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-250-255.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.222.179.146 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-179-146.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.102.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-75.iah50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.5.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-5-155.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.111.121 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-111-121.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.89.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-89-113.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.181.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-181-97.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.172.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-172-46.iah50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

utils.global-e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.168.167.152 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-167-152.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net

identitytoolkit.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.172.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-172-92.iah50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.66.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.154.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-154-249.compute-1.amazonaws.com

beacon.searchspring.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.145.63 (United States)

ASN13335 (CLOUDFLARENET, US)

easy-redirects.shopcircle.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.74.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-74-44.iah50.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.60.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.60.149.34.bc.googleusercontent.com

api.config-security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.83.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-83-118.iah50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.172.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-172-101.iah50.r.cloudfront.net

na-library.klarnaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.239.32.53 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2035.1e100.net

api-v3-docker-nrl2mwczfq-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.232.35.199 (Ashburn, United States) 11 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-35-199.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.236.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.236.107.34.bc.googleusercontent.com

open.pixel.api.whale3.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.123.96 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	xincarning.cyou xincarning.cyou	156 KB
33	nililotan.com www.nililotan.com	824 KB
28	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1708	708 KB
25	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 2510 a.klaviyo.com — Cisco Umbrella Rank: 2925 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3203 fast.a.klaviyo.com — Cisco Umbrella Rank: 3266 static-forms.klaviyo.com — Cisco Umbrella Rank: 2976	198 KB
20	adroll.com 11 redirects assets1.adroll.com — Cisco Umbrella Rank: 28925 s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	43 KB
17	searchspring.io snapui.searchspring.io — Cisco Umbrella Rank: 23502 gthz36.a.searchspring.io beacon.searchspring.io — Cisco Umbrella Rank: 16445	163 KB
10	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 12584 settings.luckyorange.com — Cisco Umbrella Rank: 12400	185 KB
9	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 424 sslwidget.criteo.com — Cisco Umbrella Rank: 1761 dynamic.criteo.com — Cisco Umbrella Rank: 3138 dis.criteo.com — Cisco Umbrella Rank: 550	33 KB
9	powerrobotflower.com ob.powerrobotflower.com — Cisco Umbrella Rank: 220247 obs.powerrobotflower.com — Cisco Umbrella Rank: 150338	39 KB
8	bambuser.com lcx-widgets.bambuser.com — Cisco Umbrella Rank: 15350 svc-prod-us.liveshopping.bambuser.com — Cisco Umbrella Rank: 13654	62 KB
7	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	2 KB
6	run.app api-v3-docker-nrl2mwczfq-uc.a.run.app — Cisco Umbrella Rank: 50807	5 KB
6	mediawallahscript.com 5 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 2295	4 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 identitytoolkit.googleapis.com — Cisco Umbrella Rank: 3562	3 KB
5	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	1 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
5	gorgias.chat config.gorgias.chat — Cisco Umbrella Rank: 7936 assets.gorgias.chat — Cisco Umbrella Rank: 12669	320 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 715	3 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	150 KB
5	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 5350 us.creativecdn.com — Cisco Umbrella Rank: 2503	4 KB
4	cloudfront.net d3k81ch9hvuctc.cloudfront.net d23dclunsivw3h.cloudfront.net d38xvr37kwwhcm.cloudfront.net	72 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	823 B
4	bing.com bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	global-e.com crossborder-integration.global-e.com — Cisco Umbrella Rank: 16046 webservices.global-e.com — Cisco Umbrella Rank: 13171 utils.global-e.com — Cisco Umbrella Rank: 11750	2 KB
3	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 517	2 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1462 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	1 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
3	amazonaws.com s3.eu-west-1.amazonaws.com production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 17986	17 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	64 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	290 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 491	516 B
2	whale3.io open.pixel.api.whale3.io — Cisco Umbrella Rank: 9711	168 B
2	gstatic.com fonts.gstatic.com	92 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723 image2.pubmatic.com — Cisco Umbrella Rank: 859	966 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	574 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1785	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 666	877 B
2	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	1 KB
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1460 sync.taboola.com — Cisco Umbrella Rank: 1293	736 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	696 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	976 B
2	shopifyapps.com geolocation-recommendations.shopifyapps.com — Cisco Umbrella Rank: 6238	39 KB
2	myshopify.com nili-lotan.myshopify.com	4 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 599	88 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	21 KB
2	config-security.com conf.config-security.com — Cisco Umbrella Rank: 10004 api.config-security.com — Cisco Umbrella Rank: 9103	1 KB
2	monsido.com app-script.monsido.com — Cisco Umbrella Rank: 10760 tracking.monsido.com — Cisco Umbrella Rank: 9854	3 KB
2	figpii.com tracking-cdn.figpii.com — Cisco Umbrella Rank: 86716 tracking-settings.figpii.com — Cisco Umbrella Rank: 75182	57 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	30 KB
2	blackcrow.ai shopify-init.blackcrow.ai — Cisco Umbrella Rank: 24685	840 B
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 4751	454 B
1	klarnaservices.com na-library.klarnaservices.com — Cisco Umbrella Rank: 6151	12 KB
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2546	18 KB
1	shopcircle.co easy-redirects.shopcircle.co — Cisco Umbrella Rank: 16119	592 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 499	659 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	308 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	280 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1899
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	535 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	968 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 777	572 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	661 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	549 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	384 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	278 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	688 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	790 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3427	412 B
1	rakutenadvertising.io shopify.rakutenadvertising.io — Cisco Umbrella Rank: 36431	823 B
1	getshogun.com analytics.getshogun.com — Cisco Umbrella Rank: 11423	19 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 5888	18 KB
1	pepperjam.com container.pepperjam.com — Cisco Umbrella Rank: 8152	9 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	shop.app shop.app — Cisco Umbrella Rank: 3553	2 KB
1	web.app triplewhale-pixel.web.app — Cisco Umbrella Rank: 10758	42 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	85 KB
0	adsymptotic.com Failed p.adsymptotic.com Failed
327	83

	Domain	Requested by
39	xincarning.cyou	xincarning.cyou www.nililotan.com
33	www.nililotan.com	xincarning.cyou www.nililotan.com
28	cdn.shopify.com	xincarning.cyou cdn.shopify.com
18	d.adroll.com	11 redirects s.adroll.com www.nililotan.com
12	snapui.searchspring.io	xincarning.cyou snapui.searchspring.io
9	static-tracking.klaviyo.com	static.klaviyo.com
9	a.klaviyo.com	xincarning.cyou www.nililotan.com
8	obs.powerrobotflower.com	ob.powerrobotflower.com xincarning.cyou www.nililotan.com
8	tools.luckyorange.com	xincarning.cyou tools.luckyorange.com
7	lcx-widgets.bambuser.com	xincarning.cyou lcx-widgets.bambuser.com
6	api-v3-docker-nrl2mwczfq-uc.a.run.app	www.nililotan.com
6	partner.mediawallahscript.com	5 redirects
5	ups.analytics.yahoo.com	3 redirects
5	ct.pinterest.com	www.nililotan.com xincarning.cyou s.pinimg.com
5	gum.criteo.com	3 redirects static.criteo.net gum.criteo.com
5	analytics.tiktok.com	www.nililotan.com analytics.tiktok.com
5	static.klaviyo.com	xincarning.cyou static.klaviyo.com
4	identitytoolkit.googleapis.com	www.nililotan.com
4	ib.adnxs.com	2 redirects
4	us.creativecdn.com	1 redirects xincarning.cyou
4	stats.g.doubleclick.net	www.googletagmanager.com www.nililotan.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nililotan.com
3	i.liadm.com	3 redirects
3	eb2.3lift.com	1 redirects
3	x.bidswitch.net	1 redirects
3	cm.g.doubleclick.net	3 redirects
3	config.gorgias.chat	xincarning.cyou config.gorgias.chat www.nililotan.com
3	gthz36.a.searchspring.io	www.nililotan.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com xincarning.cyou
3	cdn.jsdelivr.net	xincarning.cyou
3	www.googletagmanager.com	xincarning.cyou www.googletagmanager.com www.google-analytics.com
2	us-u.openx.net	1 redirects
2	open.pixel.api.whale3.io	www.nililotan.com
2	fonts.gstatic.com	fonts.googleapis.com
2	assets.gorgias.chat	config.gorgias.chat
2	beacon.searchspring.io	www.nililotan.com
2	production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com	s3.eu-west-1.amazonaws.com
2	dpm.demdex.net	1 redirects
2	webservices.global-e.com	cdn.shopify.com
2	sync.outbrain.com
2	live.rezync.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	hb.yahoo.net
2	pixel.rubiconproject.com
2	match.adsrvr.org	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	dis.criteo.com
2	geolocation-recommendations.shopifyapps.com	xincarning.cyou
2	nili-lotan.myshopify.com	www.nililotan.com
2	d3k81ch9hvuctc.cloudfront.net	xincarning.cyou
2	www.google.com	xincarning.cyou
2	settings.luckyorange.com	www.nililotan.com
2	sessions.bugsnag.com	www.nililotan.com
2	analytics.google.com	www.googletagmanager.com
2	fonts.googleapis.com	client
2	connect.facebook.net	www.nililotan.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	static.criteo.net	xincarning.cyou
2	shopify-init.blackcrow.ai	xincarning.cyou
1	sync.taboola.com
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	www.cloudflare.com	www.nililotan.com
1	na-library.klarnaservices.com	production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com
1	cdn.amplitude.com	xincarning.cyou
1	api.config-security.com	www.nililotan.com
1	s.adroll.com	assets1.adroll.com
1	easy-redirects.shopcircle.co	www.nililotan.com
1	aa.agkn.com
1	utils.global-e.com
1	s.ad.smaato.net
1	match.sharethrough.com
1	trends.revcontent.com
1	simage2.pubmatic.com
1	jadserve.postrelease.com
1	c.bing.com
1	exchange.mediavine.com
1	pippio.com
1	p.rfihub.com	1 redirects
1	ads.stickyadstv.com
1	tags.bluekai.com
1	visitor.omnitagjs.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	contextual.media.net
1	ws.rqtrk.eu	1 redirects
1	secure.adnxs.com	1 redirects
1	tracking.monsido.com
1	s3.eu-west-1.amazonaws.com	xincarning.cyou
1	dynamic.criteo.com	xincarning.cyou
1	d38xvr37kwwhcm.cloudfront.net	xincarning.cyou
1	shopify.rakutenadvertising.io	xincarning.cyou
1	assets1.adroll.com	xincarning.cyou
1	analytics.getshogun.com	xincarning.cyou
1	d23dclunsivw3h.cloudfront.net	xincarning.cyou
1	tag.rmp.rakuten.com	xincarning.cyou
1	container.pepperjam.com	xincarning.cyou
1	svc-prod-us.liveshopping.bambuser.com	lcx-widgets.bambuser.com
1	sslwidget.criteo.com	static.criteo.net
1	www.facebook.com	xincarning.cyou
1	tracking-settings.figpii.com	www.nililotan.com
1	static-forms.klaviyo.com	www.nililotan.com
1	fast.a.klaviyo.com	www.nililotan.com
1	tags.creativecdn.com	www.googletagmanager.com
1	ob.powerrobotflower.com	www.googletagmanager.com
1	shop.app	www.nililotan.com
1	triplewhale-pixel.web.app	xincarning.cyou
1	conf.config-security.com	xincarning.cyou
1	code.jquery.com	xincarning.cyou
1	crossborder-integration.global-e.com	xincarning.cyou
1	app-script.monsido.com	xincarning.cyou
1	tracking-cdn.figpii.com	xincarning.cyou
0	p.adsymptotic.com Failed
327	115

This site contains links to these domains. Also see Links.

Domain
www.nililotan.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
xincarning.cyou GTS CA 1P5	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.blackcrow.ai Amazon RSA 2048 M02	`2023-11-13` - `2024-12-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.nililotan.com R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
static.klaviyo.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-24` - `2024-06-23`	a year	crt.sh
*.figpii.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-09` - `2024-12-09`	a year	crt.sh
luckyorange.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-15`	a year	crt.sh
*.searchspring.net Amazon RSA 2048 M01	`2023-08-29` - `2024-09-26`	a year	crt.sh
app-script.monsido.com GTS CA 1D4	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.global-e.com Sectigo RSA Organization Validation Secure Server CA	`2023-05-08` - `2024-06-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdn.shopify.com E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
config-security.com E1	`2023-12-06` - `2024-03-05`	3 months	crt.sh
web.app GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.bambuser.com Amazon RSA 2048 M02	`2023-11-28` - `2024-12-26`	a year	crt.sh
shop.app E1	`2023-11-20` - `2024-02-18`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.powerrobotflower.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
fast.a.klaviyo.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
static-forms.klaviyo.com R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
settings.luckyorange.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.liveshopping.bambuser.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-31`	a year	crt.sh
myshopify.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
*.pepperjam.com Go Daddy Secure Certificate Authority - G2	`2023-01-29` - `2024-03-01`	a year	crt.sh
tag.rmp.rakuten.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.getshogun.com R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
assets1.adroll.com Amazon RSA 2048 M01	`2023-06-19` - `2024-07-16`	a year	crt.sh
shopify.rakutenadvertising.io GTS CA 1D4	`2023-11-22` - `2024-02-20`	3 months	crt.sh
geolocation-recommendations.shopifyapps.com E1	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-12`	a year	crt.sh
gorgias.chat E1	`2023-12-04` - `2024-03-03`	3 months	crt.sh
tracking.monsido.com GTS CA 1D4	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
utils.global-e.com GTS CA 1D4	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
shopcircle.co GTS CA 1P5	`2023-11-22` - `2024-02-20`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
api.config-security.com GTS CA 1D4	`2023-12-13` - `2024-03-12`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.klarnaservices.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-06`	a year	crt.sh
open.pixel.api.whale3.io GTS CA 1D4	`2023-12-06` - `2024-03-06`	3 months	crt.sh
www.cloudflare.com GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://xincarning.cyou/
Frame ID: 6813C01FBC4F927F17977700234E54B3
Requests: 258 HTTP requests in this frame

Frame: https://xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-shopify-custom-pixel@0570/sandbox/modern/
Frame ID: AF9A9803B80A823AC5D8632B3C4EFA9A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=xincarning.cyou&origin=onetag
Frame ID: A7EF203DA5B06DE741E6FEEA8075F3A7
Requests: 2 HTTP requests in this frame

Frame: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2
Frame ID: 0B3FDDD97F9FD2D28FE67C909318F62C
Requests: 7 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=2b5b303
Frame ID: 23333BB06FBB791A56AEB460D3A98386
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 1AD2E9B0BBE9DBB3599C75A7D7951F43
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_gid=CAESEGDM3jl1KRrmgWQH6OilKVw&google_cver=1&google_ula=913071,0
Frame ID: C3789FD609B7B44BE2EC7309963AEFAA
Requests: 31 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Frame ID: 99C9C552908F010D90B22FB080727FFB
Requests: 1 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Frame ID: 3853F60278092289847FAD18B41C730A
Requests: 1 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Frame ID: 4B34315646B101DEA2789533FC81E9C1
Requests: 1 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Frame ID: 137233A1329B502B72DF734607D9CFB9
Requests: 1 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Frame ID: 82C61631043C9F5E7C73A83C63A43CEF
Requests: 1 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Frame ID: 5D04A8277E4B0DD0F01F0408578FDBD3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nili Lotan | Timeless Fashion and Luxury Designer Clothing Brand Close dialog 2

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

327
Requests

91 %
HTTPS

0 %
IPv6

83
Domains

115
Subdomains

95
IPs

6
Countries

3932 kB
Transfer

10959 kB
Size

134
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nililotan.com/collections/sale
Title: SHOP SALE - UP TO 60% OFF

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/blogs/nilis-world/safeheart
Title: DONATE HERE TO SUPPORT NOVA SURVIVORS THROUGH SAFEHEART

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/pages/sign-up
Title: SIGN UP FOR EMAIL AND SMS TO SAVE 10%

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/pages/live
Title: LIVE SHOPPING AND HOLIDAY STYLING WITH NILI: WATCH HERE

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/new-in-1
Title: NEW IN

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/resort-24
Title: COLLECTIONS

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/fall-23
Title: FALL 23

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/pre-fall-23
Title: PRE FALL 23

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/mens-resort-24
Title: MEN'S RESORT 24

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/mens-fall-23
Title: MEN'S FALL 23

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/mens-pre-fall-23
Title: MEN'S PRE FALL 23

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/shop?tag=holiday-party-attire
Title: THE HOLIDAY PARTY EDIT

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/womens-sale
Title: WOMEN'S SALE

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/all-mens
Title: MEN

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/collections/mens-sale#UL
Title: MEN'S SALE

Search URL Search Domain Scan URL

URL: https://www.nililotan.com/pages/stores
Title: Stores

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nililotan/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nililotan
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://us.creativecdn.com/tags/v2?type=json HTTP 307
https://us.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_cm&google_hm=ay14UEZXUEhlZWV5S1IyeWgySWVNa3Bhd1hVLTUwWDRlNGJxeERTQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_cm=&google_hm=ay14UEZXUEhlZWV5S1IyeWgySWVNa3Bhd1hVLTUwWDRlNGJxeERTQQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_gid=CAESEGDM3jl1KRrmgWQH6OilKVw&google_cver=1&google_ula=913071,0

Request Chain 195

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-owzcu3eeeyKR2yh2IeMkpawXU-4HNyQZ6SgA7A&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-owzcu3eeeyKR2yh2IeMkpawXU-4HNyQZ6SgA7A&expires=30

Request Chain 196

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2437991927369266145

Request Chain 197

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&custom=&tag_format=img&tag_action=sync&custom=&cb=5aee9244-c7e5-40e1-a710-fb59c01c1c21 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=5aee9244-c7e5-40e1-a710-fb59c01c1c21&final=true&reqid=f252a730-a3c2-11ee-81aa-f953968caa27&timestamp=2023-12-26T07%3A46%3A57.955Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=2437991927369266145&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=f2576220-a3c2-11ee-a368-81fd2626be0b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=f2576220-a3c2-11ee-a368-81fd2626be0b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=ea0dfe5d485607c713f97cf828023ea8&tag_format=img&tag_action=sync&cb=305131660 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=274e8769-75b8-415f-a6cb-821b4da01aa2&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=f2576220-a3c2-11ee-a368-81fd2626be0b&cb=1703576818493&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1703576818493 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=80e50774-fdca-48bb-92ba-04715b066774&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1703576818493

Request Chain 203

https://eb2.3lift.com/xuid?mid=2711&xuid=k-TQGqd3eeeyKR2yh2IeMkpawXU-5QqLn7adEtVw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-TQGqd3eeeyKR2yh2IeMkpawXU-5QqLn7adEtVw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 204

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&verify=true

Request Chain 207

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=wW_RMgx1TMa4_IOBqE3Tj3M1f-0--pdO

Request Chain 208

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XlzLwHeeeyKR2yh2IeMkpawXU-5nuJ9zLpZdkw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XlzLwHeeeyKR2yh2IeMkpawXU-5nuJ9zLpZdkw&C=1

Request Chain 210

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1dqfEXeeeyKR2yh2IeMkpawXU-6z1pPO7ULJxA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1dqfEXeeeyKR2yh2IeMkpawXU-6z1pPO7ULJxA

Request Chain 211

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-abJEtXeeeyKR2yh2IeMkpawXU-5nuvIzkYvdEw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-abJEtXeeeyKR2yh2IeMkpawXU-5nuvIzkYvdEw&_li_chk=true&previous_uuid=4d08e8d3d7e44d3c9ba6df5b813e9c5e HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4d08e8d3-d7e4-4d3c-9ba6-df5b813e9c5e HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=43bc4958-5da7-415e-af77-66f7b02f3576%3A1703576818.516597&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D43bc4958-5da7-415e-af77-66f7b02f3576%253A1703576818.516597%26pid%3D500040%26it%3D1%26iv%3D43bc4958-5da7-415e-af77-66f7b02f3576%253A1703576818.516597%26_%3D1703576818.5186617&cb=1703576818.5187044 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969188723459867987&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D43bc4958-5da7-415e-af77-66f7b02f3576%253A1703576818.516597%26pid%3D500040%26it%3D1%26iv%3D43bc4958-5da7-415e-af77-66f7b02f3576%253A1703576818.516597%26_%3D1703576818.5186617 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=43bc4958-5da7-415e-af77-66f7b02f3576%3A1703576818.516597&pid=500040&it=1&iv=43bc4958-5da7-415e-af77-66f7b02f3576%3A1703576818.516597&_=1703576818.5186617 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1703576818.5186617&iv=43bc4958-5da7-415e-af77-66f7b02f3576:1703576818.516597

Request Chain 227

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=n4C2x41xRNygm6RzA5eHpKsCfpBh3hMF HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=n4C2x41xRNygm6RzA5eHpKsCfpBh3hMF

Request Chain 235

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=1F5CQYtQPfVe_xbSJyBovhiRlnHbibY6

Request Chain 268

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OdzV5OXc1RTJ1R2F5aFZQZ2FPb3dhbmhvazlEVU1pNn5B&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&dpid=58301

Request Chain 306

https://d.adroll.com/cm/b/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

Request Chain 307

https://d.adroll.com/cm/g/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Zp4aWpTgb9bhx26GkAQYjg HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 308

https://d.adroll.com/cm/index/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expiration=1735112819

Request Chain 309

https://d.adroll.com/cm/l/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=669e1a5a94e06fd6e1c76e869004188e HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGUQABoNCPOJqqwGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=beaeef44adf5f5dc59a6fb72d9ae294085d3311eb247aafd84157074baaa2515791426b5417dce21&_=2 HTTP 307
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=07440363

Request Chain 310

https://d.adroll.com/cm/n/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expires=365

Request Chain 311

https://d.adroll.com/cm/o/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=669e1a5a94e06fd6e1c76e869004188e&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=669e1a5a94e06fd6e1c76e869004188e&gdpr=0&gdpr_consent=

Request Chain 312

https://d.adroll.com/cm/outbrain/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 313

https://d.adroll.com/cm/pubmatic/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 314

https://d.adroll.com/cm/r/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 315

https://d.adroll.com/cm/taboola/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

Request Chain 316

https://d.adroll.com/cm/triplelift/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&dongle=c85e

Request Chain 317

https://d.adroll.com/cm/x/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

327 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xincarning.cyou/ 163 KB
37 KB 846ms
505ms Document
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634d7fee184be9be28aa69bf8ea56684f6c8e771d38501c08f821df46cdd442a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b7b676bdf7420d-EWR
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:55 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zj5Msed3isobvAqelYBetysU25xB%2FD3jFu7ZevypZwmq5hJG9Kil0%2F0sSTby7zX%2FrmqOo8exGYykVeAEw%2BH6tcRF0691xJlnFFDzmrQQ89yUqH%2F2cWY403rnyJV3Ig%2B%2BNnwK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=12, db;dur=4, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="index", servedBy;desc="rtxq", requestID;desc="63b717c5-052c-4717-aeaf-d430f816bf90" cfRequestDuration;dur=79.999924
strict-transport-security: max-age=7889238 max-age=31536000
vary: Accept-Encoding Accept
x-cache: hit, server
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 63b717c5-052c-4717-aeaf-d430f816bf90
x-shardid: 117
x-shopid: 2175959158
x-shopify-stage: production
x-sorting-hat-podid: 117
x-sorting-hat-shopid: 2175959158
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H2 200 nili-lotan.js Show response
shopify-init.blackcrow.ai/js/core/ 0
420 B 143ms
39ms Script
application/javascript 99.86.102.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-init.blackcrow.ai/js/core/nili-lotan.js?shopify_app_version=1.0.227&shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.102.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-102-6.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 6K2O3_Hii6u0qmByd5hNaZU0T5RTA2sg
date: Tue, 26 Dec 2023 06:41:23 GMT
via: 1.1 99f379af65e49c9eed75f22e75b127d0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C3
age: 5526
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Mon, 25 Dec 2023 01:10:03 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: MKMrusdQNns6LU_9c5wOskRUdYHtffdl06W8AhpHrxwZdr262DQNNg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 362 KB
111 KB 405ms
60ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

758bc8e3494b4e52f8ed1a147866ecde4a330fe0bb3f0aa1cd650f18acf34d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112798
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Dec 2023 07:46:56 GMT

GET
H2 200 lazysizes.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 28 KB
11 KB 43ms
17ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/lazysizes.js?v=111431644619468174291692816766

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6ef0b26f16ecf59e8ec163a899d92edcbf22c89b22ffa793be88ac19dfca82a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2148331
content-encoding: br
server-timing: imagery;dur=104.548, imageryFetch;dur=90.860, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: e21f923b-ddf2-402b-a916-099d62287800
last-modified: Thu, 02 Nov 2023 03:34:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kMYUFsLQEUsNqF7d5RsAN5hmytMF3oQiGxR7CfZJATBNrXmwyQvGG4tBxGTltE9Zr9uBW6BHg1ac7V23ePOyE1cA0pb%2BYE5MqPFh3bf%2FkTEKa6eStvsH2vHmXQxwN59nbK7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39cc0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/lazysizes.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 vendor.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 90 KB
28 KB 46ms
21ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/vendor.js?v=87256898729587446001692816772

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b8ba057fa64029eed55cc954869661ec73362292afee75c4b8f74961511120ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2335227
content-encoding: br
server-timing: imagery;dur=319.550, imageryFetch;dur=91.661, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: f3ae9098-6cd7-4bbf-b608-015cbd4b30c2
last-modified: Thu, 02 Nov 2023 08:33:28 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lQ0MKe8qchv9CDZMRQ1C0NpEx%2BoPQibJfQ1o%2FzhMbfd%2FcJw0WzgyOblSa8sC4%2BxMd84jQToDJ%2BbOJ0xyzJNZehPc9JjxsMXv39DekyTsVg7vKqN69eyo7ppYFr0AjcdPXz1"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39ce0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/vendor.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 theme.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 274 KB
63 KB 47ms
22ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/theme.js?v=105428044142932824621692816769

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ebca132a3e958d38c903df746ea515e0b43e6c8bd2d909fa213fdafb53d39f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2421213
content-encoding: br
server-timing: imagery;dur=2607.728, imageryFetch;dur=83.298, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 9a971d3c-160f-469c-95ae-bc2a8b089977
last-modified: Mon, 13 Nov 2023 11:13:32 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owczh0CE1ceimsLKv90A8yky98wHQklRIvpxyDQVl4jdkg9KiqqZfw31NPA7kS4hu2enLRmE0IGUQWV5Pl7MaSJsn5JHv970PE9cDdqUP%2Fgy0eazf5JqQXhDRIOxpYZER0M0"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39cf0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/theme.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 theme.css
www.nililotan.com/cdn/shop/t/378/assets/ 456 KB
72 KB 50ms
25ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/theme.css?v=160816078088844388921692816768

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

79011209c373b5535ddc2702eb2fd4b4106797a9e8b4e4573bfacfcb3f976f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2332018
content-encoding: br
server-timing: imagery;dur=117.032, imageryFetch;dur=45.089, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: ac8a5d71-2cfa-458d-9732-cae0aa96c017
last-modified: Thu, 02 Nov 2023 13:20:08 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03xeBI8dk1nda6uLuW4n9D2%2FsKJEWg7FrkMLczQhntlTUUXxbHFhl7P6vwjJbok%2F%2FfkBgBry6Nspy35ozRBb3Jiu%2BAmBb3djsGyVq%2FkuAKpy%2BJzw8gBER6ArvnRVL3dFbA8s"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39c70c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/theme.css>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 custom-dev.css
www.nililotan.com/cdn/shop/t/378/assets/ 30 KB
7 KB 41ms
16ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/custom-dev.css?v=63320821165919237281702044896

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6966bd087cb010072d3e36f81d52dc37225d53cc8d4c275d237f8c2ce3c9fd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1531800
content-encoding: br
server-timing: imagery;dur=63.486, imageryFetch;dur=58.122, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: d47b48be-debd-41fd-bd34-54bbbbef3054
last-modified: Fri, 08 Dec 2023 14:14:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OXouoVHp0maRzpDfLN5YZkAMTEhpD9TDCqxZ9h9O%2FW59mAJ7NKyr00nPjcdAcHKIxu78D2Zg8zQtOadlxv5nWRZmc7UVL53QV4yT9S9UAJCLTr%2BLaT4Wh%2B5XHPnPNtW9P%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39cb0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/custom-dev.css>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
5 KB 328ms
13ms Stylesheet
text/css 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Dec 2023 07:46:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12863
x-jsd-version: 8.4.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4878
x-served-by: cache-fra-etou8220040-FRA, cache-lga21933-LGA
x-jsd-version-type: version
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-settings.css
www.nililotan.com/cdn/shop/t/378/assets/ 4 KB
2 KB 39ms
14ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/font-settings.css?v=96675651100118955761697828096

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ebef128b3ec706f4b46ad06a47d701e9dddc38dbbb91e0870510b8501a2570fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2156909
content-encoding: br
server-timing: imagery;dur=105.621, imageryFetch;dur=104.363, cfRequestDuration;dur=9.999752
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: c03ad773-e8a0-48d8-8b69-7dad5577f666
last-modified: Fri, 10 Nov 2023 11:21:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oiOYO%2B0zZjgGyZYqvrczVJ%2BAwZIsHadISdZss6cbCfhBUFZjjS%2FifFA%2FmcogkgtoUXAaGztsBaRw0aVhOEVEUdYoCmwyA5WDc57sJJPpS8AyKWn%2B%2Fp0flLgpo4zf4WSbZtk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39c80c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/font-settings.css>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 custom-font-settings.css
www.nililotan.com/cdn/shop/t/378/assets/ 1 KB
856 B 39ms
15ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/custom-font-settings.css?v=3902182342919947921692816766

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

c75b1164741e2d46de2d96b8684b39ac11b566d4c999ae91d186ac317b2927be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4666538
content-encoding: br
server-timing: imagery;dur=96.337, imageryFetch;dur=94.925, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 73cf3b16-66e6-402e-8c66-2f6126df2ca4
last-modified: Thu, 02 Nov 2023 07:12:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onwWwlu3B6VXOVCRv3y1zqYe0B2HoFc2KuUGu8Z%2BeGn7vCqoUI2zKfcTxwrSxww2sRLdvCbc%2B1Ep9j43HWwMzodKICb6czymGHiDCOmLV4Rf7m4%2FMVZCD5j1qI%2FsffEjuyZu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39c90c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/custom-font-settings.css>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 custom-responsive.css
www.nililotan.com/cdn/shop/t/378/assets/ 9 KB
3 KB 39ms
16ms Stylesheet
text/css 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/custom-responsive.css?v=30865915987503351561693400828

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6ece770b9f251a20e98bba619982dc51186b3b037211d695915110111adf063f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2405983
content-encoding: br
server-timing: imagery;dur=97.048, imageryFetch;dur=85.719, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: d3150984-ce9a-4754-a590-25cc59f4db6d
last-modified: Thu, 02 Nov 2023 04:34:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEnuD6JJ4fl0flC6dmqMK2jnYKilD7JfgyehLlQK9r5ID%2BSJ95cxo1d5gUVxTKI6sd%2FzN3OiaMlrNz4c9xn%2BWfk72H1C6ps7Murv5BaIaCnu5dGLIJHci0ceWmJ51KQFzWUn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39ca0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/custom-responsive.css>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 ajaxinate.min.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 5 KB
2 KB 42ms
18ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/ajaxinate.min.js?v=184280457900856627781692816768

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

9950a35c46164a5379c34e04fa19cbb757cea949d729feb90e4b61889c565f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4056467
content-encoding: br
server-timing: imagery;dur=39.858, imageryFetch;dur=39.339, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 2caded0a-0bbc-4183-8214-a90d56ec3eb8
last-modified: Thu, 02 Nov 2023 07:57:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNyEvABP%2BnBbc9%2FjAfBf6Ckjgatz8QCcyLV%2FDTeiNSvCqs5eW0uxuNclw%2F1niZc5yJU6pYnEsGyz1WSMAG4aA9dzBWjbOJWnK0Ehb51jClXdL8k74MXgyP%2F0Ojzb%2F9FB36eT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39d00c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/ajaxinate.min.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 masonry.pkgd.min.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 24 KB
8 KB 40ms
19ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/masonry.pkgd.min.js?v=52946867241060388171692816771

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2156909
content-encoding: br
server-timing: imagery;dur=67.321, imageryFetch;dur=65.507, cfRequestDuration;dur=11.999846
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 85e1bd35-7e95-4522-8861-8015ffa24ca5
last-modified: Thu, 30 Nov 2023 07:06:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNpyWFLaxTIU3box1j9stPwClFMQO%2BuUAXKpi%2F7uuRyUI%2F5zBXYazN9l37jDNue3LMqDjOm3ncKqfKDBpXY1kXRBymkwtlIoqQpUQaQYTLKrWpE0hfNCxiONESFM5BsY1ct7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67a39cd0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/masonry.pkgd.min.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 shopify_common-33bb9d312118840468a53f36b59c62c1e8f2b7d1a0a77250db9e300441827470.js Show response
www.nililotan.com/cdn/shopifycloud/shopify/assets/themes_support/ 2 KB
1 KB 16ms
13ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/shopify/assets/themes_support/shopify_common-33bb9d312118840468a53f36b59c62c1e8f2b7d1a0a77250db9e300441827470.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

33bb9d312118840468a53f36b59c62c1e8f2b7d1a0a77250db9e300441827470

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2417740
content-encoding: br
server-timing: imagery;dur=33.384, imageryFetch;dur=32.765, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8487cdd9-6618-4161-9a51-9fbc936d315b
last-modified: Tue, 14 Nov 2023 17:30:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8HtL6lJWznRuBLJRv8fQtxYeRLradJpY5GAVp%2Bv%2Fh1SScvXfhaOMrP31fub5btqLh5YtBsLuWBeWoe06OWSlh%2BDo9XIOb82F4fE%2B0KxWrAdJHl04nBR%2Bmqa7hXzGQrJINY%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 83b7b67c8ac80c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/shopify_common-33bb9d312118840468a53f36b59c62c1e8f2b7d1a0a77250db9e300441827470.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 theme.dev.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 483 KB
97 KB 32ms
26ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/theme.dev.js?v=22344464846306135691700051221

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

79b181b859fd02dd35b1171e66d516c17dddd0f1e666ecc352756227626b9f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3525590
content-encoding: br
server-timing: imagery;dur=134.877, imageryFetch;dur=99.374, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 91661b79-98ff-4255-afee-7350a44b23dd
last-modified: Wed, 15 Nov 2023 12:27:04 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muL85Hwa5uliGEXjrI7bnGCVH9glREX0K6vZl4dBseUB7KKY0eF1A4kdlXIZFHnoJnB%2FY60ePygqQMo3RQxnGJ20o3kf1GGHU4HoknRsTXWRXfSjzVaZntqHpYYQ0fL4VV19"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67c9ace0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/theme.dev.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 404 preloads.js
xincarning.cyou/checkouts/internal/ 0
0 242ms
237ms Script
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/checkouts/internal/preloads.js?permanent-domain=nili-lotan.myshopify.com&locale=en-US
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeevQzCMjL5GhgrV%2F9Nuh4HxYmvV7%2BJT4fii0CqVbINHqdLSoWMtnhkQu5yUMwxIH80X%2BYJp%2BtvBX1l99aD63c3WtQ5LBRlkQ0Z8BHQoldBDVq46VUkj2jlj5w3Np%2F7mR10%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83b7b67c98ee420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js Show response
www.nililotan.com/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 28ms
15ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2250043
content-encoding: br
server-timing: imagery;dur=29.842, imageryFetch;dur=29.167, cfRequestDuration;dur=8.999825
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ca224581-d2f0-4423-8dde-7fed468f7ee4
last-modified: Fri, 17 Nov 2023 23:08:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ4ySRXb%2BFVFoGTqGhVu90sezBoTGnNhENBKRD96QtmU%2FIsOs%2Bzync5D8ecVQq5eyQOV9DifFll9ERr06WslC7INHv56wLkzXUoG1MXvnhgvYlngHz7ITk8jIgbdivadHKl1"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 83b7b67cab91440b-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js Show response
www.nililotan.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 49 KB
18 KB 31ms
18ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 209083
content-encoding: br
server-timing: imagery;dur=29.537, imageryFetch;dur=29.351, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 55be963f-622e-4e62-8274-7f2dd67a3cc8
last-modified: Thu, 16 Nov 2023 20:30:27 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9Ij%2BckUDz1bfWMC4nhZF6MbZAuvmP6%2Bso8%2BU3dlhhALWxRKk0XrMuKg2x1yh8b4qXcdNhNBojsfizQWWTvyYglpPQSWQdUIru94XNG%2Bdl2QrQnyDVNnAdQEFv4nF1Il8Lq7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 83b7b67cab93440b-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js Show response
www.nililotan.com/cdn/shopifycloud/shopify/assets/storefront/ 37 KB
13 KB 29ms
16ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3354678
content-encoding: br
server-timing: imagery;dur=33.334, imageryFetch;dur=31.263, cfRequestDuration;dur=8.999825
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a5be1ad8-9979-4ca6-971a-fdacac33dc88
last-modified: Fri, 17 Nov 2023 11:52:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chv3OI07AhZP2sBMltkvA9%2Bv6siA1DDbiyKiv6BQ7Ofm4F0345kh2CoRASlyhTGAuJduVydhNtUQhb7chQ%2BPufYB3p2nlQ1eLk8a2qFq5lO8CMCSLloJdAfVwslCvtqG0JII"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 83b7b67cab92440b-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
2 KB 39ms
4ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a5eb56c6311aa4316a9c08cef635a6a5c2655100b89ae39bf7891e41722b3639

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
age: 279864
x-cache: HIT
content-length: 1160
x-served-by: cache-lga21974-LGA
server: nginx
x-timer: S1703576816.123036,VS0,VE1
etag: W/"b1f116eca683db343f30bd1c63783cb8"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 345ms
17ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Dec 2023 07:46:56 GMT

GET
H2 200 onsite.js Show response
a.klaviyo.com/media/js/onsite/ 102 KB
33 KB 375ms
43ms Script
application/javascript 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/media/js/onsite/onsite.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc35ba3b66f65d5e9df410362da83d79bdb1d6e6fd59bc91f4a0b3164d5167fa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sat, 23 Dec 2023 23:30:12 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
vary: Accept-Encoding, Cookie
content-type: application/javascript
cache-control: max-age=86400, public
content-disposition: inline; filename="onsite.js"
cf-ray: 83b7b67c28d60f9c-EWR
x-robots-tag: noindex, nofollow
expires: Wed, 27 Dec 2023 07:46:56 GMT

GET
H2 200 5b7eaec66bc06cfe3004655a2f7f8194.js Show response
tracking-cdn.figpii.com/ 173 KB
57 KB 348ms
4ms Script
text/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-cdn.figpii.com/5b7eaec66bc06cfe3004655a2f7f8194.js
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecf195a492087cf7849821d85ff95d206b91fbe07381d494a74b57a0eaa96504

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
via: 1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: br
x-amz-request-id: ZYK234QQPDCCKQF7
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
age: 0
x-cache: Miss from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57166
x-amz-id-2: dd1cdAJkhP7GXkprpMWxMum7wWG7Kk88nD8ziacZPz/nhTnWvwUcFe7B3FS3jO4/T7uLdga8jw8=
x-served-by: cache-lga21943-LGA
last-modified: Fri, 02 Jun 2023 11:35:33 GMT
server: AmazonS3
x-timer: S1703576816.431659,VS0,VE1
etag: "faa1e7b6750026b9d4b97e427da02be8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=7200, immutable
accept-ranges: bytes
link: <https://tracking-settings.figpii.com>; rel=preconnect, <https://statics-cdn.figpii.com>; rel=preconnect, <https://rr.figpii.com>; rel=preconnect, <https://variations-cdn.figpii.com>; rel=preconnect; crossorigin
x-amz-cf-id: JpyTLo2cPFVt6ovjbxGiYgnK4YLl2Pp_V5r2xq0vdvz6Aq0JKu_Z5g==
x-cache-hits: 1

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 12 KB
5 KB 582ms
41ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=5c57735c
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f24a06411c8df5fe23242f307ed344660d896add1790cde721b5feaa7f90179b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 06:47:26 GMT
content-encoding: gzip
via: 1.1 4324eb6f3546933f547f29d1ac8226a8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
age: 3571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4482
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "649bdfde482a661912ac351002312946"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1FQbGVJBonC9gWlEAFlJH9wkrNVqJHOilUoxnimE58_TM-m_wo1lOw==

GET
H2 200 bundle.js Show response
snapui.searchspring.io/gthz36/ 193 KB
54 KB 241ms
146ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.js
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e3beec46d0b116dce5344eb4248d2eb72c5dad09defa6c9239df1ec4839e4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDTZDH7ERMP7652
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: 5ioDek9Qoo5S1yUkrQrW/kYPFwzY8ShUqoaF3jc1uKLrY5eaK4YSfN9JU59MNSNCzTuRBaaeBQI=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"fc94aceb7ba3387eea7f0d52a2150ba2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: t7dIJGx69pLM6jYE_xiM9_7EOZMjqWZUBEUt_HZOLAJSuBqMLMCqOA==

GET
H2 200 monsido-script.js Show response
app-script.monsido.com/v2/ 8 KB
3 KB 353ms
4ms Script
text/javascript 34.98.105.146
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-script.monsido.com/v2/monsido-script.js
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.105.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 146.105.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:43:24 GMT
content-encoding: gzip
age: 212
x-guploader-uploadid: ABPtcPr0bhlTvAM340V2Q-q-qBxOmkAbCJjpys8t3fnC8UYWJGgvcEtRT6Iiiha4kWJCeRFXsQOlTL_VggwYq_Mna65I5Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757
last-modified: Thu, 01 Jun 2023 11:12:59 GMT
server: UploadServer
etag: "fce0a6a1f924b9c6816bdc5bc679506e"
vary: Accept-Encoding
x-goog-generation: 1685617979609837
x-goog-hash: crc32c=dMVJbw==, md5=/OCmofkkucaBa9xbxnlQbg==
content-type: text/javascript
cache-control: public, max-age=300
x-goog-stored-content-length: 2757
accept-ranges: bytes
expires: Tue, 26 Dec 2023 07:48:24 GMT

GET
H2 200 US
crossborder-integration.global-e.com/resources/css/1487/ 0
473 B 386ms
49ms Stylesheet
text/css 104.16.228.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crossborder-integration.global-e.com/resources/css/1487/US
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.228.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 10:44:27 GMT
server: cloudflare
vary: Accept-Encoding
edge-cache-tag: Shopify_Shop,Shopify_Shop_nili-lotan.myshopify.com
content-type: text/css
cache-control: max-age=0, no-store
accept-ranges: bytes
cf-ray: 83b7b67c2aec41ff-EWR
content-length: 0
ge-correlation-id-header: 523a1d91-684c-49b1-8079-7ab035ff7047
expires: Tue, 26 Dec 2023 07:51:56 GMT

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@9/ 137 KB
40 KB 325ms
14ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@9/swiper-bundle.min.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Dec 2023 07:46:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16390
x-jsd-version: 9.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41184
x-served-by: cache-fra-eddf8230106-FRA, cache-lga21933-LGA
x-jsd-version-type: version
etag: W/"22512-6lnzeyMttt7iaUB4vyHhU6CbrN0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.6.3.js Show response
code.jquery.com/ 287 KB
85 KB 317ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.js
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3615383
x-cache: HIT
content-length: 86394
x-served-by: cache-lga21939-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703576816.005896,VS0,VE1
etag: W/"28feccc0-47b27"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 custom.js Show response
www.nililotan.com/cdn/shop/t/378/assets/ 14 KB
4 KB 15ms
13ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/custom.js?v=23840926783593787051701708750

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

f2525634cafe04563f4e71e4745c1aaf3603c04ee7d4e61a8f7c0c1d35415f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1868041
content-encoding: br
server-timing: imagery;dur=39.679, imageryFetch;dur=37.095, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 314d2642-067a-490a-9175-81a102198d9b
last-modified: Mon, 04 Dec 2023 16:52:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vS64vuVZLqulUDYjuY21Z1jzSyzfAF3WELJ6LkmnP9LylrxjJTxrgUY9dIjk5mrNHeDyMMK0TV6ff7wEYcGzXyCy4zDFiQIvwxeIx8I5niGxx%2B8GwxAciiFNB4tAnDY5WUOX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b67c9acf0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/custom.js>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 loop-onstore-sdk.min.js Show response
cdn.jsdelivr.net/npm/@loophq/onstore-sdk@latest/dist/ 52 KB
19 KB 324ms
13ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.min.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5901244ffada2a6a5ad910c8fadc13ead5024ef4b2d18659ff8347aa33ef414f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Dec 2023 07:46:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6644
x-jsd-version: 1.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18990
x-served-by: cache-fra-etou8220028-FRA, cache-lga21933-LGA
x-jsd-version-type: version
etag: W/"d06d-AQS7Kk/YX5ntfE1Nlm7DWL2N16g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 status.main.24d0da2e.js Show response
cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/ 181 KB
52 KB 64ms
50ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/status.main.24d0da2e.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9a11e37cf91698aad83112484e3499d9b23b27302ca46a5e71ffb311f0de1b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: imagery;dur=31.851, imageryFetch;dur=31.676, cfRequestDuration;dur=37.999868
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5dddff0e-0ab9-4bda-88ec-e9bec9357ff0
last-modified: Mon, 25 Dec 2023 10:30:32 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia8RNQfzMhuf35VriatTaTYxpPp266kczSynWM54oe838n1RNnmuNnYdBoHxwIyih%2FzxO3E9B2vC1LKyqd3QA%2BTAOsr1hYNe1ppTPiJ2n7aXYNeUtoRA5S5TM8x1ZXbBqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/status.main.24d0da2e.js>; rel="canonical"
cf-ray: 83b7b67a290c43b5-EWR

GET
H2 200 model Show response
conf.config-security.com/ 304 B
850 B 352ms
19ms XHR
text/json 104.26.14.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conf.config-security.com/model
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Flask/Theano
Resource Hash: 2e7fbf57fb1239a1ddae4a31d5e96c1dd5b2875657d9a1eb81db56b8647cd4cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Flask/Theano
etag: "Ujl6fkR5OUcgaTBJV21uMitcUWJ3RyVlUk1wfCo="
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dFzdc0%2FIDIB69h0sodvtbj1J1IbI8KRIzCKaYqn%2BB7OXbJh0LF8q0t3t%2FZQlO8HgmGcZVenWDcfhNCzNJHhBnjBwx8oDJ80tG5nY5wLqtrocq%2FaIJjYRz7mDP6dPKeB%2BhHkihf9ae0Utg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/json
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
cf-ray: 83b7b67e9c551895-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 304

GET
H2 200 triplefw.txt Show response
triplewhale-pixel.web.app/ 122 KB
42 KB 325ms
3ms XHR
text/plain 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://triplewhale-pixel.web.app/triplefw.txt?

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

94777943371b42ba3b86120d52f2e50383c90b3a192bee61a64540360d634c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 26 Dec 2023 07:46:56 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42070
x-served-by: cache-lga21923-LGA
last-modified: Tue, 19 Dec 2023 20:26:25 GMT
x-timer: S1703576816.401359,VS0,VE0
etag: "f60d0bb65a111e5468427d4b72b563ef0f5279cf8cb6ba5006333842d7d8c5b8-br"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: x-fh-requested-host, accept-encoding
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 8203

GET
H2 200 b80cd6a5fw8efabb83pbabe92ddm0cb690eem.js Show response
www.nililotan.com/cdn/wpm/ 81 KB
29 KB 19ms
17ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/wpm/b80cd6a5fw8efabb83pbabe92ddm0cb690eem.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7f448814993f4a8d3e8f4590c7ede0ef2e503e9f9326083c645a154a2e00a7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 654000
content-encoding: br
server-timing: imagery;dur=71.121, imageryFetch;dur=70.888, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a9739d77-a1c7-4ccf-bd4a-d49150010a58
last-modified: Mon, 18 Dec 2023 18:06:54 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1tqatuzTKq%2FQ4G%2FqKFeXPLDLgCL6qfW4f%2BTKIxjthSilBNfQ0YyJ%2FOaookl3WXAR0DwMeu%2FTojHdeuvhmqOAdlqUCq%2BRmEhPUFn7v3Bzd%2BCVNun8cbl4oL1t6e%2FN22sEBMd"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83b7b67c9ad00c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/wpm/b80cd6a5fw8efabb83pbabe92ddm0cb690eem.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js Show response
www.nililotan.com/cdn/s/ 116 KB
26 KB 20ms
19ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

0c92d46581f313de0e958ee989ac07de549ddbdb3fe4aafc7da0416efbb9d8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1876641
content-encoding: br
server-timing: imagery;dur=64.514, imageryFetch;dur=38.210, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: efadec87-d867-459a-ae2b-4023544eb21c
last-modified: Mon, 04 Dec 2023 14:29:34 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGVj33%2BvQZBKKFniwEEJ4qTG9oZTnAOqgbK%2FOyYuAxkcPaPZA2Cx6BU3RsthXrCw1%2FTzLi%2FJwfRROGurmS7IrwOpvhSzmnqI9%2B%2BFuV8%2BMg2Jzc69%2BRRhyg1ujrjc9QjBP0ta"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 83b7b67c9ad10c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js Show response
www.nililotan.com/cdn/shopifycloud/shopify/assets/ 8 KB
4 KB 16ms
15ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2238597
content-encoding: br
server-timing: imagery;dur=29.359, imageryFetch;dur=28.388, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d1fe2dec-e1aa-4cf1-94ef-b86ba827ed83
last-modified: Wed, 29 Nov 2023 10:27:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjeP%2Fdv%2BfFAcmtYnGPTjMQnCRYoaZkmNvrHbq3jdYm5RP9scJreQbe2bmdP%2BC3Pn2u1yv8VZki1EiV28cUiav9hSEqRMqYQBIzsg%2BDIoRc9NW4FP2%2BFH%2BK4VmMTPFvlvi6Vs"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 83b7b67c9ad20c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
www.nililotan.com/cdn/shopifycloud/boomerang/ 58 KB
19 KB 22ms
16ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2164867
content-encoding: br
server-timing: imagery;dur=33.458, imageryFetch;dur=33.254, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 56f757fd-430a-4071-99b9-c40627e11703
last-modified: Thu, 30 Nov 2023 11:35:25 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0YpEfmsjQreoL85fjtc8mY1JFDxMMpSvNO3dI2m77xG9B93LuIUB%2F8OJh2yJT%2B5uP2R%2Bb8%2Fx3F3rECgi47iyuQgphxCEPePVfVYIiBUBZtNNRzMiU%2BVdDqUegaUAPYzDGJ1"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 83b7b67c9acc0c92-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 font_TradeGothicLT-CondEighteen.woff2
www.nililotan.com/cdn/shop/t/378/assets/ 42 KB
43 KB 14ms
13ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/font_TradeGothicLT-CondEighteen.woff2

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shop/t/378/assets/custom-font-settings.css?v=3902182342919947921692816766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5d96e6c61621fddb2a2070d3875f04d4dcb13b5df5e001845f5a767feed3ba71

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nililotan.com/cdn/shop/t/378/assets/custom-font-settings.css?v=3902182342919947921692816766
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1749889
server-timing: imagery;dur=97.499, imageryFetch;dur=97.159, cfRequestDuration;dur=8.999825
alt-svc: h3=":443"; ma=86400
content-length: 43316
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: a3aa97f6-3951-4e86-b5ea-a10e7a5ce329
last-modified: Tue, 28 Nov 2023 10:42:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkGWRKJd8GIrfdPqtY6bHHtLc8faUoIhPXRCTq8uTOwcMYTD1Tm3iXPIBSnSZEpxaCiDDQiZQtKenXRSMJNQTN60Yw5pn7lewtTI%2BckvdPt7KLwXSHSV%2F3l2HYovfdAvS%2BmP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 83b7b67cab8f440b-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/font_TradeGothicLT-CondEighteen.woff2>; rel="canonical"
x-sorting-hat-podid: 117

GET
H3 200 Slice_62_e609c451-7b09-46ce-b3db-4dcd2a096b70_1x1.jpg
www.nililotan.com/cdn/shop/files/ 700 B
1 KB 19ms
18ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_62_e609c451-7b09-46ce-b3db-4dcd2a096b70_1x1.jpg?v=1703245283

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d535fbb135127255dfe0d265d35220ebefe02973c46596736603c97a3a8a42a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 329481
source-type: image/jpeg
server-timing: imagery;dur=240.267, imageryFetch;dur=138.349, imageryProcess;dur=101.348;desc="image", cfRequestDuration;dur=12.000084
source-length: 3547767
content-length: 700
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: e8031d50-c092-4be4-974a-a3c200001995
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 11:51:18 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpbSUXwdi58XDgr%2FAy8ygrO2amO%2FP%2Fl9ycAQcSlbfCamtyuZyDaDxOPndUJxP72%2Be0QEQc0MNSJH6o7SuMXjQ4syZ942Ky3nYEr%2F43tGt4HvbmsC2OrJG4eSGkoT5ZwhJcgK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67ce8e25e60-EWR
x-sorting-hat-podid: 117

GET
H3 200 Slice_63_d805795e-8512-48f7-9c9c-c3158ad9f75d_1x1.jpg
www.nililotan.com/cdn/shop/files/ 696 B
1 KB 18ms
17ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_63_d805795e-8512-48f7-9c9c-c3158ad9f75d_1x1.jpg?v=1703245423

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

8950b07df4320437825a697b97a631e1e437855d405178affb6249f9a343f2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 329481
source-type: image/jpeg
server-timing: imagery;dur=221.612, imageryFetch;dur=58.318, imageryProcess;dur=162.524;desc="image", cfRequestDuration;dur=12.000084
source-length: 2249011
content-length: 696
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 0b51339b-6ec7-4607-aa40-beb19a54fd01
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 11:49:59 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHwgZRcm7g4ToXY8QnWkd0yAaqVEWxdwSe3umqNNCS%2FIn9M4blX2Hon5INEWXBME8GBXWv4q0UDepZwFykeB3o92cKu6Q9NeTgjFpGx%2FMLe7Rm%2B78RWHU0bRHT2zoJx7C56Z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67ce8e55e60-EWR
x-sorting-hat-podid: 117

GET
H3 200 Slice_64_1_1x1.jpg
www.nililotan.com/cdn/shop/files/ 688 B
1 KB 16ms
15ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_64_1_1x1.jpg?v=1703245199

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6320da670c21581426dc62ed594375e418570a8f8ad9c19bfc1ffc6ffce8bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 329481
source-type: image/jpeg
server-timing: imagery;dur=312.669, imageryFetch;dur=140.685, imageryProcess;dur=168.469;desc="image", cfRequestDuration;dur=9.000063
source-length: 5090344
content-length: 688
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: aac013b3-e602-4fb5-b745-2631a742f083
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 11:49:31 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhD5ePj0MpmcaRm5nhSgl7Eq2GVbgHnhKQs%2FqhpqKbVdUFj6B%2B0aT1igTzwVEB%2FFpngPPPiFqYlYGH3d4IrzKtJTjKQ2ZiyGnD%2B4E5HWgrYhiXbTKlUZQm7naYkoBH8iWDED"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67ce8e85e60-EWR
x-sorting-hat-podid: 117

GET
H3 200 Slice_65_c569cd16-0f76-433e-b279-55851b7e8fd1_1x1.jpg
www.nililotan.com/cdn/shop/files/ 688 B
1 KB 16ms
16ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_65_c569cd16-0f76-433e-b279-55851b7e8fd1_1x1.jpg?v=1703245550

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7e1cfe91067658964e77b49596c9000ece21e1a9e19c7fccc5494894ff3a4510

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 329481
source-type: image/jpeg
server-timing: imagery;dur=276.882, imageryFetch;dur=98.337, imageryProcess;dur=173.845;desc="image", cfRequestDuration;dur=9.000063
source-length: 1751887
content-length: 688
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 451f6798-6558-4184-a473-2a52489085e5
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 11:49:58 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX3NJbSs%2BsdKcUOeKWkJHvW5oWrizDARQr2CxWv4I7lfEknIG7tUGZxrsffDefg6xhn4%2Bka45I2KQG5dJUBkglr%2FqjhG9NZwKifIB4v7t3Xx%2FpQ7jeLXb%2BeWfFqYQnwL8HX%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67ce8e95e60-EWR
x-sorting-hat-podid: 117

GET
H3 200 font_TradeGothicLT-BoldCondTwenty.woff2
www.nililotan.com/cdn/shop/t/378/assets/ 33 KB
34 KB 18ms
18ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/font_TradeGothicLT-BoldCondTwenty.woff2

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shop/t/378/assets/custom-font-settings.css?v=3902182342919947921692816766

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

2b7fa1cdaae770412788d3dc974fb860bbdfedf2a7ea721914faf9ad09d41125

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nililotan.com/cdn/shop/t/378/assets/custom-font-settings.css?v=3902182342919947921692816766
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3879673
server-timing: imagery;dur=97.978, imageryFetch;dur=49.157, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
content-length: 34208
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 878f9158-682b-498f-8641-72e79dedb750
last-modified: Thu, 02 Nov 2023 12:54:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9u4CqSkgxn8oShkRPpPy%2FZMf6XdbjOgl5mvfun4UoIIFyNLKcOLDveKOewu0Z5W63Ks3wEDfhuluWInXbVS1bgHkmrFmvrehJsWPEFz4uDBh%2BM%2B9z07fjFHHNxP4qn9n0Wc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 83b7b67ce9f241bd-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/font_TradeGothicLT-BoldCondTwenty.woff2>; rel="canonical"
x-sorting-hat-podid: 117

GET
H3 200 NL_logo_black_11072_1_320x.png
www.nililotan.com/cdn/shop/files/ 2 KB
3 KB 16ms
16ms Image
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/NL_logo_black_11072_1_320x.png?v=1676563208

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a4b74104974b47ebf3d45cc32f1929cbe05289f36987d320eed3dc90f8d6fbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4650668
source-type: image/png
server-timing: imagery;dur=170.966, imageryFetch;dur=31.996, imageryProcess;dur=120.604;desc="image", cfRequestDuration;dur=10.999918
source-length: 7003
content-length: 2378
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: edf860f9-9c5f-44c3-81a8-7221a311d5e6
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 11:38:19 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6oftJ5UxeHV0AhckxOUS%2Bxvd3P4YtBza12qDi4OxeUkg5R3cHKvUt4vAQfO8BxHAkHzDcqetyz%2Bihtm3asaNRJW0xRPK98TrDNOnqMw35tY%2FpcyqWli9N1D3wKKYEz7HXAc"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67d08fa5e60-EWR
x-sorting-hat-podid: 117

GET
H2 200 embed.js Show response
lcx-widgets.bambuser.com/ 77 KB
23 KB 483ms
46ms Script
text/javascript 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcx-widgets.bambuser.com/embed.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

45419c9cc45136cb0b2933aa20a95aa847e248d6b71f68f941a387c36c8e39af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 07:46:10 GMT
x-amz-cf-pop: IAH50-P2
age: 45
x-cache: Hit from cloudfront
content-length: 23133
x-served-by: cache-iad-kiad7000126-IAD
last-modified: Fri, 22 Dec 2023 16:06:32 GMT
x-timer: S1703515510.078818,VS0,VE2
etag: "8b3a0ebae45b9c67532ae3f22d7274e422be7beba748de2c16acc283ad2cccff-br"
vary: accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: 58DTu0YF28HmnNRaG8GbAwN7y6e_jfC5tWORK7rIPRl4ygvZwbUlTA==
x-cache-hits: 1

GET
H3 200 Slice_62_e609c451-7b09-46ce-b3db-4dcd2a096b70.jpg
www.nililotan.com/cdn/shop/files/ 146 KB
147 KB 15ms
14ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_62_e609c451-7b09-46ce-b3db-4dcd2a096b70.jpg?v=1703245283&width=1728

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

19313a7182e4586fedc718f8d4c8768956e01d831ca17be8f16c5c20c2045190

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 327959
source-type: image/jpeg
server-timing: imagery;dur=601.115, imageryFetch;dur=41.760, imageryProcess;dur=558.503;desc="image", cfRequestDuration;dur=9.000063
source-length: 3547767
content-length: 149374
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 73d7785f-42c0-41ce-ab81-8ba53730682c
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 12:40:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiRA5eI0MaMaRhL1vF4Xm%2FRR%2BMzF6GTT2AkeTzkS8FBsEpf9ulLgZJWFBJcly8cPDVJbDyxrEooHiemuiQmTtDRfP4jVrD3cA1R5NPeRnHoJGEzlkU1cjnqCf1oE9D1ESfP%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67d491d5e60-EWR
x-sorting-hat-podid: 117

GET
H3 200 Slice_63_d805795e-8512-48f7-9c9c-c3158ad9f75d.jpg
www.nililotan.com/cdn/shop/files/ 83 KB
84 KB 27ms
26ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_63_d805795e-8512-48f7-9c9c-c3158ad9f75d.jpg?v=1703245423&width=1728

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

530ce7a8fdd3709a8a8baa83c8eb1c5fff6f24e50562be0b684cfdd54fc41258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 327959
source-type: image/jpeg
server-timing: imagery;dur=808.719, imageryFetch;dur=79.597, imageryProcess;dur=728.110;desc="image", cfRequestDuration;dur=10.999918
source-length: 2249011
content-length: 85070
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 58b835e8-e951-4ced-8e8b-5eb40abec69e
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 12:40:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce0kGGw9hCyw%2BfVQShtwYwHYz%2BZ3i7wx8TtV%2B5mR2oaLAivB9XRirDVhYKrmctyGAdObXc9P0yLjb4jvFOBVeNM%2FsLaLOQIpEEud0JkMI8LALmIG8WvN0heYA6Xeu4NCdKqd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b67d491e5e60-EWR
x-sorting-hat-podid: 117

GET
H2 200 vendor.83d6103a.js Show response
cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/ 262 KB
69 KB 44ms
43ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/vendor.83d6103a.js

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

af22e6bb1626b33603bc97ea635ecbb9608797dfd5e00769d1ef4c4363bf2ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/status.main.24d0da2e.js
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: imagery;dur=26.731, imageryFetch;dur=26.554, cfRequestDuration;dur=30.999899
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 05a53e62-a817-4e93-afe7-e59246cec811
last-modified: Mon, 25 Dec 2023 18:43:06 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSZS8V3UC71FZCxRsJrW9pUZwL63UvSPhqLyRH%2B%2BsXzoeDCiwVw4AKu%2FxC1HM7uupZ30IDOZ0Ye1bbnRi8Z%2FjrxJgpKc07et5RcKoclzG638ASLskdH4qrzgi0DOWYLSGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/vendor.83d6103a.js>; rel="canonical"
cf-ray: 83b7b67d5ab343b5-EWR

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 80ms
55ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: BYPASS
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
server-timing: cfRequestDuration;dur=49.999714
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: f3370607-b5c6-41ed-b8ae-79d71c0292c9
x-runtime: 0.002811
server: cloudflare
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xincarning.cyou
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNMVc1Dz9c0n9hKVG4g42j5v1%2B3N0MnV3gCso%2BbacgPX3GL%2FNMriaOttLxpH%2F3RgeoWVsCPADr%2FEKn2cOkbUfY%2FSa7fb0S7oG10%2FrVsP0Cq82hI5qwQDpl%2Fh"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
vary: Accept, Origin, Accept-Encoding
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 83b7b67dae174398-EWR
x-frame-options: DENY
x-sorting-hat-podid: -1

GET
H2 200 / Show response
xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-shopify-custom-pixel@0570/sandbox/modern/ Frame AF9A 40 KB
17 KB 160ms
160ms Document
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-shopify-custom-pixel@0570/sandbox/modern/

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/wpm/b80cd6a5fw8efabb83pbabe92ddm0cb690eem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

599a02d5ad9a0a15a90f7771b656fa38aa4731de9856f51fdd205d0d3329cfb9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 606311
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: DYNAMIC
cf-ray: 83b7b67da96c420d-EWR
content-encoding: br
content-language: en-US
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:56 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4I4g6AJIBTaJEzgwInlY%2FTd3shr%2FDmTwiusVIez1Hwfq%2B9zjt8xenbwWRO6hjUJlhFChaMTS%2B09tGFkReIx%2FA4YJkMRXyNeFSB4cRBEYXBdYN%2BU%2BviM68Ru1PUQ660rcaQFN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=26;desc="gc:2", db;dur=11, asn;desc="20001", edge;desc="LAX", country;desc="US", theme;desc="122387857526", servedBy;desc="2d99", requestID;desc="34a3159e-48f9-4c04-9b57-ff87e982e57e" cfRequestDuration;dur=9.000063
strict-transport-security: max-age=7889238 max-age=31536000
vary: Accept-Encoding Accept
x-cache: miss
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 34a3159e-48f9-4c04-9b57-ff87e982e57e
x-robots-tag: noindex, nofollow
x-shardid: 117
x-shopid: 2175959158
x-shopify-stage: production
x-sorting-hat-podid: 117
x-sorting-hat-shopid: 2175959158
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
401 B 243ms
242ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTs9ciDuTAAz1pn%2FqTFBRVkQPPKbNfQd1SRiaXjEse1T8GsV2vimDe%2F4iv57k7lokEUO39MMSYTsYtyWCMf3HICA6V4XghjHSJzsQ7iZq23X9labSQ0U9P78yNW9Hi8A09k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b67dc97b420d-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
407 B 233ms
232ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py3q8wWvUiZ1CPDKi5LlLNIxaWtvvtPLUaYoaQ%2BIpz3mpcx%2FR4hMVKpeGzaajgfPGP2SGlY70NZA85tS1UXNWIFZ6LicPD%2F4fulGBPYx0W%2BTMIO%2BXkf2SuTmfC95OLoX94o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b67dd97c420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 fender_analytics.89f34df06656c3dc9d28.js Show response
static-tracking.klaviyo.com/onsite/js/ 30 KB
12 KB 33ms
3ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: GadaMo2p1P2atkKpiMgv7Gd8LLGkdfnv
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: 41XWC3D1GY325EYT
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11635
x-amz-id-2: Mq0R7cgcDyDLHzW4Zvh3cGV6gqKqA2zV/gceab+y92VOsk99VX3gqkA5fPD0Ob1rvBXOsIlgjbw=
x-served-by: cache-lga21973-LGA
last-modified: Tue, 14 Nov 2023 22:07:03 GMT
server: AmazonS3
etag: "bb49f17f755f19e389ff56fdf58385b4"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 70f8fbaf91440c5493b93d4ba1ccacc5de04bc0a
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 197866

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
1 KB 35ms
4ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: AS5HKYSNDWHFWQPJ
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 985
x-amz-id-2: lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by: cache-lga21973-LGA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 217491

GET
H2 200 runtime.04fc31de852277dbf5c6.js Show response
static.klaviyo.com/onsite/js/ 19 KB
8 KB 11ms
4ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2604e0106de740bae018e30ef8acfb6b2b8a7f921ceef50db1d4aa07dd40422a

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: F1u6ewANkcYz6cyS9vUgeZoqbRF1LLW7
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: F2RJ4K0KJPT8HJN8
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8195
x-amz-id-2: P/N8NW7z7PnzSRPyrQygpUh5nXbyM3i/+iK9hJOzDcBL5b61bjkCcZem8IS8TjWdoCZ8NUKjNtw=
x-served-by: cache-lga21925-LGA
last-modified: Fri, 22 Dec 2023 16:43:43 GMT
server: AmazonS3
etag: "96250dae6a71f6cf3629c6ff25c5855b"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f2106466567c148174eb22c485e62b8a4a5a8fa1
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 238039

GET
H2 200 sharedUtils.481c86ceb0604beda8d1.js Show response
static.klaviyo.com/onsite/js/ 43 KB
17 KB 12ms
5ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.481c86ceb0604beda8d1.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72d4af70a6b8fe2e81d9127ed541e76f8dfc40564fa37e07e1631c8b9c12f2e0

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: o5ZWTF6CwYcu7h8t48K7aYQGbxe32ncu
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: F2RHPXN7WVKWAW4Z
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 16826
x-amz-id-2: yF2iLn3sm2ORJKoQWhgPbalXC3g/WaG5glPaDFcD7arlXCvzJnAHr/HDIOVcdyu9NWleBJ/6dzc=
x-served-by: cache-lga21925-LGA
last-modified: Fri, 22 Dec 2023 16:43:43 GMT
server: AmazonS3
etag: "002e3ddec20a9c034cb376b485ec3510"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f2106466567c148174eb22c485e62b8a4a5a8fa1
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 238539

GET
H2 200 vendors~signup_forms.f3ed4b7e48b30a32dcaa.js Show response
static.klaviyo.com/onsite/js/ 32 KB
11 KB 11ms
5ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.f3ed4b7e48b30a32dcaa.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ZhNogCIJONMuChXu.t4F7L2ie_KxJ_Pj
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: AS5SV8VJ00WB1284
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11079
x-amz-id-2: Qo2u7ig/nyEMbWTjaKheHni/MZNLcdgdUFOZhBDbmfj2nrlOnSROg5xiwH4XZH89GwLRYWH/kBE=
x-served-by: cache-lga21925-LGA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "6dbcc92ef0da9f2c90a94133f8337b36"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 168102

GET
H2 200 signup_forms.53efed8fc3bc3affeaaf.js Show response
static.klaviyo.com/onsite/js/ 39 KB
13 KB 10ms
3ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.53efed8fc3bc3affeaaf.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77a8838e3b7d7419c7cf2384374cb01add21a311c9bee83960c652a6bbdf56ae

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: YMA2z3EojO9hwVcFVNspp1UWd4Xry2ai
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: 09Z66H3D5ATRDQ65
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12895
x-amz-id-2: GLDHn7IdmMR/UdH8egPkkybrK41OqeCD3Vqqf0Poe76Gd4iTccArM2oU+XyggQA8zHXePB0yfPI=
x-served-by: cache-lga21925-LGA
last-modified: Thu, 21 Dec 2023 18:06:28 GMT
server: AmazonS3
etag: "02c338986746ef92bf8baddfb640c7b6"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: ff6d064bbc8fea5f6d5e1119a80ab4bd6fca3714
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 178535

GET
H2 200 post_identification_sync.bd6c56cefa3b981da223.js Show response
static-tracking.klaviyo.com/onsite/js/ 7 KB
3 KB 33ms
3ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.bd6c56cefa3b981da223.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=P922QU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d179a95f323fea709ddba50be80ca43e77c316ebd7dc18583bd42144efadfbe0

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2f3x2Kg0SoVE_QC5dCYH1A9iCGL1U.pH
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: QW09D22ENY5MA8KS
age: 279865
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 2848
x-amz-id-2: 5JudD2K3rFWifAmL1xF56KiP3JxqOdo+DoIJP1Z9WRX9szD7/QzVZSZtVDPeBZ4nYPT2PVPRkjY=
x-served-by: cache-lga21973-LGA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "2916019f5fdfcc69a8fbab0980b2506e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 38092

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
96 KB 45ms
44ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FP901V2FT8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8a1add45b133053fa46875954e4fd9628e025a077b4f44c6447126ebc5ab2381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 07:46:56 GMT

GET
H2 200 5002acd7a0516972c5a4a48c6af63efd.js Show response
ob.powerrobotflower.com/i/ 100 KB
37 KB 447ms
45ms Script
text/javascript 99.86.74.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.powerrobotflower.com/i/5002acd7a0516972c5a4a48c6af63efd.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-17.iah50.r.cloudfront.net
Software: Caddy /
Resource Hash: bdad2e3f8d79600eb0a61c57a568a7910cc93c77bb956b92e11184436cf95a4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:51:28 GMT
content-encoding: gzip
via: 1.1 3dd195f5e55726c4b58b7de30ace1c7c.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: IAH50-C4
age: 32145
etag: "18f3f-sukDZa9kkGTBpprjydDjBtaysnM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37290
x-amz-cf-id: tQUgdlT_yrUPFYzIz4ktZWGYlXv6d-VX4gjwIvoe-6SxZXsZ6F7qWQ==
expires: Tue, 26 Dec 2023 10:51:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 355ms
12ms Script
text/javascript 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Dec 2023 06:52:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Dec 2023 08:52:28 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 333ms
17ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 26 Dec 2023 07:46:56 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18CD617AC0224F4082C73000D601B3D0 Ref B: EWR30EDGE0720 Ref C: 2023-12-26T07:46:56Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13187

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 329ms
4ms Script
application/javascript 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1793

GET
H2 200 KWxdr8t519K1TBqFEK8V.js Show response
tags.creativecdn.com/ 4 KB
2 KB 345ms
4ms Script
application/javascript 156.146.36.24
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/KWxdr8t519K1TBqFEK8V.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSJQLH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.36.24 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 137173278.nyc.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
x-age-lb: 795
x-guploader-uploadid: ABPtcPqKcnGFao30oIWvA4sU5l3LMylPSdPpo8TCuzoi-oy-W7d1O0A7gztJejQFqWC06qHrwWPujPqmUHogKGStPDLj-LjrnygB
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-accel-date: 1703576021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: EQwBnJIkFgH3GwMAAA
x-accel-expires: @1703579569
x-77-age: 795
x-cache-lb: HIT
last-modified: Mon, 22 May 2023 18:03:13 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 1e192d0837649371f0848a6568da672a
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1684778593183959
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Thu, 26 Oct 2023 10:53:19 GMT

GET
H2 404 worker.modern.js
xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-14712950@ac96a02e1f5608479f943ddad83583cd/sandbox/ 548 B
409 B 249ms
249ms Other
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-14712950@ac96a02e1f5608479f943ddad83583cd/sandbox/worker.modern.js
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxzblojIpkhApHdhKq4xRU%2BlY5MBq2BmyN0HuVHWoUKJkQt0XxPAqQL5aBAjcCY8Nihe7%2BhMX%2Fjr5TCKVpWBt1QKKzL%2Fn%2BZZm21Dz6e0Fe6NaYz4GwbHsTdwcZNn8cSiNnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83b7b67e39b6420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 404 worker.modern.js
xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-shopify-app-pixel@0570/sandbox/ 548 B
410 B 235ms
235ms Other
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-shopify-app-pixel@0570/sandbox/worker.modern.js
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mh9Qq5TPDFcqYkva%2FcCxkReW8MZB9y%2FmmOBGD3xy%2FEDM7fi479TlmCJJ93iwSQHXj1h4vv1fEJ%2BHyBuHLMEEWVpQnXkOGX3HwUgBlQ7GpaRhC4zMHMCDBtHf1v6qNUn5df4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83b7b67e39b7420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 317ms
4ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 07:46:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: NTK/kz0UxMX0kI5M0INpTphBhh0t87h1Dlahv0fo9h2NGHzaIEJ9QmsUOBPk2gFx1PsolIhRtNxVW12E33ZE4A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 28ms
18ms Script
application/javascript 23.44.203.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGSM33JC77U3UDPKK3LG&lib=ttq
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 29b58e012dac5911aed7638b7829c073fc7fc85180bddc8adca5e5fcb39473a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2fe739bf
date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231226074656FC582B4E124B2450E8A4-21D94D49D4060B45-00
x-cache: TCP_MISS from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=10
content-length: 1540
pragma: no-cache
server: nginx
x-tt-logid: 20231226074656FC582B4E124B2450E8A4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.44.202.19
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d3728d6d88b989a3602bfd00e325ecb04f3b40df6b007dfc272a05490b2241bbccc08b2d3cb3867dfc908b64c8fef88940206a0e158c3489947089ffbaea1540c61f5fb0f3091fbb9d4854c596aae1fc8
expires: Tue, 26 Dec 2023 07:46:56 GMT

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
488 B 255ms
252ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTLd88IaC9mGwHth36BYr7lXjTK6O9oFiFJfEzUWvm2I1Kbyd5GlPjyDOkv7NZa0ATkLUNM0scRU4EXOo5ptU0Mq168y47ihWyyQaQ9%2FhXc%2F1iMOM6efwatXFiulP%2BDYryY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b67e59c3420d-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
432 B 233ms
232ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8kuAAsi4jgYk8LnZZRP2FQdo0uDOJbUxs49qidhUcbv9Ow%2FNsG2LzoZcY0fADTiVw5zT1S62AYaMrqNcx%2F11AdL3h3BWX350roNGWqvGlR1yoR5uKvaUzCH7lkT9wdjAYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b67e59c4420d-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
413 B 237ms
236ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/s/trekkie.storefront.7a4225caf9379fe42103e492053220a7195df1ae.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBaqQWL7CpxqP%2Bwq8f8aapuOmmgNiyhaQKN%2BA8KzheXQpxPB362z5oFaAw5HP8vDmKJJpIKlfZ04e1zNVmu3p3d%2FtcmerqgyfKVKfJCME55wptaeNZTaqOjU22tHkF16ero%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b67e59c5420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 3 KB
1 KB 33ms
4ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=P922QU

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4b08c9feb0648e053737ecf28c438bedcd308f48df7b0a1081f8a8bbceb914ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=900
age: 9071536
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self'; object-src 'none'
x-cache: HIT, HIT
content-length: 618
x-served-by: cache-bos4667-BOS, cache-lga21967-LGA
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=10
access-control-allow-credentials: true
vary: Accept-Encoding, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 3244, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/P922QU/ 202 KB
22 KB 15ms
3ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/P922QU/full-forms
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab86cb45e2d8101d3b8733d8f58a58eb6bec8449a3a6f5cf2b45cfe0d32c597c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: V562op_LDa1ltm48.BsdFAsQiDlf1C3d
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: 1QAXQYM13WZHYQ29
age: 908226
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/P922QU custom-fonts/P922QU
content-length: 22115
x-amz-id-2: 9TWvmUAEcTWbLOhzU72JguMipzaag+qukGIZdf6X3JihAZXswUWO4ARnfP8qah9dfDLy5uuSU/o=
x-served-by: cache-lga21955-LGA
client-geo-country: US
last-modified: Fri, 15 Dec 2023 19:29:49 GMT
server: AmazonS3
x-timer: S1703576816.440497,VS0,VE0
etag: "317813f7edae8341456943c5dcdec64e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 10

GET
H3 200 consent-tracking-api.js Show response
www.nililotan.com/cdn/shopifycloud/consent-tracking-api/v0.1/ 15 KB
6 KB 17ms
16ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ef5695392329615991aef82ee880b52c17e6dd36d875c34000975d796a602815

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1554
content-encoding: br
server-timing: imagery;dur=31.881, imageryFetch;dur=30.927, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3e83c123-d4e2-460f-84c5-3bba69be0e62
last-modified: Tue, 26 Dec 2023 06:51:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tt387cB3Gp1GI5Fgab7cQ8ccLXPz6hALD9xLQp%2Fu%2Fu%2FlY%2BnRApKsi2TEUKU%2FGigLus6JhKCiRrRwS9HbKJF%2Bl5PMHkxbFLwLAauiGTuC1oWxQinx8U%2F6VVIZdJVaTisAPnWS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 83b7b67ebadb41bd-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H2 200 bundle.chunk.6d047e1a.919.js Show response
snapui.searchspring.io/gthz36/ 17 KB
5 KB 108ms
108ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.919.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f44e9c872141fdc5eb5fbff567a5d1be662c1a3d97de09dd01eec82c48cddbda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDKQ0CX77JVA4JG
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: GF5LFWZAmKKgC58+J9yvgaSxGo4+ynjoFjd2x7vAFVDB6aCb2QDjR5sWX8KoKrFc1EbXi1MRkXA=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"c21af63d6fceefce30f2fd3a7806fb00"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: D8_tzMJvoPC3Rd2O7OcWGMp4PMWxv3MmAaJ0EgItw0-8BedRU0gguQ==

GET
H2 200 bundle.chunk.6d047e1a.48.js Show response
snapui.searchspring.io/gthz36/ 8 KB
3 KB 97ms
97ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.48.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 049bea8a1df87ebe9292c77a866aaa4ce0d3c7812fada4d5c7653e90458d7f32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDJ49FYF4PJN96Y
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: 22C+dgHjKc4HiNhEdgPKtWe03ygKHisk6FSwyZL4wiS2Cu7bayOvcQ1cBmfNugiGhKvlSWHgdVo=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"b91d906ed535c60325128d17205bffaf"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: bMJXpnvBNCiqVgcPR1cVlmImHca9gYoB2PtN68LMI3C65TNQoAApfA==

GET
H2 200 bundle.chunk.6d047e1a.100.js Show response
snapui.searchspring.io/gthz36/ 5 KB
2 KB 109ms
109ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.100.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f99773abc36c62afc7b0e7173181c7af23da42d6b4e9f480169dcb478862e9d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDPW8SNVC2QPFZV
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: capAZTjCIK1jiUmU/jaEasgM0XJLp4TPxvIx3rQzeFCDjAipoyK6yi74a/mE/yJ+cHv8vh++4EI=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"d189f188af74a3374950796c5395dfbe"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: vnaoWJqLVjlYo6oWOLBFPXPiNdDsPbWWj7IPy_N2iMfnX0kpXMh9Mw==

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 400ms
34ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 07:23:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:46:56 GMT

GET
H2 200 vendors~atlas~ClientStore~renderReviewsWidgets.18bd4076289f092e4f0a.js Show response
static-tracking.klaviyo.com/onsite/js/ 22 KB
8 KB 5ms
4ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~atlas~ClientStore~renderReviewsWidgets.18bd4076289f092e4f0a.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87c14f094253cb7538e516d55c2a6980ff86e4d20f9edb04595724362e3ef2ed

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: BMpdGjlBobpuu99gwxmo_HJrgns3urTE
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: ZEQJ1K4HEFCC1CPV
age: 279866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7956
x-amz-id-2: 12gT8eRplQIa+8NMxaBGZCjmNsZPjSexCBTP3IUCW/K1Th2irqo4r3ujWBxqTRldIgB/fvB3vL0=
x-served-by: cache-lga21973-LGA
last-modified: Thu, 21 Dec 2023 18:06:29 GMT
server: AmazonS3
etag: "d4f581b93f2fb8d5f237b9ef431a9bfe"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: ff6d064bbc8fea5f6d5e1119a80ab4bd6fca3714
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 34997

GET
H2 200 ClientStore.0ac4d8619421b95641c4.js Show response
static-tracking.klaviyo.com/onsite/js/ 62 KB
19 KB 4ms
4ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/ClientStore.0ac4d8619421b95641c4.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c889a12e296533a6361dfebbe6ccdfa3d8e1a38d3c2e0504ef0dc4da5a48a3c8

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 8t77SqsN16x13inWM5FLCz36p3AFvqiE
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: 3RRATFSEB3AXV9PK
age: 279866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 18616
x-amz-id-2: RhgLfrpu+AY36OuFzC9IT7Ie6a1iRQ8C/twXEFnhhULs1Rivg0bq6IOSAC2p6rqYNh/+MTWBX8WPdWNBOV/PetMncDqf3l5x
x-served-by: cache-lga21973-LGA
last-modified: Thu, 09 Nov 2023 21:03:19 GMT
server: AmazonS3
etag: "47f2345c0574e80eef58a4a66e8a9f1a"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a3ebc4568e722b3a96e077c548234a1394352b59
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 34586

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 372ms
33ms Ping
text/plain 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FP901V2FT8&gtm=45je3bt0v892294471z872498993&_p=1703576815683&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1771488554.1703576817&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703576816&sct=1&seg=0&dl=https%3A%2F%2Fxincarning.cyou%2F&dt=Nili%20Lotan%20%7C%20Timeless%20Fashion%20and%20Luxury%20Designer%20Clothing%20Brand&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1888
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FP901V2FT8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 340ms
18ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FP901V2FT8&cid=1771488554.1703576817&gtm=45je3bt0v892294471z872498993&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FP901V2FT8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 378ms
63ms Preflight 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Dec 2023 07:46:57 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
88 B 64ms
63ms XHR
application/json 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://xincarning.cyou/
Bugsnag-Sent-At: 2023-12-26T07:46:56.741Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: 465ea043759a7e320b7a44e46a8aa7c2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:46:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 5b7eaec66bc06cfe3004655a2f7f8194.json Show response
tracking-settings.figpii.com/ 128 B
612 B 24ms
7ms Fetch
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-settings.figpii.com/5b7eaec66bc06cfe3004655a2f7f8194.json
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0068af387bf1e48d915cf09feca8bc55b911dcd9300e7741ba1b5298504415d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-amz-request-id: ZKNRFP3GK1Q5JHN8
age: 0
x-amz-server-side-encryption: AES256
x-figpii-city: southington
x-is-identified: 0
x-is-mobile: 0
x-client-ip: 5.181.234.133
x-served-by: cache-lga21943-LGA
x-timer: S1703576817.761559,VS0,VE2
etag: "b44ea56207678204690fdd952d34c818"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=90, immutable
x-cache-hits: 1
x-figpii-country: US
date: Tue, 26 Dec 2023 07:46:56 GMT
via: 1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 108
x-amz-id-2: +P8DSq4JfAK8VwnLg12Ywrn62S9/wED7Irqlb2pmMldL4ywn+qs+mkbwM0v/fFPP6szZf9xWfDo=
x-is-tablet: 0
x-client-hwtype: Desktop
last-modified: Fri, 05 May 2023 02:11:04 GMT
server: AmazonS3
x-figpii-region: CT
x-is-crawler: 0
accept-ranges: bytes
x-amz-cf-id: 1Zq6X9IYorN6GBSf9IQipOFwYQoqBGvePMzym-PawZKOg-IszOF2Ww==

GET
H2 200 main.MWNkZmM2YTcxMg.js Show response
analytics.tiktok.com/i18n/pixel/static/ 409 KB
110 KB 8ms
6ms Script
application/javascript 23.44.203.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMg.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGSM33JC77U3UDPKK3LG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e3ecbd97c79b1c43125eb294359763c5c1632a14432ee41507ef5c30d5ae8a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2fe73a08
date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202312211226012E04A68727F675FC82A1
x-tt-trace-id: 00-2312211226012E04A68727F675FC82A1-4E49D27BBEDF49C8-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016df838d3262f239a304fe5c530db58e39b3ee6a311fb3a3da4c4eb10557d438e18bcf8919b5bf380a2392c323281304414b8480c7156775e86792f20291e21f052a3997e57a1bada7659b1d8fc4cdec10be26181c1abbea95837439f29ab1889
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 112250

GET
H2 200 bundle.chunk.6d047e1a.478.js Show response
snapui.searchspring.io/gthz36/ 30 KB
12 KB 124ms
120ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.478.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd8e0b669dd11f9eb42a467db749bd6168f944c3c9e82461d0e84d6429064554

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDKEBNT5SKNSMH7
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: xt/HA+82LhrB5Zxha4eS1s1s34hY0F5iplgY4UvZWYf8L/oEMJZxeOm9rSSRhIUpXun9XpWoRn8=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"28da0165cdcdbe9b33040275ab8a30d2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: fyhTWxfVnbk5JqvE4X-TeTfz3y7tKS3B_KfV9z21F4ZopnEKoEaO9w==

GET
H2 200 bundle.chunk.6d047e1a.800.js Show response
snapui.searchspring.io/gthz36/ 13 KB
5 KB 98ms
95ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.800.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ef77b18dfbf75133f1d9bb3e222dcf3f7c8708acfc2406ec597e13b9406101a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDSG4BMMYPENTPD
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: nz3hv/t9j2fsbpyBskLcL2pViUmWjaNU7KFZRPKrWSZVvQ6eH8Sg3DxnZDAFNT91oRmB2Kbnub0=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"447f35221d7c20f5f37045d16e369c49"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: sOc3j9dM64eF4juFNxDtN8StWvc3AhA7QeBibVnorg3OKbXQcPnrqQ==

GET
H2 200 bundle.chunk.6d047e1a.206.js Show response
snapui.searchspring.io/gthz36/ 14 KB
4 KB 102ms
99ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.206.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c397a6712f44ed23a49be65fd2e55c3e90eb0d3ef716ebe0828b5f737aab7f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDZX4F6P2C5CTP0
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: PqNubf5v8SegOIW/IxgFPQ+25UjuarA2NEinEj+7p9CfwiaKYNrMT1lR+DrT0aGJoV1gZgGjT9s4uI+HZzrL9w==
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"9158b80670abe1eaf2c6caa09a3b9788"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: JBz0YRvM0ZzVRPW8anshTQbs967hZmlhU9g0m9IrWU-vuACLYumOyg==

GET
H2 200 bundle.chunk.6d047e1a.839.js Show response
snapui.searchspring.io/gthz36/ 22 KB
6 KB 123ms
121ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.839.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5984b560afcc6a663018faff525c81523bc8c95a7c7d5a728581628a65cf8ec1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: ZNDVWYP8AR88S781
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: jRcG9w0nuu7H4SYW+FWlQaEy+ts/HeN72+jaXqUASJm13i8NDZYrdt2m9UCiST5OhVwuIjBk540=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"8a0ef59ccd508d78f254940d6c897702"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: Qb4Rkgh7Q_S85vBI9fHOe6E1jGDtsyrgeo8KyBwjiDr_yt1Ph4klCA==

GET
H2 200 profile.json Show response
gthz36.a.searchspring.io/api/personalized-recommendations/ 380 B
777 B 300ms
102ms Fetch
application/json 13.249.59.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gthz36.a.searchspring.io/api/personalized-recommendations/profile.json?tag=home&siteId=gthz36&branch=production
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-47.iah50.r.cloudfront.net
Software: Apache/2.4.56 (Debian) /
Resource Hash: 3546a54dcf785503921fd892381da30935d01fbf8196bff060b52b07ebba0072

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
via: 1.1 eedd4dd78b768617deb6a56194adcbb0.cloudfront.net (CloudFront)
server: Apache/2.4.56 (Debian)
x-amz-cf-pop: IAH50-C2
access-control-max-age: 86400
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding
access-control-allow-headers: origin, x-csrftoken, content-type, accept, x-requested-with, searchspring-session-id, searchspring-user-id, searchspring-page-load-id, searchspring-no-beacon, x-shopify-request-fetch-dest
content-length: 258
x-amz-cf-id: c2CFh4ePOxQMN0REo3rrNgSe-QGxe0U2S__oxsEmNVXxT6b2RjN5mg==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A7EF 14 KB
6 KB 333ms
10ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=xincarning.cyou&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://xincarning.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:46:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 581170
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 trending Show response
gthz36.a.searchspring.io/api/suggest/ 277 B
528 B 241ms
71ms Fetch
application/json 13.249.59.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gthz36.a.searchspring.io/api/suggest/trending?siteId=gthz36&limit=6
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-47.iah50.r.cloudfront.net
Software: nginx/1.25.1 /
Resource Hash: 3f3c67caf23be8362b9045651ba52ac2c1f6da611a56a47f366e244bc2790ceb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:45:06 GMT
content-encoding: gzip
via: 1.1 eedd4dd78b768617deb6a56194adcbb0.cloudfront.net (CloudFront)
server: nginx/1.25.1
x-amz-cf-pop: IAH50-C2
age: 110
access-control-max-age: 86400
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 144
x-amz-cf-id: at40SgV00c5bDRvgsudh50e6qoybc1oU6pcNfBGZVXjmThJYFOWQ_g==

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
406 B 84ms
83ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/wpm/b80cd6a5fw8efabb83pbabe92ddm0cb690eem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGEHfYpJZPwp5P%2B8JR37zh0UxWGLmP1DajmtdfFDThgbx0VPu6%2BapP%2FUgW1r9QDghesSnLEhiSyPVd0PpE%2FZA5LnhfznlrVNPc3U3ibl%2BBq9ncGiQMlQQaI5h6mlk7KnBjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b680fb7c420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 532.990f01752c62dd3be3f6.css
static-tracking.klaviyo.com/onsite/js/ 39 KB
6 KB 4ms
3ms Stylesheet
text/css 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/532.990f01752c62dd3be3f6.css
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d55f85cb1a0d87fcddc112f8348aa55dafa8a2b72cac0c7b97fef541dc4869fa

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: kthO8LlafdbV9pnf9AeRlYLkCHpGnP2B
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: ZBNA08TGMRRBSEKT
age: 279866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6182
x-amz-id-2: uKEVkTLnNBbKs3N12uwJXjTd5ZgQM/xzfgkDh7/dUjpW+8yNv1K7mamOg+FLz/yJLcXZrrBvrak=
x-served-by: cache-lga21973-LGA
last-modified: Thu, 21 Dec 2023 19:18:50 GMT
server: AmazonS3
etag: "1bc018cf863053d2605b3c874c53a8af"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 99a5e66e2dfb67db1e013f35451c33054954338e
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 36458

GET
H2 200 styles.33920725fb7c3c853f53.js Show response
static-tracking.klaviyo.com/onsite/js/ 13 KB
4 KB 5ms
4ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/styles.33920725fb7c3c853f53.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6af4bcb3682d264b8c6c71aa0a96f2a707e46621379a0001e5990292c8572f68

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 6X62wqiV95x4.SV1SgX5r3xFnIWPJ.8S
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: S3EWW0FRWWHXG0T0
age: 279866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 3994
x-amz-id-2: sAqK5TsQSo7i1vvAbr7iuiFdAIywO057h6t8mk2WIalfApUmcCUiQGEvj06mABarYdyEYuKyB7pVybXWSzcsrfReR46ZTifJDl7kzTPeEbI=
x-served-by: cache-lga21973-LGA
last-modified: Tue, 28 Nov 2023 20:02:19 GMT
server: AmazonS3
etag: "b77ebf481e9f2fe8cb099ed9a28980e7"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: ca0c74fa4ac6a01c464513de19d863f435e8b95c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 36273

GET
H2 200 vendors~Render.2bc5e6bf5bd25bc82a40.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
4 KB 6ms
5ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~Render.2bc5e6bf5bd25bc82a40.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 353f85cdd75082efd47eb3b3f1f0ab5ff7e0d21fd0a27ef7836a573cca5348f1

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2av0aphi7XKEw.X.ZcFEWGRxk4eNgWx2
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: W8C3FM0Q8CC53H2B
age: 279866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4020
x-amz-id-2: NAaPpJ08XmQMPZFsaavdofIs+QH5RL1iFfkNnN0OmkN9NkijRSw1df96Aboh2l5E2Yh7g0ebzzLxeAfJ8Agldw==
x-served-by: cache-lga21973-LGA
last-modified: Wed, 01 Nov 2023 22:25:28 GMT
server: AmazonS3
etag: "22f6291462298f7a69a6bb88dd1bc0eb"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: de3d2b24392429952093848ed2231367282799b3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 36194

GET
H2 200 Render.6dce5f7d32906dd2f7aa.js Show response
static-tracking.klaviyo.com/onsite/js/ 117 KB
33 KB 4ms
4ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/Render.6dce5f7d32906dd2f7aa.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.04fc31de852277dbf5c6.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b41263821289570317cfd0670979b400f1c80f84fb9f29b5fd761b0687317e5

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: LhjlOvB9iSryTN6j1UlCNzEsFJp8.Qot
content-encoding: gzip
via: 1.1 varnish
date: Tue, 26 Dec 2023 07:46:56 GMT
x-amz-request-id: PYT5FKMMZVBBVYN4
age: 279866
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 33174
x-amz-id-2: vP4RxRjOuf48ahN3qnl8wvymPx0lF6ppqb4rSzxrVeBU0IuOxHghdQNq7RWa6w9dF4obXs9ZmhFG3FBSwftbHA==
x-served-by: cache-lga21973-LGA
last-modified: Wed, 13 Dec 2023 19:28:59 GMT
server: AmazonS3
etag: "c18f2e524a5395d0d72487a3b4dacc8b"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 81f2fed3565aaf95499b87d01ed82c25b7f27f15
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 36167

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
113 B 75ms
75ms XHR
application/json 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Cookie, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 83b7b6834bd64241-EWR
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
113 B 66ms
66ms XHR
application/json 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Cookie, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 83b7b6834bd34241-EWR
access-control-allow-headers
x-robots-tag: noindex, nofollow

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 6ms
3ms Script
application/javascript 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-163-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18895

GET
H2 200 5c57735c Show response
settings.luckyorange.com/ 4 KB
2 KB 36ms
35ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/5c57735c
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: ab608ae91b59dbb48c7c30c9481f5eda570179428cece656ca10ac59830b511b

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
x-lucky-referrer

Response headers

date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xincarning.cyou
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect
www.google-analytics.com/ 35 B
241 B 34ms
32ms Ping
image/gif 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
347 B 215ms
17ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17497609-1&cid=1771488554.1703576817&jid=179367104&gjid=1295814119&_gid=1836034548.1703576817&_u=YCDAiEABBAAAAEAEK~&z=1233410331

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 26 Dec 2023 07:46:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
91 B 34ms
33ms XHR
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=874416528&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nililotan.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Nili%20Lotan%20%7C%20Timeless%20Fashion%20and%20Luxury%20Designer%20Clothing%20Brand&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAGgGKAB~&jid=1190506429&gjid=926541667&cid=1771488554.1703576817&tid=UA-17497609-4&_gid=1836034548.1703576817&_slc=1&did=BwiEti&z=1844005693

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

75f46f863b37ada8682d1e3f7efd65289a8d8e2272c0f1559b4ff2c956ab0315

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 212ms
19ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17497609-4&cid=1771488554.1703576817&jid=1190506429&gjid=926541667&_gid=1836034548.1703576817&_u=YCDAiEABBAAAAGgGKAB~&z=1271123316

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 26 Dec 2023 07:46:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.html Show response
lcx-widgets.bambuser.com/ Frame 0B3F 338 B
647 B 44ms
44ms Document
text/html 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2

Requested by

Host: lcx-widgets.bambuser.com
URL: https://lcx-widgets.bambuser.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

be7fbbae4d2bc676ad2fceef0baa5e91233a24969079bd6f10e0d7df604b76b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://xincarning.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 24
cache-control: max-age=60
content-encoding: br
content-length: 125
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:32 GMT
etag: "327dc6430eea8eff9c225654c79682e3f131267a50661f864718f580b61dec6c-br"
last-modified: Fri, 22 Dec 2023 16:06:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: accept-encoding
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
x-amz-cf-id: mozuEdHQoHmzUFNWv6IpYQ4a239kbq_JQn_OsCwra-N4xeJYkMUhSg==
x-amz-cf-pop: IAH50-P2
x-cache: Hit from cloudfront
x-cache-hits: 1
x-served-by: cache-iad-kiad7000046-IAD
x-timer: S1703353172.032959,VS0,VE1

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
317 B 60ms
59ms XHR
application/json 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Cookie, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 83b7b6834bd54241-EWR
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
343 B 57ms
56ms XHR
application/json 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Cookie, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 83b7b6834bd74241-EWR
access-control-allow-headers
x-robots-tag: noindex, nofollow

GET
H2 204 25002839.js Show response
bat.bing.com/p/action/ 0
117 B 34ms
33ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25002839.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 26 Dec 2023 07:46:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F82813CC77974756820E573C6803A8D1 Ref B: EWR30EDGE0720 Ref C: 2023-12-26T07:46:56Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 29ms
29ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25002839&tm=gtm002&Ver=2&mid=9f153c23-01af-4717-a31e-d242df149b88&sid=f1ad54c0a3c211ee8e4cc117c3f13bf7&vid=f1ad7570a3c211eeb6c09d3655f34ba1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Nili%20Lotan%20%7C%20Timeless%20Fashion%20and%20Luxury%20Designer%20Clothing%20Brand&p=https%3A%2F%2Fxincarning.cyou%2F&r=&lt=1696&evt=pageLoad&sv=1&rn=669350

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Dec 2023 07:46:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 105FAA7290934C9F82EAF84E1F75FCEF Ref B: EWR30EDGE0720 Ref C: 2023-12-26T07:46:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2

204

v2 Show response
us.creativecdn.com/tags/
Redirect Chain

https://us.creativecdn.com/tags/v2?type=json
https://us.creativecdn.com/tags/v2?type=json&tc=1

0
169 B

10ms
9ms

Fetch

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://xincarning.cyou
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Tue, 26 Dec 2023 07:46:56 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://xincarning.cyou
access-control-allow-methods: GET, POST
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 647812202032179 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 82ms
81ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/647812202032179?v=2.9.138&r=stable&domain=xincarning.cyou

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

c2a5b2b2e98a14f163f3ac3baf6edb445a5446baff45e8139efc0f30efc4a78a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 07:46:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3TmHj+3Ll42jedXsUupBxNc35wbwaMMqW2DKyc/R6Yf0qu6nf8/wisN4TF+2u3BEEPFEsrf0xcfGvczYd+KtSw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 353ms
42ms Preflight
text/html 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 83b7b682fbb24241-EWR
content-encoding: gzip
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 351ms
40ms Preflight
text/html 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 83b7b682fbb84241-EWR
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 5c57735c
settings.luckyorange.com/ Frame 0
0 171ms
32ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/5c57735c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://xincarning.cyou
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Dec 2023 07:46:56 GMT
via: 1.1 google

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 294ms
41ms Preflight
text/html 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 83b7b682fbb74241-EWR
content-encoding: gzip
content-security-policy: base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ Frame 0
0 294ms
42ms Preflight
text/html 104.18.3.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=P922QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 83b7b682fbb54241-EWR
content-encoding: gzip
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 86ms
8ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://xincarning.cyou
access-control-max-age: 3600
content-length: 0
date: Tue, 26 Dec 2023 07:46:56 GMT
vary: Origin

GET
H2 200 ct Show response
obs.powerrobotflower.com/ 3 KB
1 KB 386ms
31ms Script
text/javascript 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/ct?id=36879&url=https%3A%2F%2Fxincarning.cyou%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1703576817074&hl=2&op=0&ag=15316576&rand=942062080072111787829117076557992307154661292113217758557502031092262552891005109768&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk4NzZdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjMwLFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIwLDAsMCwxLDAsMCwwLDAsMCwyLDAsMCwzMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxNSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxMiwwLDEsMCwwLDAsMCwwLDMsMCJdLFstMSwiLSJdLFstMiwiMTIsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9WZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1U0FQSi9HdCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjAsIjE3NzE0ODg1NTQuMTcwMzU3NjgxNyJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjozNTEwMDAwMCxcInVqaHNcIjoyNjAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTcwMzU3NjgxNzAxMCwxMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDI3LDAsMCwzMTQsNTIyLC0xLDAsMTMwNi43LDEzMDYuNywyMjAzLDIyMDMiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMyxmYWxzZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiUGFjaWZpYy9Ib25vbHVsdSxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8xXCIsXCIyMDcwMjgzMjMxXCIsXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMVwiLFwiMzc0NjE0OTQxM1wiLFwiOTg0OTQ0MzUwXCIsXCI3OTUzOTU3MDlcIl0sXCJzXCI6MX0iXSxbLTU1LCIxIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUTRJQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGNYQmtSVVUxTlNVb0RGaFpXV3hkSlZrNWNTMHRXVzFaTlgxVldUbHhMRjFwV1ZCWlFGZ3dKQ1F0WVdsME9XQWtNQ0E4QURndGFERmdOV0EwQldnOVlYdzhLWEY5ZEYxTktBd2dERHc4SUNBOFFGVmhOR1UwWFhFRkpWa3ROU2hrUlVVMU5TVW9ERmhaV1d4ZEpWazVjUzB0V1cxWk5YMVZXVGx4TEYxcFdWQlpRRmd3SkNRdFlXbDBPV0FrTUNBOEFEZ3RhREZnTldBMEJXZzlZWHc9PSJdLFstNTgsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MCwxOTNdLFstNjEsIntcIndnc2xcIjpcIjA7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTYyLCI4MCJdLFstNjMsIjAiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjUsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LG90cGNyZWRlbnRpYWxzLGNodWFmb3JtZmFjdG9yLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxneXJvc2NvcGUsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEsbWFnbmV0b21ldGVyLGFjY2VsZXJvbWV0ZXIscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGNodWFhcmNoLHhyc3BhdGlhbHRyYWNraW5nLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy02NywiMjUzMjMxMjg4ODoyNyJdLFstNjgsIi0iXSxbImRkYiIsIjAsMTIsMCwwLDIsMCwwLDAsMCwwLDEsMCwwLDAsMiwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwxLDAsMCwwLDAsMSwwLDQsMTUsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDgsMCwwLDEsMCwwLDAsMjcsMSJdLFsiYm5jaCIsMTUxXSxbImFibmNoIiwxNTJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=eYbptXbSTS&pto=2267&ver=58&gac=1771488554.1703576817&mei=&ap=&fe=1&duid=1.1703576817.uda5JfCG0p3f9R1a&suid=1.1703576817.nUDHS0cVtGj9ch6p&tuid=1.1703576817.EOsHLYZv236hLGVd&fbc=-&gtm=WyJ2aWV3SG9tZSJd&it=104%2C1521%2C476&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=f1ad7570a3c211eeb6c09d3655f34ba1&spa=1&urid=0&ab=
Requested by: Host: ob.powerrobotflower.com
URL: https://ob.powerrobotflower.com/i/5002acd7a0516972c5a4a48c6af63efd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: a13dfd25c1306f5b1e64beed6584109124a7a326638ef0e87348a7ed63023b19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1201
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_ce767.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 9ms
9ms Script
application/javascript 23.44.203.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2fe73a47
date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202312211226012E04A68727F675FC82CC
x-tt-trace-id: 00-2312211226012E04A68727F675FC82CC-651FAB37B50997D6-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016df838d3262f239a304fe5c530db58e39b3ee6a311fb3a3da4c4eb10557d438e18bcf8919b5bf380a2392c3232813044a79bdc532af2cda96a78dc9fa9ff14186c75e0090ae3e34ee4cb8b836d582bae5ea657564706a2c5360c7add49457223
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 36184

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
697 B 65ms
64ms Ping
text/plain 23.44.203.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2fe73a4f
date: Tue, 26 Dec 2023 07:46:57 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231226074657DF12C072C032D6C50615-623A0580C130315C-00
x-cache: TCP_MISS from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=44, cdn-cache; desc=MISS, edge; dur=5, origin; dur=52
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231226074657DF12C072C032D6C50615
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 52,23.44.202.19
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d3728d6d88b989a3602bfd00e325ecb0407d24373bc9a37966d272ac158c001c4184c716cd6a0e4f25591f99043079faa9744f1fae0061b1a74eafd4843c5d5ccc5eb0ff9a06e560f29dbfb485b18a03b
access-control-allow-headers: Authorization,*
expires: Tue, 26 Dec 2023 07:46:57 GMT

GET
H2 200 widgets.js Show response
lcx-widgets.bambuser.com/ Frame 0B3F 65 KB
21 KB 44ms
44ms Script
text/javascript 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcx-widgets.bambuser.com/widgets.js

Requested by

Host: lcx-widgets.bambuser.com
URL: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

3a3aaf8e740c9330b339e89ccd1cbd2fbd6710cccab666824b9637b3bf03242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 07:46:48 GMT
x-amz-cf-pop: IAH50-P2
age: 9
x-cache: Hit from cloudfront
content-length: 20859
x-served-by: cache-iad-kiad7000033-IAD
last-modified: Fri, 22 Dec 2023 16:06:32 GMT
x-timer: S1703545908.018400,VS0,VE1
etag: "87d8eec2bcf89e59ffd19c946c3cdb2a9010e4f2777e46caced4994834c39b88-br"
vary: accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: NyYeDPBF2Omt8Ne9pMzHy09g2PO8gTHRBAdLy1BNth2U8gsTzGppdQ==
x-cache-hits: 1

GET
H2 200 recommend Show response
gthz36.a.searchspring.io/boost/gthz36/ 105 KB
18 KB 157ms
157ms Fetch
application/json 13.249.59.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gthz36.a.searchspring.io/boost/gthz36/recommend?tags=home&limits=20&siteId=gthz36
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-47.iah50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 45729480768750d17814000f2f2d2587ae848be18113f27e2539ab361f29d43d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
via: 1.1 eedd4dd78b768617deb6a56194adcbb0.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: IAH50-C2
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization,Mode,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-Shopify-Request-Fetch-Dest
x-amz-cf-id: kIN0qKvUk_brjE833Q0bTtARNzHgqYctvhSpPYTZB0fNlBg8LQ7vcQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 415ms
38ms Image
image/gif 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-17497609-1&cid=1771488554.1703576817&jid=179367104&_u=YCDAiEABBAAAAEAEK~&z=1850924245

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 49ms
49ms Script
application/javascript 172.217.13.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-83VBZY3TR1&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

978e92d4d78fe3dcc45fb38fd44c91b8f1dfa6031eb75fcba221db216e36dc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 07:46:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 412ms
38ms Image
image/gif 172.217.13.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-17497609-4&cid=1771488554.1703576817&jid=1190506429&_u=YCDAiEABBAAAAGgGKAB~&z=1673986622

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 9ms
8ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://xincarning.cyou
access-control-max-age: 3600
content-length: 0
date: Tue, 26 Dec 2023 07:46:57 GMT
vary: Origin

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame A7EF 439 B
968 B 11ms
11ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=xincarning.cyou&sn=ChromeSyncframe&so=0&topUrl=xincarning.cyou&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=xincarning.cyou&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ee1a12a0421e8662c1a027f6a956c27d517c5e3bb841d2a85e262e684fc19d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=xincarning.cyou&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1143370
expires: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
691 B 26ms
13ms XHR
application/json 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614375903527&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1703576817218&dep=2%2CPAGE_LOAD

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.6b24c317.1703576817.4cfde7a0
x-envoy-upstream-service-time: 1
content-length: 174
x-pinterest-rid: 1529655661644135
pin-unauth: dWlkPVlqSTJPVFpqTVRJdFlXWXdaQzAwT1RkakxXSTJaamt0T1RjMFpUQTRPV1U1T1ROaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xincarning.cyou
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
689 B 24ms
12ms XHR
application/json 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614375903527&cb=1703576817219&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.6b24c317.1703576817.4cfde79f
x-envoy-upstream-service-time: 0
content-length: 174
x-pinterest-rid: 5714246938765456
pin-unauth: dWlkPU5URmtNRFF3TldVdE1qWmlZaTAwTnpFM0xUa3hZamN0WlRobU1qSmtZV001TkdVNA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xincarning.cyou
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 324ms
4ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=647812202032179&ev=PageView&dl=https%3A%2F%2Fxincarning.cyou%2F&rl=&if=false&ts=1703576817263&sw=1600&sh=1200&v=2.9.138&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1703576817261.758096220&ler=empty&it=1703576816901&coo=false&eid=sh-a517502c-24A6-4556-22FB-955111290853&rqm=GET

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Dec 2023 07:46:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 font_TradeGothicLT-CondEighteen.woff2
cdn.shopify.com/s/files/1/0021/7595/9158/t/217/assets/ 42 KB
43 KB 45ms
45ms Font
font/woff2 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/t/217/assets/font_TradeGothicLT-CondEighteen.woff2

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

5d96e6c61621fddb2a2070d3875f04d4dcb13b5df5e001845f5a767feed3ba71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=105.106, imageryFetch;dur=104.719, cfRequestDuration;dur=39.999962
alt-svc: h3=":443"; ma=86400
content-length: 43316
x-xss-protection: 1; mode=block
x-request-id: 34fce3b0-76de-4f69-a616-d0dfe5295b7f
last-modified: Mon, 25 Dec 2023 14:43:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSbzhi%2Bl3aLetNQueOcV26gDl7%2FI%2FL4UGpNwJFN10LpQNww5%2FTFMyuZdHX2LUmqUMVr1%2Fo2C0KHnEcEAU5Tyb1Zk%2BNJRM9NJeOA0pTWuQqgDDPRsIJsK9C9HJSlGmS64oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/217/assets/font_TradeGothicLT-CondEighteen.woff2>; rel="canonical"
cf-ray: 83b7b683fac14346-EWR

GET
H2 200 7004fe14.bundle.js Show response
lcx-widgets.bambuser.com/ Frame 0B3F 14 KB
6 KB 41ms
40ms Script
text/javascript 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcx-widgets.bambuser.com/7004fe14.bundle.js

Requested by

Host: lcx-widgets.bambuser.com
URL: https://lcx-widgets.bambuser.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

5cd87d4b3f829cc8a95eab28737afc1b7d626600e06e6772a91dc967f6577433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 07:46:03 GMT
x-amz-cf-pop: IAH50-P2
age: 55
x-cache: Hit from cloudfront
content-length: 5448
x-served-by: cache-iad-kcgs7200106-IAD
last-modified: Fri, 15 Dec 2023 08:26:34 GMT
x-timer: S1702983722.060466,VS0,VE0
etag: "84098c75fe8e702f63125f416608a959d4745dc92012d481d11100b87f838b9d-br"
vary: accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: _X9NEN8Ct0HDxTTUz3YyhqeWTLuv58dD0tKW83n0xNHxBURdm5kQkg==
x-cache-hits: 3

GET
H2 200 5f1da2ba.bundle.js Show response
lcx-widgets.bambuser.com/ Frame 0B3F 18 KB
4 KB 41ms
41ms Script
text/javascript 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcx-widgets.bambuser.com/5f1da2ba.bundle.js

Requested by

Host: lcx-widgets.bambuser.com
URL: https://lcx-widgets.bambuser.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

922082bfc728630c5220413f5c3f362ed7c45e321260411c2fe2cd21ff0879d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 07:46:25 GMT
x-amz-cf-pop: IAH50-P2
age: 32
x-cache: Hit from cloudfront
content-length: 3695
x-served-by: cache-iad-kjyo7100137-IAD
last-modified: Thu, 21 Dec 2023 14:59:46 GMT
x-timer: S1703240245.377707,VS0,VE1
etag: "b8e28e049ee43b3948736909a5ecbb5cb800205584b809a5ed433e24c60dce99-br"
vary: accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: CdIQNjKxXRN6N-H80vZajcpwo3GTZLG8NW0lZWXAyV6C4Nfu9fVTzw==
x-cache-hits: 1

GET
H2 200 b1684578.bundle.js Show response
lcx-widgets.bambuser.com/ Frame 0B3F 19 KB
5 KB 42ms
41ms Script
text/javascript 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcx-widgets.bambuser.com/b1684578.bundle.js

Requested by

Host: lcx-widgets.bambuser.com
URL: https://lcx-widgets.bambuser.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

3df3c5e83c1d9f689f73d4ef41b17aeb87a5a74b06f7b5a75ce3712b7ca72394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 07:46:20 GMT
x-amz-cf-pop: IAH50-P2
age: 37
x-cache: Hit from cloudfront
content-length: 4736
x-served-by: cache-iad-kiad7000061-IAD
last-modified: Wed, 20 Dec 2023 09:59:55 GMT
x-timer: S1703068460.048661,VS0,VE1
etag: "012f422c21c48fc192f7d7428663edf75e37246219dc2cdff4a1eedde327fff0-br"
vary: accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: c5uY3-_TFaz5dHed-zWDoBYG3kdLDwiLRTn1n5-G-TOiEEme7yvmXw==
x-cache-hits: 1

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame 2333 211 KB
64 KB 571ms
192ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=5c57735c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6352462047da04fef0c9e83236e414c6e39f4667a608f04285d7e54f0362bd10

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 64954
last-modified: Wed, 20 Dec 2023 19:47:07 GMT
server: AmazonS3
etag: "1a31b8dca406772125381b2c516e2084"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SCDjMq2iUKP1AH6EOoQzncM6cEpXXnzVDnGi1diRARNHsKwtyNT-9Q==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 12ms
11ms Image
image/gif 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614375903527&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fxincarning.cyou%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1703576817289

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6b24c317.1703576817.4cfde7c1
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 9393812676082376
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cb36f0af-e8b2-40ad-bece-d03a901e5c11.png
d3k81ch9hvuctc.cloudfront.net/company/P922QU/images/ 4 KB
5 KB 151ms
39ms Image
image/png 99.86.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3k81ch9hvuctc.cloudfront.net/company/P922QU/images/cb36f0af-e8b2-40ad-bece-d03a901e5c11.png
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.102.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-102-24.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e08e2d248fa1c9e922e7c3c1427357297ca7ade8dd963e10d3f6bf162aa6c15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 21:49:20 GMT
x-amz-version-id: KTuW5Z09edDzw8Bts3uPdt68BcrpeQvI
Via: 1.1 7744bfa103b832e34136c7b2eb438bd8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAH50-C3
Age: 1591058
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4594
Last-Modified: Mon, 12 Dec 2022 18:42:34 GMT
Server: AmazonS3
ETag: "736977deefcc7b7f0493f2aac08fc90d"
Content-Type: image/png
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: 0NtKth02DvKd9mk1wvk_-P5FM8tV8_dQKTE2PXDWDrFRBf79qYuHjA==

GET
H/1.1 200
OK ae11601c-065a-4d2d-bb0e-228908031b05.jpeg
d3k81ch9hvuctc.cloudfront.net/company/P922QU/images/ 49 KB
50 KB 147ms
39ms Image
image/jpeg 99.86.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3k81ch9hvuctc.cloudfront.net/company/P922QU/images/ae11601c-065a-4d2d-bb0e-228908031b05.jpeg
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.102.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-102-24.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea0a73f79d3a48d4ae551bf0360b4ccfe0be6c02646d5bbc218425ed3d5db8c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 19:49:11 GMT
x-amz-version-id: OuZCpQzB4IQI5FCszyZBlYkOFY.OE1Ya
Via: 1.1 49b3b3bca8c1a893d1cd36619612ed04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAH50-C3
Age: 907067
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 50232
Last-Modified: Fri, 15 Dec 2023 19:26:58 GMT
Server: AmazonS3
ETag: "7c00cfb6eecd7b6f74eccf734eeeedaa"
Content-Type: image/jpeg
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: uQtmIOevrlY26ekelOnbgJICMBJN-vqTlKyuTjGNrj1UDqGNzKDkMg==

GET
H3 200 font_TradeGothicLT-BoldCondTwenty.woff2
cdn.shopify.com/s/files/1/0021/7595/9158/t/325/assets/ 33 KB
34 KB 38ms
37ms Font
font/woff2 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/t/325/assets/font_TradeGothicLT-BoldCondTwenty.woff2

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

2b7fa1cdaae770412788d3dc974fb860bbdfedf2a7ea721914faf9ad09d41125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=102.971, imageryFetch;dur=102.551, cfRequestDuration;dur=32.000065
alt-svc: h3=":443"; ma=86400
content-length: 34208
x-xss-protection: 1; mode=block
x-request-id: 21a6b7c3-014c-4734-964e-8e9b555278a2
last-modified: Tue, 26 Dec 2023 04:50:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tq3oGBwhqCQ%2FhYI%2BNNv5QCF9nhkiEEfWi56Ny4%2B1x%2B3yqReF8Rf6m21qxXb%2B335kuLl6t5X9%2FgM3YeV6vN8GR24ZUK3AGbthJE1ti9VmjNdKKj6WXgii1T35ts4u8BXqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/325/assets/font_TradeGothicLT-BoldCondTwenty.woff2>; rel="canonical"
cf-ray: 83b7b6845ae74346-EWR

GET
H3 200 font_TradeGothicLT-CondEighteen.woff2
cdn.shopify.com/s/files/1/0021/7595/9158/t/325/assets/ 42 KB
43 KB 42ms
41ms Font
font/woff2 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/t/325/assets/font_TradeGothicLT-CondEighteen.woff2

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

5d96e6c61621fddb2a2070d3875f04d4dcb13b5df5e001845f5a767feed3ba71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=58.039, imageryFetch;dur=57.657, cfRequestDuration;dur=32.999992
alt-svc: h3=":443"; ma=86400
content-length: 43316
x-xss-protection: 1; mode=block
x-request-id: a269c4ad-00a3-41a1-8237-7c7fa93c3541
last-modified: Mon, 25 Dec 2023 18:43:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrXaH5XMbMKyHJJMifdauX5y6DW54Ltr3P6Ady55I6%2Fehe4RMq%2BlYlRYVe6MUnm4Vx6xZgGvnFUT1O0BwtF9OXTgW78%2FUKe354%2Bqq%2FWgb2p5S1tzx5dAIOrYUCDXZYzi%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/325/assets/font_TradeGothicLT-CondEighteen.woff2>; rel="canonical"
cf-ray: 83b7b6845ae94346-EWR

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 43ms
42ms Ping
text/plain 23.44.203.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.147 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2fe73a73
date: Tue, 26 Dec 2023 07:46:57 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231226074657B3CEE3C5755168DCB15E-651FAB37D51DF882-00
x-cache: TCP_MISS from a23-44-202-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=7, origin; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231226074657B3CEE3C5755168DCB15E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.44.202.19
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d3728d6d88b989a3602bfd00e325ecb0427587f73464b6df992da792283044eb21baf89503de393b6bbf3d5420e4514dfe35e903d4678a3ae9b70185f04bdad8d5923e8e11ed11cb8d80ce71ea653c72f
access-control-allow-headers: Authorization,*
expires: Tue, 26 Dec 2023 07:46:57 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
700 B 12ms
12ms Image
image/gif 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614375903527&cb=1703576817362&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlqSTJPVFpqTVRJdFlXWXdaQzAwT1RkakxXSTJaamt0T1RjMFpUQTRPV1U1T1ROaA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fxincarning.cyou%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6b24c317.1703576817.4cfde7ee
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 8726026704661260
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 35ms
33ms Ping
text/plain 172.217.13.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-83VBZY3TR1&gtm=45je3bt0v9164381718&_p=1703576815683&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1771488554.1703576817&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.nililotan.com%2F&dp=%2F&dt=Nili%20Lotan%20%7C%20Timeless%20Fashion%20and%20Luxury%20Designer%20Clothing%20Brand&sid=1703576817&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2594
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83VBZY3TR1&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 20ms
18ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-83VBZY3TR1&cid=1771488554.1703576817&gtm=45je3bt0v9164381718&aip=1&dma=0&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83VBZY3TR1&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 404 produce_batch
xincarning.cyou/.well-known/shopify/monorail/unstable/ 548 B
430 B 103ms
102ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/wpm/b80cd6a5fw8efabb83pbabe92ddm0cb690eem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfwxKwn6hzfBRkUlvWxVK2w6G81THzBq4p510nF2goHhHfyyQ%2F7Kp7u%2FdQdXISsLZEWSzSezX6aLeyGq0jMQf7cQSHTXpFpcaGgFj4MihGNkBvhc1eHpTKAPzi%2Fd10%2FknZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b684dd93420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 49ms
27ms Script
application/x-javascript 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=62249&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26z%3D&p1=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p2=e%3Dvh%26ecpplugin%3Dshopify-cg&p3=e%3Dce%26m%3D%255B%255D&p4=e%3Dvh&p5=e%3Ddis%26a%3D%255B62249%252C62249%255D&adce=1&bundle=YkGHyl9tT09YUmJKSDBmNXclMkZ2T05rN3NtdzlHN2h0QzRqM2s3U3p5JTJGNW1sVkZuV1A0TUtlS1olMkZiS3FjOFZCMzEzZVlDQ0RnU0c3ZjIzbk1HWkpRZTFZMlBXT2lIcSUyQjFrdTlBNVhGUWJrcSUyQmYlMkJUeXV0d2pnelg5UUxrbldNZWc3YzI3bE5FcUo3dEJJT0JJWTFETFM1byUyQm5CQSUzRCUzRA&tld=xincarning.cyou&fu=https%253A%252F%252Fxincarning.cyou%252F&ceid=40f7f8a3-015a-4abd-b5c0-faebaa6fe5bd&dtycbr=67837

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cac3757b6db31bd3c30a4bd56a913f3e5d37a334299257c5911ad4c8f7b4082e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16235750
timing-allow-origin: *
expires: 0

GET
H2 200 wup0f1XwVVQaQXEGLni2 Show response
svc-prod-us.liveshopping.bambuser.com/widgets/floating/ Frame 0B3F 2 KB
2 KB 505ms
38ms Fetch
application/json 99.86.74.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://svc-prod-us.liveshopping.bambuser.com/widgets/floating/wup0f1XwVVQaQXEGLni2
Requested by: Host: lcx-widgets.bambuser.com
URL: https://lcx-widgets.bambuser.com/b1684578.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-77.iah50.r.cloudfront.net
Software: Google Frontend /
Resource Hash: ff96436c4de02261766ea0d90b99bece5a07b19ca4dce0f90363908218085bc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lcx-widgets.bambuser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:45:30 GMT
content-encoding: gzip
via: 1.1 dab9621fb9e60d4beae799f308450f86.cloudfront.net (CloudFront)
server: Google Frontend
x-amz-cf-pop: IAH50-C4
age: 87
vary: Accept-Encoding,Origin
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lcx-widgets.bambuser.com
x-cloud-trace-context: e113f54c0718531260e3866cd6028882
cache-control: max-age=60, stale-while-revalidate=30
x-amz-cf-id: RQOw6njaSitlDevnamYwYa73XAhbbwQDMzLXkM9nNE8hfm7kFAzmlw==

GET
H3 200 swatches.json Show response
www.nililotan.com/cdn/shop/t/378/assets/ 9 KB
4 KB 43ms
40ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nililotan.com/cdn/shop/t/378/assets/swatches.json?v=150151561897149555321699040440

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

2853c7a4937602c4f23c2a4cd0de87b6cf5411dad6910b3f799194d725d20e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3706877
content-encoding: br
server-timing: imagery;dur=105.568, imageryFetch;dur=98.967, cfRequestDuration;dur=8.000135
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 26727c8e-b906-4845-a5d9-50858258f15c
last-modified: Fri, 03 Nov 2023 19:40:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qHXwmmB%2BxPhgc9eZt5uMzy301lM3bx8h8CMt00mobQ8sPcmeUDnu%2BO72IjdhpLW6Y6eHyiVgewn16wOsxlAmKS%2FRXDYAsr29xiga68c1pFR9Y8hyJrR63iwA1LIPYdJACqz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 83b7b6854ee641bd-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/t/378/assets/swatches.json>; rel="canonical"
x-sorting-hat-podid: 117

GET
H2 200 10193w12-shon-pant Show response
xincarning.cyou/products/ 138 KB
8 KB 543ms
489ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/10193w12-shon-pant?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25372458d5d0137621f8069ca8a5120c7ef71607d6cb7330efba1f8e6e6a54d7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=173;desc="gc:72", db;dur=30, render;dur=19, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="llhd", requestID;desc="64a5eef1-189e-4abb-9402-7d9ab813d6fc", cfRequestDuration;dur=250.000000
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 64a5eef1-189e-4abb-9402-7d9ab813d6fc
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uakfsbWTafOhcNwv0o0BsowoLB8Jjr1tIxXxeFUH11LkzX0%2B3QFrSmMlzKD4pprt0LnENVSJ3mfVKNm4wRJfRszEV3v8tl3BQ37JM7SULj1Z0sE4CtTJ%2FrNpqzulDIa7A3Ib"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859de9420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 shon-jean Show response
xincarning.cyou/products/ 16 KB
4 KB 423ms
370ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/shon-jean?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81691baa950bdab9abab164934d982a2238371d1f2f50f74c18017ae9b091583

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=86, db;dur=41, render;dur=4, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="w6dw", requestID;desc="191f86d5-9a2b-4074-8d08-d31d78c5297f", cfRequestDuration;dur=164.000034
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 191f86d5-9a2b-4074-8d08-d31d78c5297f
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ2juouT2FsI5X9iYuxN9DZxl0Ez3YD276oIHbLxtdGllLcmrsNylopPsjaZvvfbHmoCSQAQoEjGCvLpRTCKLOQLnhkROrDo979s2RDiKI2cqWkXSs5a7jl2j8rZ1U0uylog"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859deb420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 quentin-jean-1 Show response
xincarning.cyou/products/ 16 KB
4 KB 359ms
305ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/quentin-jean-1?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5eb597d69d2a0820d2c3a9d3bf8fe5f3da976f57ea54fed66243f1782f0e2f1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=84, db;dur=43, render;dur=2, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="llhd", requestID;desc="43071e21-e76a-4b16-bcd1-270cf3a198a0", cfRequestDuration;dur=155.999899
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 43071e21-e76a-4b16-bcd1-270cf3a198a0
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSjkh%2BZFNfnzYAQV1mSJWdJCt%2FSGYUmhjLSsXuPZUV5dmgrt1R%2Bza1V5Og8nAAhQJ1axeuoN1I1oW%2Fv1gXCLshiHpl689qTI%2FAOAhh3cjablVb8%2FC2tKOTXXHhNuyerfZtjd"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859dec420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 corduroy-jenna-pant Show response
xincarning.cyou/products/ 51 KB
5 KB 416ms
365ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/corduroy-jenna-pant?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cb4df0fc2cd3af5b07b85d035e9ca9af934e6bf61f6e47f86b210690e1f37

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=60, db;dur=25, render;dur=6, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="fgbf", requestID;desc="cf800919-cabb-4886-9e81-95a37725ffbe", cfRequestDuration;dur=131.999969
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: cf800919-cabb-4886-9e81-95a37725ffbe
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMLPoL9yF2nW5JqJRwrQlX4Um8m4pQO2M0FXjKzrixJ15BZCySEiwg%2B45XPk8ZKCgeuUaB8%2B51EumjE4cN0Uq2MKPQK1%2Bz62Ds2%2Fj9EIOYVfeIOXwcFLx2jmHU4JZGHlmfSW"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859ded420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 emerson-jean Show response
xincarning.cyou/products/ 29 KB
5 KB 402ms
352ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/emerson-jean?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16878f720076d27d5290375a49ac421d643d96b1748b51affd2f4f18fa4d9df9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=110;desc="gc:56", db;dur=21, render;dur=3, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="sfl2", requestID;desc="3a0c3b60-f117-4706-bea2-5a311474efd2", cfRequestDuration;dur=174.999952
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 3a0c3b60-f117-4706-bea2-5a311474efd2
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oohl4f97WfK6W2pqcjB8hYaNNFTWI60IP34NvUrIT62WXZvgA5ZK1Ya8N6uWbass6hGH2DDg%2BHVSIZUSs0EXBlgpUAZ4zb9JxcHYPXfgnIxijcDqqbZH%2BQWk5SPmAUKJ0QkP"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859def420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 jenna-pant Show response
xincarning.cyou/products/ 136 KB
10 KB 626ms
575ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/jenna-pant?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dbfe94a846a31999a41f2e3949729e4216f6b9506c82c0c5aa44176eaff510d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=85, db;dur=26, render;dur=18, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="rpcr", requestID;desc="370162cd-e991-446c-b3fb-a1700f0d9615", cfRequestDuration;dur=148.999929
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 370162cd-e991-446c-b3fb-a1700f0d9615
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkB7Za%2BgnJrIyftfW1g2u0e6Te16ET1GqkbQeFDR3cfmcMbuyX2yBWzE%2FO4cpwlWeBuaOjbYI9zXh52fYIC9YEVwV544jZI%2F9iNnrlFoIRjkuDjaHLoZeWXnB8cMPlEzodvu"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859df0420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 nilis-belt Show response
xincarning.cyou/products/ 37 KB
3 KB 629ms
578ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/nilis-belt?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bafbc4b6e39d7716fcc8b99fd86f68676f0b529010aaf0ca003fce48729ea73

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=111;desc="gc:40", db;dur=30, fetch;dur=1, render;dur=5, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="sfl2", requestID;desc="06a966c0-5f43-40ad-bcef-9ba11437b565", cfRequestDuration;dur=176.999807
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 06a966c0-5f43-40ad-bcef-9ba11437b565
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0yRAAOy6%2FCof5ALYcgGrMKKZ1Gi1VjuWCw3xXU4S2Ks1KDvcxGTzXQzxwW0FQJCqAM1C%2FBhRjJS%2B2tasA7laEBlOdry2dUdhrDu%2BbxsFt4EB0502CvG0uvAcavWrTcvSYit"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859df2420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 megan-pant Show response
xincarning.cyou/products/ 76 KB
7 KB 370ms
319ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/megan-pant?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1024c034b1189e8dd36009c89773c7ffd183f5689d4849728076272db684b02b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-storefront-renderer-verified: 1
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=68, db;dur=29, render;dur=10, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="rpcr", requestID;desc="2541dda1-de89-44f0-86c4-220653c075e9", cfRequestDuration;dur=145.999908
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 2541dda1-de89-44f0-86c4-220653c075e9
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoNcqi7Vp%2BogVH%2FNAQfxl1w2dmvjRRFLygvs5miKVT7zpgAqPIJh5DtMTOeKiI7zt4u4npV7sIgfsRM5cH2BYO2xGVcA2UrnC78yryI65FVy%2Frbjo7g1Wa6zCtWJQTnoIKVN"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859df3420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 mitchell-jean Show response
xincarning.cyou/products/ 64 KB
6 KB 518ms
483ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/mitchell-jean?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b4ee39aa55f3ea87e7af3212cbadcf5561fcf27edb13a7c28d26b2a6486d82

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=69, db;dur=28, render;dur=8, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="rtxq", requestID;desc="72606f3a-b54d-45e1-a5e4-e0960bf21854", cfRequestDuration;dur=135.999918
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 72606f3a-b54d-45e1-a5e4-e0960bf21854
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3ia3TX3SO1O7q5Q6xpY%2B8Ndbc2wMYcUN2knJGXTBfmURIqHRFEcF1g8WDiLy4PPCbvt6QFQPkuV5FXYTBUGi2CY%2B2bYl%2Fzt4X9AqhBYpe8dJlyRlLlS9wQNfeQl6%2FKHjKQk"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859df6420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 celia-jean Show response
xincarning.cyou/products/ 18 KB
4 KB 610ms
577ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/celia-jean?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a76c1136dc2cda3bfc85479843d4f71407471926955db0b25b02a60303c391

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=130;desc="gc:51", db;dur=38, render;dur=2, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="w6dw", requestID;desc="04c9c77e-f487-4a75-8977-5304624cb5a1", cfRequestDuration;dur=220.999956
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 04c9c77e-f487-4a75-8977-5304624cb5a1
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiMXlQdby8tf4xO69hiL0P5TbGCwekkGYQl%2B4LISMUYA9RxPr9Giymm8hMhVxLgHhJdFj37yjkVvAexsgpLeUMDomboa1c48%2BPlWdZ8%2FTeqLgSknXp0ejqpXtlp0yQVHB034"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859df7420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 raphael-classic-shirt-1 Show response
xincarning.cyou/products/ 28 KB
3 KB 478ms
445ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/raphael-classic-shirt-1?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924b08b6ebd1b1f8672dc271cdab3fb89b1710afd74b0f9caac4cbd2c6c1edae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=62, db;dur=29, render;dur=4, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="cq42", requestID;desc="6b4ea758-6890-470e-8536-5ab35c34ce10", cfRequestDuration;dur=127.000093
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 6b4ea758-6890-470e-8536-5ab35c34ce10
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuwNVuHnZIx3Py9NmEcoaN7AKH%2BAe%2B38wjx43xHY3rtfmJ7W9UDhZbeZ9Tkuoxzr8%2FIVzv5NxBCm%2Bg%2BQkTstA7LwHKgRdR9Cio4Z9lnJhYHyPs9%2FYEPEfl1eGtjEREQYHegN"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859df9420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 anna-jean Show response
xincarning.cyou/products/ 26 KB
4 KB 547ms
515ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/anna-jean?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345622782ee57bf6575a11bbedf8442a7b6d1e24fa2f41dc91efe7b675ebad7a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=64, db;dur=27, render;dur=3, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="fgbf", requestID;desc="6b84a0a3-a632-4ab2-8555-6990b60d4401", cfRequestDuration;dur=138.999939
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 6b84a0a3-a632-4ab2-8555-6990b60d4401
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwaO8lhdr47IwFEImcCbrUrRcx3IZDa8P%2BcXFp%2BBppXZIlkx%2BdMvlie93g45XEUp4XqsoKR7rdHP2xNBss%2F6fpJEkwToRV5pVFauKInK2yL%2BZqAVVscoQBSksHGzhhwKB5%2Bq"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859dfb420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 quentin-pant Show response
xincarning.cyou/products/ 73 KB
5 KB 488ms
461ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/quentin-pant?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c5432288de4fcdf6ec21a0f9533a46a310215e22e79ae7ff449814102445a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=72, db;dur=33, render;dur=9, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="klvg", requestID;desc="cea4cd43-c189-49a8-89f6-82bcac4e1cb1", cfRequestDuration;dur=137.000084
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: cea4cd43-c189-49a8-89f6-82bcac4e1cb1
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: canary
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPe9MGWTBYOjpGd%2FYLRtEOYaBCfrv2E3ayKod8KuANiQoRTtUK2kX%2BibpGnSn2HC%2BDLRo4r6uEIo8JGSZ3k%2BfYaYk5AuStLHFW8MJemwIJcvXZo5gj2R3f1gwALNL2i0jGqW"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859dfd420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 paloma-jacket Show response
xincarning.cyou/products/ 18 KB
4 KB 479ms
453ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/paloma-jacket?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16c526827b6837e7c7f48482f72574b6db9ee13cbbf0e6cffe4b0eb263b3f75

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=56, db;dur=29, render;dur=2, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="fgbf", requestID;desc="6818f2f9-41ac-49fc-9baa-9197a5c6763c", cfRequestDuration;dur=119.999886
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 6818f2f9-41ac-49fc-9baa-9197a5c6763c
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaThJeHdADsXBlPeFA0VMlxXBM2dGhIaId2g55jibU8FNpvFVhZyn3SwUvoo0goUo31BEyDbnTWIKmv7Le2Rtzvx%2B57A5Kxx0vYzO1S7yXOX%2BZLIebKitqTDpHDkSDpxX0cE"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859dfe420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 eliot-boy-pant Show response
xincarning.cyou/products/ 76 KB
6 KB 586ms
561ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/eliot-boy-pant?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8f7fd16cc689019d0c2c0125c373cd320a5fd19b6164c369590890a745de1f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=96;desc="gc:24", db;dur=34, render;dur=10, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="w6dw", requestID;desc="2abdfd80-6fb7-4244-b0e9-0c5df41ffe46", cfRequestDuration;dur=163.000107
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 2abdfd80-6fb7-4244-b0e9-0c5df41ffe46
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcMsyuXKQu5Ukps96JfF4zhOU3GrSQgU%2FqVKrnNKs1Yv0u1tfyMI%2BmIrkg1%2FO4MZhvYq9ta%2Fh%2BjRLl2ea%2FySy0yCrRerPkmzCc%2B2cbYj%2BqJjirOt7FjblEivMANQ7vpfd2IN"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859dff420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 gaia-slim-shirt-1 Show response
xincarning.cyou/products/ 42 KB
5 KB 498ms
472ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/gaia-slim-shirt-1?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7845267ae53970ff5d1b6bdbb5eda70c2a6a9edd8e5468e38536023e77220074

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=55, db;dur=23, render;dur=5, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="sfl2", requestID;desc="aad355a7-4508-4bec-9b60-838ebc85fe0a", cfRequestDuration;dur=116.999865
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: aad355a7-4508-4bec-9b60-838ebc85fe0a
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9gY7Op%2FxSfFJaLWidW3LiqV87aWU9cUS9Pv%2Bub%2FPBDmrlPn2PnIF98AhROgIx4ncn%2FIw0nFp49XNtACwWfB6VRGooGNasoBXU8lcIqwIVmYKxRdH8RjCx9Sd0iRm4rSv6Ds"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859e00420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 joan-jean Show response
xincarning.cyou/products/ 58 KB
5 KB 477ms
451ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/joan-jean?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ba9c2d3f43fbece812d3bb63e2cf770cf7b81bf600ca8ec8c4a67806afd621

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=61, db;dur=25, render;dur=7, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="fgbf", requestID;desc="50dfe1ca-ce7b-4ebd-a4f7-34a9d7c2cd0f", cfRequestDuration;dur=128.999949
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 50dfe1ca-ce7b-4ebd-a4f7-34a9d7c2cd0f
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDhuYbzjIwCw50IdTMuVTRGlIDKnk1fM8u9edUBO3HQh0j157j7V3KlGv6gnCl%2FGaFQQuK%2FkatDcwb%2F3gjWxYVbk%2BGH2vzVW2AA%2B3wqH4CLWqlILvR3hFhtcHE4onpvG0Gdx"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859e01420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 louise-belt Show response
xincarning.cyou/products/ 12 KB
3 KB 470ms
450ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/louise-belt?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

500243c7cfb30bbb2c5052d69bad8a04774c9404d241cee6da322183dd0aea8f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=62, db;dur=30, render;dur=2, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="rpcr", requestID;desc="82fa9313-200f-473c-854d-027cf5b2ce27", cfRequestDuration;dur=125.000000
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 82fa9313-200f-473c-854d-027cf5b2ce27
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypVvra83vjQlyJFhfsEJJgtWR2eb%2F%2FSxmiPzrBkEOZkL86tQjz7QWVpdJAgEMzGyEIkzUgP8OMk4ilFSA4gr2KQ41u2KJPuXemJ6K4LGzE4XNb9YamT41hPr4u%2B2z9%2B1QNW6"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859e02420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 janes-belt-alligator-embossed-calfskin Show response
xincarning.cyou/products/ 17 KB
3 KB 489ms
475ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/janes-belt-alligator-embossed-calfskin?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a501dae0ff55a967880e5a6b1caa0caf12e9b35e479542b8f3fac89d69d56c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=102;desc="gc:41", db;dur=27, render;dur=2, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="9sj4", requestID;desc="79f2f47d-9d1c-48a8-aa6a-36d3adebb2d1", cfRequestDuration;dur=171.000004
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 79f2f47d-9d1c-48a8-aa6a-36d3adebb2d1
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbJfIu%2FjB37EYIJWVz4QhGc9rkDWckfQFbW9LyfMRmnEsQJ8UnlWrZaj%2FRbmeInwayH5UgmIHRNpkB4QL7COIUYYMTX4%2FWMtBzSYiR311qsNFb0YbBDs3bRyypM37YY2x1WK"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859e03420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

GET
H2 200 janes-belt-flat-calfskin Show response
xincarning.cyou/products/ 11 KB
3 KB 520ms
505ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/products/janes-belt-flat-calfskin?view=ss_json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069bd6d73d7c5c7380be1f427a766d71e44453eb50569b7e7ff79cd080fb56ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: miss
server-timing: processing;dur=57, db;dur=27, render;dur=2, wasm, asn;desc="46606", edge;desc="LAX", country;desc="US", theme;desc="122387857526", pageType;desc="product", servedBy;desc="llhd", requestID;desc="bd1b066a-088e-48bb-b54e-7fb099048369", cfRequestDuration;dur=125.000000
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: bd1b066a-088e-48bb-b54e-7fb099048369
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHJ6nays1%2B0CKQM7n2thQh9r8sMInmZg8yoJJ2hRre88096ZmhFSFtzgj%2Fy2u0b5QuDMysiNzC39cQ3bq6qlcqhrJqQFxCEYwLQyedDO5mG15qCsrooHJa1nuGwpDyrqAqNs"}],"group":"cf-nel","max_age":604800}
content-language: en
x-download-options: noopen
cf-ray: 83b7b6859e04420d-EWR
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 117

POST
H2 200 graphql.json Show response
nili-lotan.myshopify.com/api/2023-04/ 45 KB
4 KB 217ms
215ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nili-lotan.myshopify.com/api/2023-04/graphql.json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3f0b5d3e35ffdf7c8d3aca66ab9591e8f57229a36fea2a9c2f246f99d6f202e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Shopify-Storefront-Access-Token: 51c31a559ba75fd0cde9a3c332769773
Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
x-shopify-api-version: 2023-04
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=179, db;dur=92, asn;desc="9009", edge;desc="EWR", country;desc="US", servedBy;desc="nv2t", graphql;desc="storefront/query/other", requestID;desc="16b2bb9d-4064-4e3f-a893-4a08bfa4136a", cfRequestDuration;dur=212.999821
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 16b2bb9d-4064-4e3f-a893-4a08bfa4136a
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doYy8SxlvrqUvkl6L4iearKTceQxrUBESKhLS%2Bbf5BMLrb67b8VSNX0SX79ZrDvNfd4YPRPpm4frEO8iA2%2BElYLcCutvWbTPog7UVigMEf10oDgxlZWX9H2uLDeirmK3RY4NvgZZRB9s6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en-US
x-download-options: noopen
cf-ray: 83b7b6862ace192a-EWR
x-sorting-hat-podid: 117

OPTIONS
H2 200 graphql.json
nili-lotan.myshopify.com/api/2023-04/ Frame 0
0 97ms
57ms Preflight
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nili-lotan.myshopify.com/api/2023-04/graphql.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-shopify-storefront-access-token
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type, X-SDK-Variant, X-SDK-Variant-Source, X-SDK-Version, X-Shopify-Storefront-Access-Token, Shopify-Storefront-Private-Token, Shopify-Storefront-Buyer-IP, Shopify-Storefront-Id, Shopify-Storefront-S, Shopify-Storefront-Y, Shopify-Storefront-Extension-Token, Custom-Storefront-Request-Group-ID, shopify-core-canary
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b7b685caa7192a-EWR
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:57 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7btfyUd%2BmM44YviSwZbzqRL81GlrVWkSgWRwb8KxxEq6GFhj5IYkGFiCf4NyS%2F6XijsmF%2FooaxO5nZ1r%2BYpOlD38TkM5d%2BsyAVp8StOUW9cqByB6c3%2FHVg5QJK7ggtpW7%2BwM2%2FstkzumEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=6, db;dur=3, asn;desc="9009", edge;desc="EWR", country;desc="US", servedBy;desc="hn5s", requestID;desc="3fd6b71b-cb70-4dc8-8992-a0502ba46452" cfRequestDuration;dur=46.000004
vary: Accept-Encoding Accept
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 3fd6b71b-cb70-4dc8-8992-a0502ba46452
x-shardid: 117
x-shopid: 2175959158
x-shopify-stage: production
x-sorting-hat-podid: 117
x-sorting-hat-shopid: 2175959158
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H2 200 tc_imp.gif
obs.powerrobotflower.com/tracker/ 43 B
79 B 13ms
12ms Image
image/gif 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.powerrobotflower.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126aedc232ec4f8b9a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d17856a2e17071a10acf9f29f674b8a80df02786c12fb7f2256d2688e6a930730572bc053005a660d5dcebd621c77be26bb25cb43e29625f15a6eb20f2e7e0fdb50ef54e285929c68f37950aa2084ba5f7ff35b7b1a2d18c8c9077af562b7818fbd1910fa0a9fc95df820da75c45b956279f02b01f2040e0228d2595fe69fe0a100ba2f965f980cf64d766dbad1276140023df819958d45a95f60e8e4e47116253bc6f57662d4dd09012b4671190bb9882c697419a5fa4069effaa37fd2b944771e2bb5a5a3868465fc889f48e144980e6d6099eec9bdf666c2d5ea639f6007d2ffc12c1b47a56867ad981436ee89e9689d58aa54b88118c248d7dd3a8664279c8b7f9c21d091e2ec90a7ba4779a76de8e2a47e4f67f58c268fa65ea1111313dd5c46979284cbd0f18970907b81c5fbc879ae243b03b53865d494d116749ea864a841bfc503d667a879455b44cb26ff559c87e03fb98d789f5ce685dbc8319c4b452db31e18506a427bc4ba68b9499494c728e5d025f8930dd489eef26ba4b6a707262dddbc0d1281ed5e0d54b8bfb766a73f9dec54eee73cae6ef663e60f8d4189ec4593082df6b3807a2d7d3c1120605d0bb7e78d6ace1fb44d4d5f2afab253dc9b1110e3bbd8b3a071c4ede5e09bfeaff557523ffd479aab5f6e815f781ad7635d7170eb7aaf7619c1f7dc628a60d72197b62dcdb80d9e67122020027c1b80dde5db3c795d86054495d3dabaacd752059eb3bf618bce737bdbd50e2168f991da5e3daa26855f9a1a8e2389469e9147eab020e38589d5984467e8e633628568e3d9e1ae6cca1f431645973e4a32b0f24d93fe578fc0cfda5edf869932093744bb3aad0dab52acdf0ce24a2021125c3908bb53ddd93515ab73d2e3b06c8ddd479e756dae167c2f9aefd7025be96f80f153a27b586a0cbe382adad3a00e9f452288c753f7cdd794ed5ec81f117b07f8773940c8c1480dc663b4af8574d08d8e5b0a25fd34320205d30504b3dbfc1212936b6dc1d7da10dbdebbd34b62e772a90d341390123f6d8a93571099dce2caf0ed50b278b4648b609dd31ed6b4bb52779dda1f91c5e7ec93e1dc9b651ecfb368&cri=eYbptXbSTS&ts=490&cb=1703576817564
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 726b9d87-c367-438b-82e9-202151e98ab9
https://xincarning.cyou/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xincarning.cyou/726b9d87-c367-438b-82e9-202151e98ab9
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39cfeea4bb221c0683a69d71359de60099b395c5ea0bf1849637fea2868dcf3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 96df93c9-4861-4f56-9b44-5af5b62b080a
https://xincarning.cyou/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xincarning.cyou/96df93c9-4861-4f56-9b44-5af5b62b080a
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a1d14cef26ba37d91ce0b0e355558f453af19585e4a8ffae4e83fd6e7b3b94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 442398098.js Show response
container.pepperjam.com/ 8 KB
9 KB 468ms
340ms Script
application/x-javascript 99.86.102.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://container.pepperjam.com/442398098.js?shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.102.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-102-82.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: VfpUaCap490RW1AHI10ITPw4GcGBgKDu
date: Tue, 26 Dec 2023 07:46:58 GMT
via: 1.1 80652b3b088ec5207f8c5a781c121a78.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 18:04:47 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C3
etag: "cda0a8b1fb96cd23c5b8431794f284c4"
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
cache-control: max-age=900
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 8688
x-amz-cf-id: x54ZYGRLoRnosf3P8UwB3ivrZzYxq2Uas8d_-KPDhKtoPmgxoFSrOg==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 16ms
12ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js?shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Dec 2023 07:46:57 GMT

GET
H2 200 122079.ct.js Show response
tag.rmp.rakuten.com/ 51 KB
18 KB 67ms
34ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.rmp.rakuten.com/122079.ct.js?shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

248.147.102.34.bc.googleusercontent.com

Software

Resource Hash

ad2ee104d5c167aed2fc52c327137df29e479bb934beff99b6779dad7d0d0917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
last-modified: Tue, 26 Dec 2023 07:46:57 GMT
x-cache: miss
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 redirect-app.js Show response
d23dclunsivw3h.cloudfront.net/ 1 KB
1018 B 432ms
38ms Script
application/javascript 13.249.59.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d23dclunsivw3h.cloudfront.net/redirect-app.js?shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-91.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5bc7336ee1e5c43bb4af1c3af966d3bb588961ee01371dbdadc3c89409f1884

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: lB3ETacadpjT.XGJ_nNMNaeJDqtDUMQb
content-encoding: gzip
via: 1.1 1b8e316790cc81e94080422878bcc21c.cloudfront.net (CloudFront)
date: Mon, 25 Dec 2023 13:41:04 GMT
last-modified: Thu, 14 Dec 2023 10:48:37 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C2
age: 65155
x-amz-server-side-encryption: AES256
etag: W/"26e1033964b5ea064543c8aa2e3fc9c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pK2IEdrav1jC8eMscPxTB2MqWMCduu9wPflp28xx_1Xa073FfkMPxg==

GET
H2 200 collector.js Show response
analytics.getshogun.com/ 60 KB
19 KB 36ms
3ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.getshogun.com/collector.js?shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 5bddc2359827710b6660b83b1b6e13804654bcc2793109e6f1c7160f4030c429

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 2770
x-cache: HIT
content-length: 18666
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701356262&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=LrO%2B1kgh6sW6XTCjjXBVSAYra2L0yQrWBzfzu9wK5Ho%3D
x-served-by: cache-lga21942-LGA
last-modified: Thu, 30 Nov 2023 14:42:11 GMT
server: Cowboy
x-timer: S1703576818.647539,VS0,VE0
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701356262&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=LrO%2B1kgh6sW6XTCjjXBVSAYra2L0yQrWBzfzu9wK5Ho%3D"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 84

GET
H2 200 shopify_rolling_bootstrap_v2.js Show response
assets1.adroll.com/shopify/latest/j/ 2 KB
1 KB 448ms
39ms Script
text/javascript 99.86.74.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=HYDBULQYZNCRVDQGUG6Z7S&adroll_pix_id=IIWJJDU7ZFDKFCXZQC4TTH&shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-26.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 06:57:12 GMT
content-encoding: gzip
via: 1.1 f1b7db33810e8dc691ec0f375ac32bb2.cloudfront.net (CloudFront)
age: 2987
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 14 Dec 2023 19:49:29 GMT
server: AmazonS3
etag: W/"dcbab6195eb24bf3935cbc62ec0ed277"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: nygqH5hB81QMJ2ux7CLrhrzX9dnWZTsoIs1sDABxYSp4rJ-7vhP7JQ==

GET
H2 200 rakuten_advertising.js Show response
shopify.rakutenadvertising.io/ 442 B
823 B 336ms
69ms Script
application/javascript 172.217.13.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shopify.rakutenadvertising.io/rakuten_advertising.js?shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.211 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f19.1e100.net

Software

Google Frontend /

Resource Hash

71566b1911e5beccf7b107cb1a541613f2bbf182ad277d99e0a35e457c71bb71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://nili-lotan.myshopify.com https://admin.shopify.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors https://nili-lotan.myshopify.com https://admin.shopify.com;
x-content-type-options: nosniff
date: Tue, 26 Dec 2023 07:46:57 GMT
last-modified: Thu, 11 May 2023 15:58:04 GMT
server: Google Frontend
etag: "645d108c-1ba"
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 4b34666ec1f35ecc5a8f578f4b13b812
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 442
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 grin-sdk.js Show response
d38xvr37kwwhcm.cloudfront.net/js/ 47 KB
16 KB 434ms
45ms Script
application/javascript 18.160.168.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js?shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.168.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-168-189.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5612f69b7e9bc926acd5b28953653996ec75e6de73fdb110f3598c28754a610

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: U6nGJyHrP5bKUSzRLYY8LHZiiNaB0WI_
content-encoding: gzip
via: 1.1 ee71fcaa8d3fdbddee74740dbbf20dc2.cloudfront.net (CloudFront)
date: Mon, 25 Dec 2023 10:41:18 GMT
last-modified: Wed, 15 Feb 2023 20:44:37 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-P2
age: 75941
x-amz-server-side-encryption: AES256
etag: W/"1d29e2190be6665be84c49429278090f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Oqsea54yvc8u3sR3lT9AoHVjKxEzrhLtiMPqJkxcempljmyF_VA6IA==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 255ms
18ms Script
application/javascript 74.119.119.142
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=62249&shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.142 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2608b5b36debc6d7321d4fdb1267726febe7e9d2b7bfc711f6c1b56571b95d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 app.js Show response
cdn.shopify.com/proxy/c2299d4053fe6c8cb0fb3da9c4a28ecd68775ca59d6f5d3ef4e64e422d2dc9cc/crossborder-integration.global-e.com/js/ 67 KB
15 KB 27ms
20ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/c2299d4053fe6c8cb0fb3da9c4a28ecd68775ca59d6f5d3ef4e64e422d2dc9cc/crossborder-integration.global-e.com/js/app.js?shop=nili-lotan.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

8ef8eadcb7682cb89f339014580eac4541fea890d200fcd2aa3cc94cfcf23e55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
content-security-policy: default-src 'none'; sandbox;
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 469
content-encoding: br
content-disposition: attachment
server-timing: imagery;dur=95.832, imageryFetch;dur=95.590, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b0c1fa46-0906-44bb-b334-20d38b51c459
last-modified: Tue, 26 Dec 2023 07:36:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FVMitr%2Fwt9nKxjlO5BIRg7kTGnhRs881dywI4CH7m80ALtEfXjtwQHPsUSlZ18sXie9C7cLBEQDd8bAdbQVRpy%2BSEoWLzlYCcx%2BxK881GOvZvlTIm%2BR10ofUmp2JwRzxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
timing-allow-origin: *
link: <https://cdn.shopify.com/proxy/c2299d4053fe6c8cb0fb3da9c4a28ecd68775ca59d6f5d3ef4e64e422d2dc9cc/crossborder-integration.global-e.com/js/app.js>; rel="canonical"
cf-ray: 83b7b6862d7b5e6d-EWR

GET
H2 200 script.js Show response
geolocation-recommendations.shopifyapps.com/selectors/ 52 KB
15 KB 138ms
106ms Script
text/javascript 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation-recommendations.shopifyapps.com/selectors/script.js?shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3416d6b304b622e1d270b35159341b6b3e95fc55ec2015ba8f4a2fe24dd2bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: ; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: ; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: *; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: *; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=8, socket_queue;dur=1.598, util;dur=0.0, cfRequestDuration;dur=101.999998
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-request-id: bf1e8c77-9899-4b0d-9401-63632c6d9f69
x-runtime: 0.007943
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ec3416d6b304b622e1d270b35159341b"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJcnWDA5DETWO5SSTgc6dWhUEvyxebEsisNdfAQJ5yQe%2FYbb9wxth5UUcLmQ2%2B7nvIXqCfdOzkIxZcbNTV0DaQhQJc4FRijqpxhowdvbySlv4wfSumimfdIxqYNDLurutOb9c73QVhrFpyD68AVJ3HhfGu5LqlT1C3LhyzI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 83b7b6864cbd41c0-EWR

GET
H2 200 script.js Show response
geolocation-recommendations.shopifyapps.com/locale_bar/ 91 KB
24 KB 65ms
34ms Script
text/javascript 185.146.173.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation-recommendations.shopifyapps.com/locale_bar/script.js?shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d95cfa32ec5c1a59de72dacc5b359d8c4c8f562bf3c44cc962eed8a9924af758

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: ; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: ; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.shopifycloud.com cdn.shopify.com geolocation-recommendations.shopifyapps.com; style-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com; img-src 'self' 'unsafe-inline' cdn.shopify.com cdn.shopifycloud.com data: *; font-src 'self' cdn.shopify.com cdn.shopifycloud.com data: *; frame-ancestors *.myshopify.com geolocation-recommendations.shopifyapps.com admin.shopify.com; object-src 'none'; media-src 'self' cdn.shopify.com cdn.shopifycloud.com; base-uri 'none'; upgrade-insecure-requests; connect-src 'self' sessions.bugsnag.com notify.bugsnag.com monorail-edge.shopifysvc.com country-service.shopifycloud.com wss://argus.shopifycloud.com shop.app cdn.shopify.com geolocation-recommendations.shopifyapps.com; frame-src 'self' shopify-geolocation-proxy.com
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=199, socket_queue;dur=71.168, util;dur=0.2, cfRequestDuration;dur=29.999971
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-request-id: 4daaa907-3088-4621-bcae-4288283f3627
x-runtime: 0.198622
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d95cfa32ec5c1a59de72dacc5b359d8c"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAU62TDynRnZAtqSeGxCxN2615oszExB8mo2hgzHIw2Y%2FqGkRD5AeGtnC4O2TD21DF3aHRrTZMNpn8OHQ5CNI5g%2F62Q5pdIcsagbfWbcwXP6TVHXrrBAG%2FRgpTgb%2BpBgKTxhoFXUO63UImc6D1EUuj1PMeKniFQgyw1QQsc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 83b7b6864cbe41c0-EWR

GET
H/1.1 200
OK nili-lotan.myshopify.com-1695222125438.js Show response
s3.eu-west-1.amazonaws.com/production-klarna-il-shopify-osm/0cf42b376feeb11d247d11c5c05f6df0995db72f/ 3 KB
2 KB 269ms
91ms Script
application/javascript 52.92.34.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-west-1.amazonaws.com/production-klarna-il-shopify-osm/0cf42b376feeb11d247d11c5c05f6df0995db72f/nili-lotan.myshopify.com-1695222125438.js?shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.34.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf7cfb4daea39c77f62c6f21fcf70531ab3080b9b26060b61ecf344c69659f5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:58 GMT
Content-Encoding: gzip
x-amz-expiration: expiry-date="Fri, 20 Sep 2024 00:00:00 GMT", rule-id="NDY0MzI3NGQtNzIyMS00MjYwLWJkM2YtZmI5NzBiMjU2ZDAy"
Last-Modified: Wed, 20 Sep 2023 15:02:06 GMT
Server: AmazonS3
x-amz-request-id: F72TTM9MT0R4MMKR
ETag: "1cf5709255df3b23d63d96c663c2ab36"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1659
x-amz-id-2: sdBbiVW6Ez0sB3Qnrt6QY7wUsz8hC5mtN/+nb5koWOsJj1UgQMWFLKqPFPMqRVl0GUfXxaBsZCI=

GET
H2 200 nili-lotan.js Show response
shopify-init.blackcrow.ai/js/core/ 0
420 B 40ms
39ms Script
application/javascript 99.86.102.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-init.blackcrow.ai/js/core/nili-lotan.js?shopify_app_version=1.0.208&shop=nili-lotan.myshopify.com
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.102.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-102-6.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 6K2O3_Hii6u0qmByd5hNaZU0T5RTA2sg
date: Tue, 26 Dec 2023 06:41:23 GMT
via: 1.1 99f379af65e49c9eed75f22e75b127d0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C3
age: 5528
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Mon, 25 Dec 2023 01:10:03 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: A6UTCDmkr1t2iGz0U_eSSfGLl2mk-8PaxqHSjmaqd1jEwAFYyInOFw==

GET
H2 200 01GYCCNTGAYCZNTNPTRHY5P1H4 Show response
config.gorgias.chat/bundle-loader/ 2 KB
1 KB 337ms
12ms Script
application/javascript 104.18.18.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/bundle-loader/01GYCCNTGAYCZNTNPTRHY5P1H4?source=shopify1click&shop=nili-lotan.myshopify.com

Requested by

Host: xincarning.cyou
URL: https://xincarning.cyou/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9edd7e64d4c72718e69fc42b724328b056fcd4c47bf663e876e939bec92b1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 16270
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"831-6SNfUdD5kSrDID1QO0KB2pclDH8"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 83b7b6888d4a0f37-EWR

GET
H2 200 /
tracking.monsido.com/ 43 B
196 B 363ms
33ms Image
image/gif 35.190.93.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.monsido.com/?a=lLrKO6vkXFJm20HyEB6aPw&b=https%3A%2F%2Fxincarning.cyou%2F&c=5221703576817630&d=1600x1200&f=A901703576817630&h=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.93.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.93.190.35.bc.googleusercontent.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: 2023-12-26T07:46:58Z
date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: private, no-store, max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 1AD2 565 B
625 B 12ms
11ms Document
text/html 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-163-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://xincarning.cyou/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.6b24c317.1703576817.4cfde8ed
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:46:57 GMT
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 7876739412042625

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C378
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_cm&google_hm=ay14UEZXUEhlZWV5S1IyeWgySWVNa3Bhd1hVLTUwWDRlN...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_cm=&google_hm=ay14UEZXUEhlZWV5S1IyeWgySWVNa3Bhd1hVLTUwWDR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_gid=CAESEGDM3jl1KRrmgWQH6OilKVw&google_cver=1&google_ula=913071,0

43 B
370 B

11ms
10ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_gid=CAESEGDM3jl1KRrmgWQH6OilKVw&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1224803
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&google_gid=CAESEGDM3jl1KRrmgWQH6OilKVw&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame C378
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-owzcu3eeeyKR2yh2IeMkpawXU-4HNyQZ6SgA7A&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-owzcu3eeeyKR2yh2IeMkpawXU-4HNyQZ6SgA7A&expires=30

43 B
510 B

23ms
22ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-owzcu3eeeyKR2yh2IeMkpawXU-4HNyQZ6SgA7A&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-owzcu3eeeyKR2yh2IeMkpawXU-4HNyQZ6SgA7A&expires=30
Date: Tue, 26 Dec 2023 07:46:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C378
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2437991927369266145

43 B
370 B

13ms
12ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2437991927369266145

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1707959
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
an-x-request-uuid: 1336f315-28f5-417a-9e14-21070a829539
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2437991927369266145
x-proxy-origin: 5.181.234.133; 5.181.234.133; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame C378
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&custom=&tag_format=img&tag_action=sync&custom=&cb=5aee9244-c7e5-40e1-a710-fb59c01...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-xPFWPHeeeyKR2yh2IeMkpawXU-50X4e4bqxDSA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=5aee9244-c7e5-40e...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=2437991927369266145&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=f2576220-a3c2-11ee-a368-81fd2626be0b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=f2576220-a3c2-11ee-a368-81fd2626be0b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=ea0dfe5d485607c713f97cf828023ea8&tag_format=img&tag_action=sync&cb=305131660
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=274e8769-75b8-415f-a6cb-821b4da01aa2&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=f2576220-a3c2-11ee-a368-81fd2626be0b&cb=1703576818493&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=80e50774-fdca-48bb-92ba-04715b066774&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1703576818493

0
407 B

26ms
25ms

Image
text/plain

54.80.169.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=80e50774-fdca-48bb-92ba-04715b066774&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1703576818493
Protocol: H2
Server: 54.80.169.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-169-49.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=80e50774-fdca-48bb-92ba-04715b066774&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1703576818493
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Tue, 26 Dec 2023 07:46:57 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame C378 57 B
790 B 64ms
34ms Image
image/gif 23.47.168.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_7cDmHeeeyKR2yh2IeMkpawXU-4LGBUwZlmpAg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-168-66.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:46:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 26 Dec 2023 07:46:58 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame C378 42 B
939 B 586ms
131ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Fn5hJHeeeyKR2yh2IeMkpawXU-7rYlh3nCoytw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C378 43 B
688 B 41ms
10ms Image
image/gif 135.148.2.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-LTK3V3eeeyKR2yh2IeMkpawXU-7M7k3w0bzcpA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 135.148.2.56 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-135-148-2.us
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C378 0
373 B 19ms
3ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-xJYlUneeeyKR2yh2IeMkpawXU-4-lRudd2UlvQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2011

GET
H2 200 um
criteo-sync.teads.tv/ Frame C378 23 B
278 B 36ms
11ms Image
image/gif 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-fioZ13eeeyKR2yh2IeMkpawXU-4WlCHwopIgcg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 26 Dec 2023 07:46:58 GMT
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame C378
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-TQGqd3eeeyKR2yh2IeMkpawXU-5QqLn7adEtVw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-TQGqd3eeeyKR2yh2IeMkpawXU-5QqLn7adEtVw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

12ms
11ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-TQGqd3eeeyKR2yh2IeMkpawXU-5QqLn7adEtVw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-TQGqd3eeeyKR2yh2IeMkpawXU-5QqLn7adEtVw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame C378
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&verify=true

0
121 B

12ms
12ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&verify=true
date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame C378 57 B
668 B 71ms
23ms Image
image/gif 23.44.201.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.201.172 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-201-172.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 26 Dec 2023 07:46:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 26 Dec 2023 07:46:58 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame C378 49 B
384 B 85ms
22ms Image
image/gif 3.130.164.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-r6WXTneeeyKR2yh2IeMkpawXU-4XsbSh5XbIsA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.130.164.37 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-164-37.us-east-2.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 4
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame C378
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=wW_RMgx1TMa4_IOBqE3Tj3M1f-0--pdO

62 B
549 B

135ms
90ms

Image
image/gif

23.216.137.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=wW_RMgx1TMa4_IOBqE3Tj3M1f-0--pdO
Protocol: H2
Server: 23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-216-137-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 26 Dec 2023 07:46:57 GMT
content-length: 62
bk-server: 3610
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=wW_RMgx1TMa4_IOBqE3Tj3M1f-0--pdO
date: Tue, 26 Dec 2023 07:46:56 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 783071
content-length: 0

GET
H2

200

rum
r.casalemedia.com/ Frame C378
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XlzLwHeeeyKR2yh2IeMkpawXU-5nuJ9zLpZdkw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XlzLwHeeeyKR2yh2IeMkpawXU-5nuJ9zLpZdkw&C=1

43 B
325 B

21ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XlzLwHeeeyKR2yh2IeMkpawXU-5nuJ9zLpZdkw&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4KDad6Kj33hfYQdjLDIOGMaObvgqlobry6Znpqu07dA9o1A8mqW097MII7gqSDd8DiYBhU%2BY22m9%2Fvc2urDhQo3GUIaNOOfb3dM3NnroY7vq5nNR5Gw%2F9zUZ%2BumBYlXHcYG"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7b68ac8731a1b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiwkW8kOsgLj%2BSN05Cl0Z5mqE6FNURa547EI%2B6SPve2gWnUw79YXbja9Zy99Vh%2FrIEJ9kC7Hfna5XKq6O64ImHdu59psWx7VUSVISiczbTx75lRSllUUYO1Sv4Ezg6ddeFQ7"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-XlzLwHeeeyKR2yh2IeMkpawXU-5nuJ9zLpZdkw&C=1
cache-control: no-cache
cf-ray: 83b7b688efba1a1b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame C378 43 B
661 B 452ms
127ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-LSF8l3eeeyKR2yh2IeMkpawXU-6kNLvvZO0zKA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 07:46:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1703576818402093-86

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame C378
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1dqfEXeeeyKR2yh2IeMkpawXU-6z1pPO7ULJxA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1dqfEXeeeyKR2yh2IeMkpawXU-6z1pPO7ULJxA

43 B
447 B

14ms
13ms

Image
image/gif

3.225.250.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1dqfEXeeeyKR2yh2IeMkpawXU-6z1pPO7ULJxA
Protocol: H2
Server: 3.225.250.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-250-255.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:46:58 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1dqfEXeeeyKR2yh2IeMkpawXU-6z1pPO7ULJxA
access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:46:58 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

sync
pippio.com/api/ Frame C378
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-abJEtXeeeyKR2yh2IeMkpawXU-5nuvIzkYvdEw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-abJEtXeeeyKR2yh2IeMkpawXU-5nuvIzkYvdEw&_li_chk=true&previous_uuid=4d08e8d3d7e44d3c9ba6df5b813e9c5e
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4d08e8d3-d7e4-4d3c-9ba6-df5b813e9c5e
https://p.rfihub.com/cm?pub=39342&in=1&userid=43bc4958-5da7-415e-af77-66f7b02f3576%3A1703576818.516597&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D43bc4958-5da7-415e-...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969188723459867987&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D43bc495...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=43bc4958-5da7-415e-af77-66f7b02f3576%3A1703576818.516597&pid=500040&it=1&iv=43bc4958-5da7-415e-af77-66f7b02f3576%3A1703576818.516597&_=17035...
https://pippio.com/api/sync?it=1&pid=500040&_=1703576818.5186617&iv=43bc4958-5da7-415e-af77-66f7b02f3576:1703576818.516597

42 B
572 B

51ms
35ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1703576818.5186617&iv=43bc4958-5da7-415e-af77-66f7b02f3576:1703576818.516597
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1703576818.5186617&iv=43bc4958-5da7-415e-af77-66f7b02f3576:1703576818.516597
Date: Tue, 26 Dec 2023 07:46:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame C378 0
968 B 34ms
11ms Image
text/html 52.22.5.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ggViMXeeeyKR2yh2IeMkpawXU-57RiskzzWGRw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.5.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-5-155.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame C378 42 B
503 B 27ms
17ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-yHPP7HeeeyKR2yh2IeMkpawXU-67KLoc1KKbEQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB51FACD64E04F08AE74BD34D84E9842 Ref B: EWR30EDGE0720 Ref C: 2023-12-26T07:46:58Z
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame C378 43 B
535 B 59ms
12ms Image
image/gif 54.165.111.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-Rrm_IXeeeyKR2yh2IeMkpawXU-4Hjh5YR1A-rQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.111.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-111-121.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame C378 0
287 B 33ms
11ms Image
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NL6GSXeeeyKR2yh2IeMkpawXU-6KCe2LGa0ahg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:58 GMT
Cache-Control: no-cache
X-TraceId: ebf06da41090a3cc9aaa5670794a46e4
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C378 42 B
577 B 50ms
10ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-A16hyXeeeyKR2yh2IeMkpawXU-6q1fSWiuFj8w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 25 Dec 2023 21:24:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame C378 0
0 41ms
12ms Image
application/json 54.84.89.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-DctXpneeeyKR2yh2IeMkpawXU-5FgKgU5hyz-g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.84.89.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-89-113.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 v1
match.sharethrough.com/sync/ Frame C378 68 B
280 B 42ms
10ms Image
image/png 34.231.181.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-UUP68neeeyKR2yh2IeMkpawXU-6-VnTtt4bmSg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.181.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-181-97.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame C378 0
308 B 475ms
81ms Image
text/plain 18.160.172.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-1OXLa3eeeyKR2yh2IeMkpawXU-7jFlqWFS6nSg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-46.iah50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
cache-control: no-cache, must-revalidate
via: 1.1 cca05e6d076711b721c87632d74f25f2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAH50-P2
x-amz-cf-id: qzyWnycQ1mWg82qy8_8K72Mq5L4PvQopfBTMaOyWhnsQ7nu5jQOWkg==
x-cache: Miss from cloudfront

POST
H2 200 collect
www.google-analytics.com/ 35 B
100 B 33ms
33ms Ping
image/gif 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://xincarning.cyou
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 freeShippingBanner Show response
webservices.global-e.com/merchant/ 0
205 B 188ms
155ms Script
application/x-javascript 104.16.228.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/freeShippingBanner?merchantId=1487&country=US&currency=USD&culture=&cb=2839294
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/proxy/c2299d4053fe6c8cb0fb3da9c4a28ecd68775ca59d6f5d3ef4e64e422d2dc9cc/crossborder-integration.global-e.com/js/app.js?shop=nili-lotan.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.228.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
cf-cache-status: MISS
edge-cache-tag: free-shipping-banner,free-shipping-banner-1487
cache-tag: free-shipping-banner,free-shipping-banner-1487
content-length: 0
last-modified: Tue, 26 Dec 2023 07:46:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
accept-ranges: bytes
cf-ray: 83b7b68a8cd341ff-EWR
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Tue, 26 Dec 2023 08:06:58 GMT

GET
H2 200 cookieConsentScript Show response
webservices.global-e.com/merchant/ 2 KB
1 KB 20ms
19ms Script
application/x-javascript 104.16.228.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.global-e.com/merchant/cookieConsentScript?merchantId=1487&country=US&culture=&providerId=0&cb=2839294
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/proxy/c2299d4053fe6c8cb0fb3da9c4a28ecd68775ca59d6f5d3ef4e64e422d2dc9cc/crossborder-integration.global-e.com/js/app.js?shop=nili-lotan.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.228.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1faa3b3c35ea87fc446a3419ad08ad2648a67e250014605551680e29632ec52a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: gzip
cf-cache-status: HIT
edge-cache-tag: cookieconsent_1487 , cookieconsentScript
content-length: 860
last-modified: Mon, 25 Dec 2023 07:57:26 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 83b7b68add0941ff-EWR
access-control-allow-headers: Content-Type, Accept, Accept-Language, Content-Language
expires: Tue, 26 Dec 2023 07:51:58 GMT

GET
H2 200 set
utils.global-e.com/ 35 B
177 B 438ms
99ms Image
image/gif 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utils.global-e.com/set?t=pv&sid=667679922.231305321.1487&p=https%3A%2F%2Fxincarning.cyou%2F&ti=Nili%20Lotan%20|%20Timeless%20Fashion%20and%20Luxury%20Designer%20Clothing%20Brand&co=US&e=live&hc=0&log=false&m=1487&cdu=https://webservices.global-e.com/&f=gleTags.handlePixelResponse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2015.1e100.net
Software: Google Frontend / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cloud-trace-context: f93ac7fdf02e949881bf507bd98dff76
date: Tue, 26 Dec 2023 07:46:58 GMT
server: Google Frontend
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 browsing_context_suggestions.json Show response
xincarning.cyou/ 132 B
1 KB 383ms
382ms Fetch
application/json 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/browsing_context_suggestions.json?source=geolocation_recommendation&country[enabled]=true&country[exclude]=US&currency[enabled]=true&currency[exclude]=USD&language[enabled]=true&language[exclude]=en&

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ebefc6d820d1a4fc5353bdf009f7973e2254581f7917e961480a03bf4fa6f0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=13, db;dur=4, asn;desc="46606", edge;desc="LAX", country;desc="US", servedBy;desc="fgbf", requestID;desc="898128ee-2ca4-474d-ae81-1e1824b892fb", cfRequestDuration;dur=79.999924
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 898128ee-2ca4-474d-ae81-1e1824b892fb
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB2FgP6CO%2B0fMkkiEvqZhu7AcF3s03sw%2Ba4YUjt0vLNNy43y%2B0wixcXi2hc%2BJoHJFmVhe0wzTN5lVMoez47hC2V8BQv8GUwlgPzR7adleAeJ1HkRtDHggJIeygWefr20rXeB"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 83b7b6873ec9420d-EWR
x-sorting-hat-podid: 117

GET
DATA 200
OK truncated
/ 134 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd3307a05d3466cfcb2b79872d36c0688389e2fec8e4bb9ff8a13f69dd49d41f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Slice_64_1.jpg
www.nililotan.com/cdn/shop/files/ 42 KB
43 KB 14ms
14ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_64_1.jpg?v=1703245199&width=1728

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

21018622f3f9b229d93468158dac1a9ff87584f90bb1d9124bf1db6be9ecfbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 327960
source-type: image/jpeg
server-timing: imagery;dur=584.969, imageryFetch;dur=153.000, imageryProcess;dur=430.895;desc="image", cfRequestDuration;dur=9.000063
source-length: 5090344
content-length: 42878
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: f0759c6f-2ffd-4d50-9ee9-a10a1ad71e73
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 12:40:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqKYHI8icLYsvHpjV5YyMMgcqDg%2BIlufMp%2FDcRl1ByqgSIm6qs6X1VzTWTG5HgNiflLOR4C0Lfl0EolydbGs3A2ZzHpZgfmzBR%2FGXlNCVoSV81UIVHidNf14Bv1X87H4tf27"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b6879ffc5e60-EWR
x-sorting-hat-podid: 117

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame C378
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=n4C2x41xRNygm6RzA5eHpKsCfpBh3hMF
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=n4C2x41xRNygm6RzA5eHpKsCfpBh3hMF

42 B
717 B

11ms
11ms

Image
image/gif

35.168.167.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=n4C2x41xRNygm6RzA5eHpKsCfpBh3hMF

Protocol

Server

35.168.167.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-168-167-152.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-03eb58c8d.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 1fxoP/bxQ0E=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-0d7021062.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: nYz77BggSXI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=n4C2x41xRNygm6RzA5eHpKsCfpBh3hMF
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 bundle.chunk.6d047e1a.563.js Show response
snapui.searchspring.io/gthz36/ 29 KB
10 KB 111ms
109ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.563.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db2025289da025badf9d4a61a150e0a5bf241200d186b96ea9763846a45c170b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: F72K59HA1G5QFT0W
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: rZ8mn5EEkr8Huw6EGJRKFZwgdJLvVdUyPEH9ASmue3XmXA0liKf/f0utY8JP44l61PxsN6K70Dc=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"8fa4b8fc6720776a87fb0b27bb9813ee"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: tlCIjk1Ad8Cks2fmDoFq7RluaqsIb9Hh5EQUX3mZWLe3dDEiWe2vPw==

GET
H2 200 bundle.chunk.6d047e1a.233.js Show response
snapui.searchspring.io/gthz36/ 117 KB
32 KB 144ms
143ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.233.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721df7492b54395377d0730cc8b8f1d1480c0396d49a3046bfb655cce07a82eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: F72G5332G8PWT5W0
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: ILpQOGiqr7PmbDTCrUjfmAHh39JMcz5uAFZUlCpCuJxdh7EMpUp7hgBKeRqTt9c2GDNfku1H4iI=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"03bd9344e76caa844310c1a22581c266"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: LUCz1ZHB8W6ElF3DDjkExj4hTNZRZhgnqLWigE3E37rOfuiiIrsfJA==

GET
H2 200 bundle.chunk.6d047e1a.820.js Show response
snapui.searchspring.io/gthz36/ 12 KB
4 KB 143ms
142ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.820.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2a05ff92bc20b705d1f09271527dac3e7b24b0d38986dbaa83817544d80b0fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: F72PCS3PXZBXTPVD
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: 1jkYaxJgJeMNydUZTUQtR/maLAgrd7ZGpadgJ9SwfZUSnqKzyY9toA7j4mg5msT2Ewq4JeB6IF4=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"983de09f7f0a47e2a4352fd8b5bd41e0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: lu4Jl1ujp3RGXhnXWxti62vp6yq3g5PH-I4Q6t6izU1nUZX6vZnNpg==

GET
H2 200 bundle.chunk.6d047e1a.421.js Show response
snapui.searchspring.io/gthz36/ 20 KB
3 KB 111ms
111ms Script
text/javascript 18.160.172.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snapui.searchspring.io/gthz36/bundle.chunk.6d047e1a.421.js
Requested by: Host: snapui.searchspring.io
URL: https://snapui.searchspring.io/gthz36/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-87.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cc4df6a1d93b7794d21dffe137a123438763d8cb0b620d3ef2d1814cd28eba0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
via: 1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront)
x-amz-request-id: F72MZRPBR03NSQMK
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: LKaNznGyOp2Np2djn81pZnlQj90QGRiXx2jsui2kw6IUIyDh6yu310OXr11C9oGd1C5nwuFdLAY=
last-modified: Fri, 08 Dec 2023 22:12:19 GMT
server: AmazonS3
etag: W/"ecdb96b4b1be6d873a3b254b7bc43271"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-amz-cf-id: r8UQiFHLJhbe2YrswL3PgAaV9RKw-WlSrulqSUjCDzTOE_gMFRwG4g==

GET
H3 200 Slice_64_1.jpg
www.nililotan.com/cdn/shop/files/ 42 KB
43 KB 20ms
20ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nililotan.com/cdn/shop/files/Slice_64_1.jpg?v=1703245199&width=1728

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

21018622f3f9b229d93468158dac1a9ff87584f90bb1d9124bf1db6be9ecfbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 327960
source-type: image/jpeg
server-timing: imagery;dur=584.969, imageryFetch;dur=153.000, imageryProcess;dur=430.895;desc="image", cfRequestDuration;dur=15.000105
source-length: 5090344
content-length: 42878
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: f0759c6f-2ffd-4d50-9ee9-a10a1ad71e73
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 22 Dec 2023 12:40:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7GavAhGtXBUDsdEKQhf1Gjji30QNwVKVwafhgdhuvNhA4EoKyAEfOJSchcprD9t8FfYX3887KnrNtwshQFJbnHiYcgiGsT27FuyLoOFv4JlCQvF%2BI65ruvc%2FqA7dr9hJ5nc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b7b687c8175e60-EWR
x-sorting-hat-podid: 117

OPTIONS
H2 200 accounts:signUp
identitytoolkit.googleapis.com/v1/ Frame 0
0 383ms
40ms Preflight
text/html 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=AIzaSyBTIGfZ_OWhmAAu5sDVG8EjXwiylIcGxIk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version,x-firebase-client,x-firebase-gmpid
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version,x-firebase-client,x-firebase-gmpid
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://xincarning.cyou
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 07:46:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 accounts:signUp Show response
identitytoolkit.googleapis.com/v1/ 1 KB
1 KB 418ms
418ms Fetch
application/json 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=AIzaSyBTIGfZ_OWhmAAu5sDVG8EjXwiylIcGxIk

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

b6eab03ad51f93654e0fb62df33e915fe237c4c505d5e9d6519b012e909ea549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Firebase-gmpid: 1:426314996884:web:da15f7800d406a21866881
Referer
X-Client-Version: Chrome/JsCore/9.10.0/FirebaseCore-web
accept-language: en-US,en;q=0.9
X-Firebase-Client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMzMgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjMzIGZpcmUtanMvIGZpcmUtYXV0aC8wLjIwLjcgZmlyZS1hdXRoLWVzbTIwMTcvMC4yMC43IGZpcmUtanMtYWxsLWFwcC85LjEwLjAiLCJkYXRlcyI6WyIyMDIzLTEyLTI2Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xincarning.cyou
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 951
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame C378
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=1F5CQYtQPfVe_xbSJyBovhiRlnHbibY6

43 B
659 B

180ms
72ms

Image
image/gif

18.160.172.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=1F5CQYtQPfVe_xbSJyBovhiRlnHbibY6
Protocol: H2
Server: 18.160.172.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-92.iah50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
via: 1.1 a482940a2cf06eb5d2ed41088b95c672.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAH50-P2
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: F6ZKPQz7kv996Xp76WBQ-oFy_P1SjFTxSjPjXRJBQkXeTSf8IpMWqw==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=1F5CQYtQPfVe_xbSJyBovhiRlnHbibY6
date: Tue, 26 Dec 2023 07:46:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 836540
content-length: 0

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 99C9 59 KB
19 KB 191ms
190ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 18968
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "c86192cfedb7f8f25c4ffc5c8a6eeb20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ppjIfXBWXY0Jo_h9OmuTv6P1TaDWDRK8enHk00A0vYjlclX0c5qvDA==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 3853 59 KB
19 KB 228ms
228ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18968
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "c86192cfedb7f8f25c4ffc5c8a6eeb20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1yUhpdY1ttR7lb-nIG65zp_-ZrXA7jKr1jqBhsnZONLBmWkxefxZlw==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 4B34 59 KB
19 KB 206ms
205ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18968
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "c86192cfedb7f8f25c4ffc5c8a6eeb20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: lwmI4SsDPHviRdMsboyQDd6f0-3xfaww6zZQvP8HSFN-ATRD5usc1g==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 1372 59 KB
19 KB 198ms
197ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18968
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "c86192cfedb7f8f25c4ffc5c8a6eeb20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: iVhmupQH5Ch6xNJCK5jt8P9pluQvCVmr0qkOUsJAsk36R1KjbN-QDw==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 82C6 59 KB
19 KB 194ms
194ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=2b5b303
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18968
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "c86192cfedb7f8f25c4ffc5c8a6eeb20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: iBA8Dyay0YTLvBSveh7rJ4iWNMXfZMGsHPkRLaAEeVqDByZJEblzog==

GET
H/1.1 200
OK 258.index.js Show response
production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com/0cf42b376feeb11d247d11c5c05f6df0995db72f/ 27 KB
8 KB 282ms
94ms Script
application/javascript 3.5.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com/0cf42b376feeb11d247d11c5c05f6df0995db72f/258.index.js
Requested by: Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/production-klarna-il-shopify-osm/0cf42b376feeb11d247d11c5c05f6df0995db72f/nili-lotan.myshopify.com-1695222125438.js?shop=nili-lotan.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.66.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 329173b311eb02ebad5191d3b7314d7ffaeb93d00504f46009f4392bbad28e8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:59 GMT
Content-Encoding: gzip
x-amz-expiration: expiry-date="Fri, 20 Sep 2024 00:00:00 GMT", rule-id="NDY0MzI3NGQtNzIyMS00MjYwLWJkM2YtZmI5NzBiMjU2ZDAy"
Last-Modified: Wed, 20 Sep 2023 14:51:10 GMT
Server: AmazonS3
x-amz-request-id: JBTKKBPKGV6A3ZMS
ETag: "b7c0eb5dbc0c7e9f220f476edc2caf97"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7290
x-amz-id-2: nWgzAUF30BcoKgugpst8YdR76UUIreCN5Abizz4ruFHFrTmUxzR8tbMXNmemHDD6JFOugvE/mnQH3q0g1K50aA==

GET
H/1.1 200
OK 906.index.js Show response
production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com/0cf42b376feeb11d247d11c5c05f6df0995db72f/ 19 KB
7 KB 272ms
92ms Script
application/javascript 3.5.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com/0cf42b376feeb11d247d11c5c05f6df0995db72f/906.index.js
Requested by: Host: s3.eu-west-1.amazonaws.com
URL: https://s3.eu-west-1.amazonaws.com/production-klarna-il-shopify-osm/0cf42b376feeb11d247d11c5c05f6df0995db72f/nili-lotan.myshopify.com-1695222125438.js?shop=nili-lotan.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.66.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8aae41e1a2b8d60ec5c73a13665fe0946db2aef3d557c8704629711bd277320

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:59 GMT
Content-Encoding: gzip
x-amz-expiration: expiry-date="Fri, 20 Sep 2024 00:00:00 GMT", rule-id="NDY0MzI3NGQtNzIyMS00MjYwLWJkM2YtZmI5NzBiMjU2ZDAy"
Last-Modified: Wed, 20 Sep 2023 14:51:10 GMT
Server: AmazonS3
x-amz-request-id: JBTK2QZYBQZWJWZV
ETag: "5c63e0b6bef8e6473e90d276b8f68382"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6468
x-amz-id-2: XSgDRbsgKA00OT7W1YqlG6sLjifLGJkKX4ZfmpBsjPTROm0C+ULLkTytTKeNhlMW+kWVtz732EoRvc/O1yhktQ==

GET
H2 200 setuid
ib.adnxs.com/ Frame C378 43 B
850 B 5ms
4ms Image
image/gif 68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-ZJgtoneeeyKR2yh2IeMkpawXU-47GV21prjlwg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
an-x-request-uuid: fc30fb9d-b2c2-4a7d-b240-7a6b51abcbf1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.133; 5.181.234.133; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aae01ce5e85559210f1db97609d411ea.svg
lcx-widgets.bambuser.com/ Frame 0B3F 168 B
643 B 39ms
39ms Image
image/svg+xml 18.160.172.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lcx-widgets.bambuser.com/aae01ce5e85559210f1db97609d411ea.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.172.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-172-47.iah50.r.cloudfront.net

Software

Resource Hash

e458fde2b6bca16ceea6c719dde735764efaadfc9a5c526febd0658b3394ea6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://lcx-widgets.bambuser.com/widget.html?bambuserLiveshoppingFloatingCondensed=null&bambuserLiveshoppingFloatingId=wup0f1XwVVQaQXEGLni2&bambuserLiveshoppingUid=3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48&id=51fd3cae-172f-4ba5-b737-2bcc759202fd&name=floating&widgetId=wup0f1XwVVQaQXEGLni2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
via: 1.1 9a4eb06434583d2d2dd491346f19ecf2.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 07:46:58 GMT
x-amz-cf-pop: IAH50-P2
age: 26
x-cache: Hit from cloudfront
content-length: 130
x-served-by: cache-iad-kcgs7200103-IAD
last-modified: Wed, 20 Dec 2023 09:59:55 GMT
x-timer: S1703129852.034510,VS0,VE1
etag: "c40cd3ff8a45bff2205d7b1b493df85403ac4046ecc22cfd050913373b8fb7ba-br"
vary: accept-encoding
content-type: image/svg+xml
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: wgzi1ud4Q5Zl0to9i46KZsO_yZE_dHd_Zs1D7i1axip40gcwiNutaw==
x-cache-hits: 1

GET
H3 200 NiliLotan_R24PDP_LOOK_16_40541_e212b5fc-6aa8-4924-bcc8-122bfeba609b_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 29 KB
29 KB 17ms
17ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_16_40541_e212b5fc-6aa8-4924-bcc8-122bfeba609b_600x600.jpg?v=1697575857

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

c2826662aa8ed619ed54af92065f3a6e80f4570e341c2d8daa95530548b26306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4634450
source-type: image/jpeg
server-timing: imagery;dur=258.420, imageryFetch;dur=97.284, imageryProcess;dur=159.109;desc="image", cfRequestDuration;dur=12.000084
source-length: 1629535
content-length: 29250
x-xss-protection: 1; mode=block
x-request-id: 2e48eb89-d20d-4a63-a11a-0d3dd71972ce
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 16:15:59 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MUTIYFVmcNkmrdk%2F1NVRa4mi6M%2FDwEi6TRAtEPFo8Bi%2FvDfGnx31uhy5nNjrUI5nn%2FCKrHbaq5m7nXE4wq7EIFGc85E7vPVjSG5wFx7cbd1cjr1WBAgdWAi7H7lE9%2BhdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_16_40541_e212b5fc-6aa8-4924-bcc8-122bfeba609b_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fb95e6d-EWR

GET
H3 200 LOUISE-BELT_BLACK-W-SHINY-BRASS-BUCKLE__295-_1_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/products/ 6 KB
7 KB 21ms
21ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/products/LOUISE-BELT_BLACK-W-SHINY-BRASS-BUCKLE__295-_1_600x600.jpg?v=1668462327

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

d3310e4c9856362bc33a710693c752a4a5278b3c6635a8826aa7aed2c74d0483

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3619678
source-type: image/jpeg
server-timing: imagery;dur=184.259, imageryFetch;dur=38.984, imageryProcess;dur=142.047;desc="image", cfRequestDuration;dur=13.000011
source-length: 256783
content-length: 6460
x-xss-protection: 1; mode=block
x-request-id: 481bc94d-98bf-49b3-8683-c1e252d5bde4
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 07:43:41 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oriTYeo5Hz3aS%2FACciTqTyF6xaFbaF4PWJil27LDbwuFjhRQ3dbCKYC%2Btb6yMpCtPUicH5R3Tn8UlLsBDYiqXrImIkZrkY7V7Q%2FySauYCkxUv0rjZnmSHhfTM%2FzSbgzIWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/products/LOUISE-BELT_BLACK-W-SHINY-BRASS-BUCKLE__295-_1_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fba5e6d-EWR

GET
H3 200 F21_B0002_L39_JANE_BELT_SHINY_BRASS_BLACK_CROC_3000x_86d8259d-5ac4-4d28-817c-27e3f1037249_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 7 KB
8 KB 14ms
14ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/F21_B0002_L39_JANE_BELT_SHINY_BRASS_BLACK_CROC_3000x_86d8259d-5ac4-4d28-817c-27e3f1037249_600x600.jpg?v=1694463977

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

a971f8f24fa5581e2d55947a5c1e05ce52cb44ebf12f6b858e586522073a5b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3634991
source-type: image/jpeg
server-timing: imagery;dur=320.037, imageryFetch;dur=60.186, imageryProcess;dur=253.506;desc="image", cfRequestDuration;dur=9.999990
source-length: 361976
content-length: 7030
x-xss-protection: 1; mode=block
x-request-id: eedfab8b-5b24-4491-bfda-c979347304e2
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 08:56:49 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCXhvXQUWYY0b2jRA3x%2BP3w1pdzKakrxEWb8al%2B73x6m%2FE2Zb3VnrbfXw%2FH1xtQXESrBuJ3l9Thln5q%2FDUFIthF4d0hal2Z97i0hnWDPxTFU9II3C3ZvHo4Ez%2FzJhP3D0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/F21_B0002_L39_JANE_BELT_SHINY_BRASS_BLACK_CROC_3000x_86d8259d-5ac4-4d28-817c-27e3f1037249_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fbb5e6d-EWR

GET
H3 200 JANE_BELT_BLACK_FLAT_-EURO-360_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/products/ 6 KB
7 KB 21ms
20ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/products/JANE_BELT_BLACK_FLAT_-EURO-360_600x600.jpg?v=1668462523

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

37bc2a718999f7b89c5fc3dbe3ca540e7b24dde8b4743d5bbf8321e55be1ea26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1592003
source-type: image/jpeg
server-timing: imagery;dur=261.244, imageryFetch;dur=88.308, imageryProcess;dur=171.474;desc="image", cfRequestDuration;dur=13.000011
source-length: 188195
content-length: 6066
x-xss-protection: 1; mode=block
x-request-id: c39dbb22-5f0c-4747-a288-6807f49bfa74
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 09:32:51 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twNxcWhOQTW2FnhPX5VSiaP0uw1gKrt6cot5gKpjoZVsriVSVuv4LfUkTsHLk6x6xtISEn4JEBM5CmiD4TwEcBYrXxMHywxisOcxZ%2FnAuNNnmbRnxtoaDgmcBfzf%2B5%2F6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/products/JANE_BELT_BLACK_FLAT_-EURO-360_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fbd5e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_23_40183_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 24 KB
24 KB 20ms
19ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_23_40183_600x600.jpg?v=1696960418

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

8e504412fa8566caae82c76a5212c4ae0fbcb94cd2483adc095eb2bec5e2c72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4634793
source-type: image/jpeg
server-timing: imagery;dur=370.330, imageryFetch;dur=54.405, imageryProcess;dur=207.318;desc="image", cfRequestDuration;dur=10.000229
source-length: 1307258
content-length: 24138
x-xss-protection: 1; mode=block
x-request-id: 08c5c63d-614e-462b-8404-c68672947ffa
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 16:16:01 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3FrAeoSyGYu9xaelZ46Tnu6bSPwZVzFaRrzU4HoADVO%2FG1O32iHfO5nzUMMSS2MTq%2FoJ4MGAx8r1RUTtkFyjs7dr72HC6DFqEvO9JFj30AEzbG3xSqqhXeSfkvl1FW3Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_23_40183_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fbf5e6d-EWR

GET
H3 200 NILILOTAN_F23_PDP_LOOK_98_452_54dbae07-43a2-4074-afc9-8b3b1ec3f545_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 23 KB
24 KB 23ms
21ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_F23_PDP_LOOK_98_452_54dbae07-43a2-4074-afc9-8b3b1ec3f545_600x600.jpg?v=1693405492

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

80117ddb29cb5fc777a0894ef1596151065b8805ceffd2b41327bf633f9ac111

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2410890
source-type: image/jpeg
server-timing: imagery;dur=223.030, imageryFetch;dur=48.045, imageryProcess;dur=170.834;desc="image", cfRequestDuration;dur=12.000084
source-length: 1359293
content-length: 23988
x-xss-protection: 1; mode=block
x-request-id: 13bb1159-e90b-4302-a12b-a6af56f62c13
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 16:19:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QX232pDhAcuhjYv5ffNx0zIO8aEsnh1BPYh7rRM5bAuwU0bnCuu5iUmfWw6L6vDe2i4mL7jWwDwvbjRxTfwWWKJn3mxTT6iqmsqkknidYabXFDA0fgnAketYbSht8ME81g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_F23_PDP_LOOK_98_452_54dbae07-43a2-4074-afc9-8b3b1ec3f545_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc15e6d-EWR

GET
H3 200 NILILOTAN_F23_PDP_LOOK_5_22541_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 24 KB
25 KB 23ms
22ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_F23_PDP_LOOK_5_22541_600x600.jpg?v=1689626988

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

f9c10602b3d4b7bed9b9a7bc3a9f0e4db880e454c4e64f1b938fb6bb55bfa8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3882257
source-type: image/jpeg
server-timing: imagery;dur=232.895, imageryFetch;dur=64.957, imageryProcess;dur=165.403;desc="image", cfRequestDuration;dur=9.999990
source-length: 1423765
content-length: 24678
x-xss-protection: 1; mode=block
x-request-id: 697c1c94-9569-47c8-9e35-55fb01779157
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 07:48:42 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEMeSiOPeTKOSDKlcZ3fW1JykvwrXxUQpIHiPIAb%2FRTAJ8RsMew9ZL%2FjLBkbqnZfP1q93Bxtq11Xea7HwkH4CwpjGaxtOrwQMCcMX7LtwrzRbeK3vythYJnSPP5IhINv3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_F23_PDP_LOOK_5_22541_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc35e6d-EWR

GET
H3 200 NILILOTAN_PF23_PDP_LOOK_30_3187_5877e9f2-375e-4bdd-8aa1-345a8b1a5ebb_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 16 KB
17 KB 25ms
24ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_PF23_PDP_LOOK_30_3187_5877e9f2-375e-4bdd-8aa1-345a8b1a5ebb_600x600.jpg?v=1689876599

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9bcc1a413d4026fcc5ec55b5dc7e23805236cfb990b507a9044bb47b164cad66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2230416
source-type: image/jpeg
server-timing: imagery;dur=250.559, imageryFetch;dur=101.872, imageryProcess;dur=146.463;desc="image", cfRequestDuration;dur=13.000011
source-length: 1103314
content-length: 16848
x-xss-protection: 1; mode=block
x-request-id: bc122e5d-6714-43f2-b120-c70f278e0d12
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 07:56:47 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMfcdgSQZkKMwqidlKlxANDUq1QyMYRmlVdE2vE3ocQvm522KX0fi77huBYR1x5NgRW2R1vgXkEU7W9ype1K3iVa2bc%2FeejQ%2FxX5uM2MsNK%2Fe%2FqbhMo6671CKmk46ncJoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_PF23_PDP_LOOK_30_3187_5877e9f2-375e-4bdd-8aa1-345a8b1a5ebb_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc45e6d-EWR

GET
H3 200 NILILOTAN_DENIMPDP_LOOK_11__330332_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 27 KB
28 KB 26ms
24ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_DENIMPDP_LOOK_11__330332_600x600.jpg?v=1701361504

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

a71fba5a99f1949fc8a60ba0d7aed7d83026d099c9421ca821a69387aa9f545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2214303
source-type: image/jpeg
server-timing: imagery;dur=235.301, imageryFetch;dur=48.731, imageryProcess;dur=182.359;desc="image", cfRequestDuration;dur=11.999846
source-length: 1190057
content-length: 27760
x-xss-protection: 1; mode=block
x-request-id: 05f969f9-0f74-4243-a92c-892f7386667c
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 16:33:15 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUJSUbEIQY8J23FJzKjQEL4ZtSFUCnxtNJdS8NpSMPPLLe%2BpTSfYgTglNkqLCY2Eri2sN4jLDfyFyhw7nMMzT6VvvrUhSCmF%2BWtp1QlTBSYTTjG4eQB1vibQI%2FC0prI8ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_DENIMPDP_LOOK_11__330332_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc55e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_86_2076_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 25 KB
26 KB 27ms
25ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_86_2076_600x600.jpg?v=1700167045

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

17c0809ad3c3b69d95e0683ecc149aaa967125db346673cd341ea0ae5f365c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2330004
source-type: image/jpeg
server-timing: imagery;dur=195.887, imageryFetch;dur=77.216, imageryProcess;dur=116.521;desc="image", cfRequestDuration;dur=10.999918
source-length: 1417018
content-length: 25636
x-xss-protection: 1; mode=block
x-request-id: 93aa4a16-ab9d-4a91-bb3d-6630e7c7fd95
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 20:47:59 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXI4yKdl81myfgdG4%2FVNkd%2Bin3O18Aq4VFxeDrIg1dUqD9T9wUz55j8wT%2F9J3JKuYdKJWVV%2BnOu37svdxNUwJ05v8T9dFM5gP9JBR4M9C4C9qYNV5alKOdfHDi0R8c4uQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_86_2076_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc75e6d-EWR

GET
H3 200 PF22_NILI-BELT_BLACK-ANTIQUE-BRASS__370_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/products/ 7 KB
8 KB 28ms
27ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/products/PF22_NILI-BELT_BLACK-ANTIQUE-BRASS__370_600x600.jpg?v=1682693645

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

1de4105dd06ceef53730507841baaef5b642a72f8560a397c90d87ce74969173

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3709573
source-type: image/jpeg
server-timing: imagery;dur=213.259, imageryFetch;dur=71.478, imageryProcess;dur=140.751;desc="image", cfRequestDuration;dur=9.999990
source-length: 275405
content-length: 7048
x-xss-protection: 1; mode=block
x-request-id: 14053263-39a5-4ec0-8b6d-f222e1e6ceaf
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 04:54:56 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXAPN2AnJMJkcN2xiKvG127x45LDmVw6JxCsQhiB5Yxf7RaP5%2F9iDGG6fZr4K6KfSpEzJN7tsGMKhW44UvSLo6CySNPIFisrqK8nERWlfOL7AtLwVZi86p70KBlzhE2q5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/products/PF22_NILI-BELT_BLACK-ANTIQUE-BRASS__370_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc85e6d-EWR

GET
H3 200 NILILOTAN_R24PDP_LOOK_115_3139_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 21 KB
22 KB 28ms
27ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_R24PDP_LOOK_115_3139_600x600.jpg?v=1701899576

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

ec63fc7e4afd3dd55f868192f094718a981b0f636f6d1f0e1fab0caf27313421

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1676015
source-type: image/jpeg
server-timing: imagery;dur=234.540, imageryFetch;dur=46.187, imageryProcess;dur=186.666;desc="image", cfRequestDuration;dur=9.999990
source-length: 1201905
content-length: 21458
x-xss-protection: 1; mode=block
x-request-id: eee189fb-69ee-4042-a62f-5d382cc40946
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 21:59:56 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUbtjZrTO447LYJQJaMYqGwQhNLvAIZPD3AEE07m08UzZCV56dHRRURV3%2BWAsktdtRtQlcoq2Yup9JyEIhQkbl2NxsrdYHHPkhbsAWziepJB4KEN8GhWkvHrJLC6oUri7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_R24PDP_LOOK_115_3139_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fc95e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_5_39212_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 32 KB
33 KB 29ms
29ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_5_39212_600x600.jpg?v=1696967037

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

87fe611a5ef64990e71ea393cee23858028522dc7fb8ee1f616a81286799b447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2418397
source-type: image/jpeg
server-timing: imagery;dur=312.160, imageryFetch;dur=51.375, imageryProcess;dur=258.823;desc="image", cfRequestDuration;dur=11.000156
source-length: 1645080
content-length: 33246
x-xss-protection: 1; mode=block
x-request-id: 0e21894b-dc12-46e6-8d5d-a19e0d35e3f3
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 07:53:45 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US4ask%2FHgUwIK4yQhWjmeDXmJ09udnWgW2OCrX%2FCbuiwddCIsnug%2FRiz11Xoezr41K2hUznrScohKB%2FYdOUgeRFiudgTDn1PQAQf51GTdAUn0H2PXLS8YshYM%2Brbn3qtgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_5_39212_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fcc5e6d-EWR

GET
H3 200 NILILOTAN_DENIMPDP_LOOK_16__331772_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 24 KB
25 KB 30ms
30ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_DENIMPDP_LOOK_16__331772_600x600.jpg?v=1691429480

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

209f51d1a85a1d50f30758934252ba56bf17183c1e456cdc8261ab1380326a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3620390
source-type: image/jpeg
server-timing: imagery;dur=257.558, imageryFetch;dur=47.326, imageryProcess;dur=207.660;desc="image", cfRequestDuration;dur=11.000156
source-length: 1356398
content-length: 24640
x-xss-protection: 1; mode=block
x-request-id: c4a0e792-66f4-4853-87f1-a6e62c70cf59
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 21:58:09 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jV0OrhrCRktm79PvdmU8SAoBP%2FSMYF%2B4rsrCaBX7bFBfpy3PQK7vj%2BBtgNI2pK11I%2BQYM%2FNinfYtdbvLnVZ1n09sp0TIyfvMGT83KM2XdP2o1iGtFxJwjkhKJIDMX0%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_DENIMPDP_LOOK_16__331772_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fcd5e6d-EWR

GET
H3 200 NILILOTAN_PF23_PDP_LOOK_18_2195_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 43 KB
44 KB 48ms
48ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_PF23_PDP_LOOK_18_2195_600x600.jpg?v=1687461862

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

ffba6237ef5da71fc6676efc75a9ae67d9f6d01819c1337f0bf9bc20f1255cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
source-type: image/jpeg
server-timing: imagery;dur=209.510, imageryFetch;dur=46.925, imageryProcess;dur=161.093;desc="image", cfRequestDuration;dur=40.999889
source-length: 2010922
content-length: 43886
x-xss-protection: 1; mode=block
x-request-id: d7822caa-b193-46d1-ac45-55186dd0fa6c
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Nov 2023 12:29:10 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqEzDrG1XS4%2FSSJ%2Br63IvJJ8ZZ3VFKfokKEMe%2BzLqYwDRN9FmefElYzRbGRQB38fGQEqRVK1wv7K7PGuqxU1sXozKXI4CLqN6LPmQY2OFFJEZJU83oKYblMhzBwinZhyWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_PF23_PDP_LOOK_18_2195_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fce5e6d-EWR

GET
H3 200 NILILOTAN_DENIMPDP_LOOK_18__332482_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 24 KB
25 KB 30ms
30ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_DENIMPDP_LOOK_18__332482_600x600.jpg?v=1691429770

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

d9d84bb996279cf311996e3ddeee766bb52181b0a3a57baeade3f078c8fbbc5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3979152
source-type: image/jpeg
server-timing: imagery;dur=256.972, imageryFetch;dur=109.689, imageryProcess;dur=144.242;desc="image", cfRequestDuration;dur=11.999846
source-length: 1509245
content-length: 24442
x-xss-protection: 1; mode=block
x-request-id: 6e3166c7-dc56-4972-af72-bd96a1bb7647
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 10:06:14 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGlZdgPUPo2RPAUpLdpBX4QNT326ZZ9HuROHnr2I9hHS7%2FupTI112E7JoilUA9rejLb%2Bglm9EbP9GMXLJKzH1cI9u3xZFlTeAv5CbaTYnemN2ASXOW9qNWF7rKt4gt4iyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NILILOTAN_DENIMPDP_LOOK_18__332482_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fcf5e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_36_40900_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 22 KB
23 KB 31ms
30ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_36_40900_600x600.jpg?v=1696967838

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

020eff85258c93e4249af888e8c166d43411f8332c101383f291a04e876dbaec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3958289
source-type: image/jpeg
server-timing: imagery;dur=241.560, imageryFetch;dur=47.338, imageryProcess;dur=191.176;desc="image", cfRequestDuration;dur=10.999918
source-length: 1343920
content-length: 22246
x-xss-protection: 1; mode=block
x-request-id: adc7b906-a68b-44e8-bac0-8ce9b349ba78
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 10:38:08 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOSZWeihTvloywYMCWqrltQMhxuxIzxYy4CJZGvts4PI7Q5S%2FOLfpvTUQ12sKmsutkckZ%2B%2Fpx0VrEA8n1zop7pT7J%2BLkRy5ZNAtrsrUyiHwVU4SncZeIzNJ63SJpfJ97BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_36_40900_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fd15e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_13_39637_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 20 KB
21 KB 32ms
32ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_13_39637_600x600.jpg?v=1697485270

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

6495e272aa3eda8978beefc1d039d66a11f09a05734d3c7ec56ab5094b507f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2331893
source-type: image/jpeg
server-timing: imagery;dur=189.210, imageryFetch;dur=78.351, imageryProcess;dur=109.184;desc="image", cfRequestDuration;dur=15.000105
source-length: 1256827
content-length: 20436
x-xss-protection: 1; mode=block
x-request-id: 0933bfd3-7623-4e5f-ad4d-eccfde6c0fc5
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 11:11:07 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1kS1SbnkdVZTezLcYU2%2FarOV4b4Ai%2Fa9NofoZSv%2FlGtRWdjuHxf%2Bcy2uxkvL7ePzSIMF4AKZHd2LGaVvUIAQyasHIKm6Dm2xHgiGdssaZGUcU8UIiT96x%2FHXlct%2BQAdDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_13_39637_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fd25e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_84_2031_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 20 KB
21 KB 33ms
33ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_84_2031_600x600.jpg?v=1696968051

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

c2b4dbc03e748f5021a768a9478941d40371c44cfe36183c48c01018a1a110d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3893491
source-type: image/jpeg
server-timing: imagery;dur=248.045, imageryFetch;dur=95.400, imageryProcess;dur=149.528;desc="image", cfRequestDuration;dur=9.999990
source-length: 1216749
content-length: 20712
x-xss-protection: 1; mode=block
x-request-id: fe90b88e-f514-4309-90a8-60be11c86fc8
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 11:28:59 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBvibgn%2Fr1rf%2BJoZCB%2F5IfkjeZAEtDCRUGzJfW1GhsFBKer2644uhx38mWgMjqo8dReZXbXzrB%2BuFUhR47mlSENkpryYcJAjEh3LUqp37Zn3npX8ddcawi1e0jDx5XPP2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_84_2031_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6898fd35e6d-EWR

GET
H3 200 NiliLotan_R24PDP_LOOK_85_2053_600x600.jpg
cdn.shopify.com/s/files/1/0021/7595/9158/files/ 16 KB
17 KB 33ms
33ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_85_2053_600x600.jpg?v=1696966443

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

586a1808c7f3819e20ab09c2cf9b0f785f2f20d06f9b583d095b385362e9139a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1572376
source-type: image/jpeg
server-timing: imagery;dur=245.483, imageryFetch;dur=57.508, imageryProcess;dur=184.739;desc="image", cfRequestDuration;dur=11.000156
source-length: 1069684
content-length: 16664
x-xss-protection: 1; mode=block
x-request-id: 4d308ab8-f8a7-42eb-948f-5bd79e1db2be
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 06:50:24 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NyRG4%2FM%2FHuA1%2B5IcQaUO4%2F9mEcST5WcxgtlX5xSB2eEjKVzGTPmoMu1X7Ppw8ouY3WWbDCfWXSVelxoTXu36q4y46mHwQXFWfQ6UTl43%2F9%2Fs2EWgkWc%2F2HW615ATrbWoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0021/7595/9158/files/NiliLotan_R24PDP_LOOK_85_2053_600x600.jpg>; rel="canonical"
cf-ray: 83b7b6899fd85e6d-EWR

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 533 KB
168 KB 21ms
20ms Script
application/javascript 104.18.18.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=2cf44860&appKey=01GYCCNTGAYCZNTNPTRHY5P1H4

Requested by

Host: config.gorgias.chat
URL: https://config.gorgias.chat/bundle-loader/01GYCCNTGAYCZNTNPTRHY5P1H4?source=shopify1click&shop=nili-lotan.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6700d1b49a401ec02f4f9b7ee2bc2b16268ebb8d538b48128c1ad6c1e0766773

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 16100
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"855a4-1h+njRzSAlAO3ILa/h3PhclytsU"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
cf-ray: 83b7b68aee3d0f37-EWR

OPTIONS
H2 200 beacon
beacon.searchspring.io/ Frame 0
0 63ms
12ms Preflight
application/json 3.92.154.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.searchspring.io/beacon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.154.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-154-249.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 3
content-type: application/json
date: Tue, 26 Dec 2023 07:46:58 GMT
x-amz-apigw-id: Qim17EC_oAMEY5g=
x-amzn-requestid: b01ebe4f-ecb3-4eb6-9657-ab2258556831

POST
H2 200 beacon Show response
beacon.searchspring.io/ 3 KB
3 KB 93ms
92ms XHR
application/json 3.92.154.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.searchspring.io/beacon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.154.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-154-249.compute-1.amazonaws.com
Software: /
Resource Hash: 61ed2338bbbc4d7e8e289c51a34ab1d8c835da917bc9e8d59e5525351187dd7b

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:46:58 GMT
x-amzn-trace-id: Root=1-658a84f2-421fe95c7e7c4e247860123e;Sampled=0;lineage=36267b6f:0
x-amzn-requestid: e021e819-b8af-4e32-8109-773b74330c53
content-length: 2928
x-amz-apigw-id: Qim17HR_IAMEgTQ=
content-type: application/json

GET
H2

200

cksync
hb.yahoo.net/ Frame C378
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OdzV5OXc1RTJ1R2F5aFZQZ2FPb3dhbmhvazlEVU1pNn5B&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&dpid=58301

57 B
503 B

22ms
21ms

Image
image/gif

23.44.201.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OdzV5OXc1RTJ1R2F5aFZQZ2FPb3dhbmhvazlEVU1pNn5B&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&dpid=58301

Protocol

Server

23.44.201.172 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-201-172.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 26 Dec 2023 07:46:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 26 Dec 2023 07:46:58 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OdzV5OXc1RTJ1R2F5aFZQZ2FPb3dhbmhvazlEVU1pNn5B&ovsid=k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg&dpid=58301
date: Tue, 26 Dec 2023 07:46:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 redirect-hit Show response
easy-redirects.shopcircle.co/api/ 2 B
592 B 521ms
184ms XHR
application/json 172.67.145.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://easy-redirects.shopcircle.co/api/redirect-hit?shop=nili-lotan.myshopify.com&path=/

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.145.63 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCGbf9WwRpScpwORzktXWFFxmpv2erEeSQWacSFV9QpxsjbJuAtynJ4eNqEF5Z90zBFPyHTuf8JXLop5DTqENH3Yj37X5tONO%2F5Oot9Hc8eQtzvdyjiw51KIxMwmjn9Sq0fdY0HnyeRwTdrJEXmv"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
x-ratelimit-limit: 60
cf-ray: 83b7b68dda1b7288-EWR
x-ratelimit-remaining: 59

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/HYDBULQYZNCRVDQGUG6Z7S/ 107 KB
31 KB 478ms
71ms Script
text/javascript 99.86.74.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/HYDBULQYZNCRVDQGUG6Z7S/roundtrip.js
Requested by: Host: assets1.adroll.com
URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=HYDBULQYZNCRVDQGUG6Z7S&adroll_pix_id=IIWJJDU7ZFDKFCXZQC4TTH&shop=nili-lotan.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-44.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f684a0760b005a69495b8af0118ba6e3181bf1e41c6dbf1d9f642eb0a0d19cb2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: LFVYu.aasWG7xfllrog3w9i6RUtUq7g0
Content-Encoding: gzip
Via: 1.1 4bfb5bb8bc988f7af3321a7aa11bee76.cloudfront.net (CloudFront)
Date: Tue, 26 Dec 2023 07:46:58 GMT
Age: 1324
X-Amz-Cf-Pop: IAH50-C4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 25 Dec 2023 11:57:01 GMT
Server: AmazonS3
Etag: W/"b5e5c4c1e2d8782f2aeb26db2e1431c7"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9WvlBM10vc-OKlheGNa5URHV9pOI0_j42tJLcK3asaqK9egbdVIX7g==

POST
H2 200 mon Show response
obs.powerrobotflower.com/ 0
147 B 14ms
12ms XHR
application/json 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/mon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://xincarning.cyou
date: Tue, 26 Dec 2023 07:46:58 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 998.b5ad0dc8e327ca5a.js
assets.gorgias.chat/build/static/js/ 0
16 KB 35ms
15ms Other
application/javascript 104.18.18.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/998.b5ad0dc8e327ca5a.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=2cf44860&appKey=01GYCCNTGAYCZNTNPTRHY5P1H4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1724204
x-guploader-uploadid: ABPtcPpIHBaoEQFE4uROJY_Vfrwz7oNA_ggC8NrcYBQwtWhcAcpiSFXoyFhTMp0n0MZF8Ii4cbwFqctZp-e_G2M23cN1uw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Wed, 06 Dec 2023 08:36:56 GMT
server: cloudflare
etag: W/"3f810089ffaa5a6acf0226b7eec7c180"
vary: Accept-Encoding
x-goog-generation: 1701851816097436
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=yHWi+w==, md5=P4EAif+qWmrPAia37sfBgA==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 15963
cf-ray: 83b7b68c5eea0f37-EWR
expires: Thu, 05 Dec 2024 08:42:46 GMT

GET
H2 200 gcmw.c1af676fd9c002c0.js
assets.gorgias.chat/build/static/js/ 0
134 KB 41ms
21ms Other
application/javascript 104.18.18.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/build/static/js/gcmw.c1af676fd9c002c0.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=2cf44860&appKey=01GYCCNTGAYCZNTNPTRHY5P1H4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 312476
x-guploader-uploadid: ABPtcPrBhhsxOYEiSNTDVFERXR6E_Ev_k2jXO2TsdxrpK6e4yxV9btrAyuWCaccSvE9KXf41Mq7jfhA83phEfxxi-bhvPz8XnHWF
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Fri, 22 Dec 2023 16:43:54 GMT
server: cloudflare
etag: W/"9acb0c4c2cc53afa08baed0bc26dacbf"
vary: Accept-Encoding
x-goog-generation: 1703263434502530
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=0Be2TQ==, md5=mssMTCzFOvoIuu0Lwm2svw==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 143224
cf-ray: 83b7b68c5eeb0f37-EWR
expires: Sat, 21 Dec 2024 16:48:59 GMT

GET
BLOB 200
OK a27e176a-37a0-4871-9657-f74cb1bf5a3d
https://xincarning.cyou/ Frame 2333 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xincarning.cyou/a27e176a-37a0-4871-9657-f74cb1bf5a3d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 0
Content-Type

GET
BLOB 200
OK 23895754-6bf9-47db-a331-91ebe64ddfe9
https://xincarning.cyou/ Frame 2333 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xincarning.cyou/23895754-6bf9-47db-a331-91ebe64ddfe9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdbda48bdc0153b50ab58bd701463558a613e614a3a0a822ea113180ed0a417c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 22873
Content-Type

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame C378 59 KB
19 KB 42ms
41ms Script
text/javascript 99.86.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-74-50.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
via: 1.1 da7ea5395e754371818e8c7b67829e5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18968
last-modified: Wed, 20 Dec 2023 19:47:06 GMT
server: AmazonS3
etag: "c86192cfedb7f8f25c4ffc5c8a6eeb20"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: mOyb_AYnYYIahFgUsrZBK3bYHQqjewV0tCZVyTxsT3b2JeMYbVU3pQ==

POST
H2 200 mon Show response
obs.powerrobotflower.com/ 0
16 B 20ms
19ms XHR
application/json 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/mon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://xincarning.cyou
date: Tue, 26 Dec 2023 07:46:58 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET frame.js
tools.luckyorange.com/core/ Frame 5D04 0
0

POST
H2 200 event Show response
api.config-security.com/ 299 B
539 B 391ms
59ms XHR
application/json 34.149.60.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.config-security.com/event
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.60.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 135.60.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 6212da996db600361ef49c3027acc2fc9d316dd441e3c899357863f63962e656

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
via: 1.1 google
etag: W/"12b-dSZy/Sn8qHjx2YhVMbHkaSLPh4M"
x-tw-trace-id: c0305b77813ae1c9342a16b3b228eeb0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299

GET
H2 200 analytics-browser-0.4.1-min.js.gz Show response
cdn.amplitude.com/libs/ 53 KB
18 KB 187ms
86ms Script
application/javascript 99.86.83.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-0.4.1-min.js.gz
Requested by: Host: xincarning.cyou
URL: https://xincarning.cyou/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.83.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-83-118.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d3b81d7cf7f951d87a3f2c4939b1c8e335e68f27818ff64ad77ded066766d3

Request headers

Referer: https://xincarning.cyou/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 02:30:28 GMT
content-encoding: gzip
via: 1.1 473981974bcdf9876b1f81355f227d4c.cloudfront.net (CloudFront)
x-amz-version-id: 3tiMn1yxqbLQOcjMnW8jUlpmbLeU2Kej
x-amz-cf-pop: IAH50-C4
age: 18991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17692
last-modified: Tue, 17 May 2022 16:56:10 GMT
server: AmazonS3
etag: "8bd714eb9b159a7745c3f9359d646ba4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: g50Wb2ex1HTBAjcP_uK1IsaZKCslgdEoHlnbAhhsFpH7WxPDxMTNIA==

GET
H2 200 agents Show response
config.gorgias.chat/applications/01GYCCNTGAYCZNTNPTRHY5P1H4/ 199 B
718 B 339ms
25ms XHR
application/json 104.18.18.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/applications/01GYCCNTGAYCZNTNPTRHY5P1H4/agents

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.18.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

407600d9de0555f3120cc2ff257e9ab2e139ed2275415f039c1004f34842ea43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"c7-vobD438nuuCIt609M1LJGmUB4T0"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
vary: Accept-Encoding
cf-ray: 83b7b68f294743e0-EWR

GET
H2 200 lib.js Show response
na-library.klarnaservices.com/ 35 KB
12 KB 464ms
374ms Script
application/javascript 18.160.172.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://na-library.klarnaservices.com/lib.js
Requested by: Host: production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com
URL: https://production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com/0cf42b376feeb11d247d11c5c05f6df0995db72f/906.index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.172.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-101.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 171a2f8d6ca299d632f4c176f4c0a9fa71ea5cfda7e483cac45432493d048d9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:47:00 GMT
content-encoding: br
via: 1.1 160c4839a20836c0b165cc89ad432986.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 14:38:48 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-P2
x-amz-server-side-encryption: AES256
etag: W/"79c40c04efea226dca58782d0beeec68"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: z8EXgrmLAOKGl4Mwp7x045EiEDM4_j0Wzi0VeJiTItwByNKVIu4DFg==

POST
H2 200 accounts:lookup Show response
identitytoolkit.googleapis.com/v1/ 258 B
275 B 54ms
53ms Fetch
application/json 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyBTIGfZ_OWhmAAu5sDVG8EjXwiylIcGxIk

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

487ee51160b371609fe5dab407e1ea865dca8b692c69feb166effef8b3056956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Firebase-gmpid: 1:426314996884:web:da15f7800d406a21866881
Referer
X-Client-Version: Chrome/JsCore/9.10.0/FirebaseCore-web
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xincarning.cyou
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 accounts:lookup
identitytoolkit.googleapis.com/v1/ Frame 0
0 43ms
43ms Preflight
text/html 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyBTIGfZ_OWhmAAu5sDVG8EjXwiylIcGxIk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version,x-firebase-gmpid
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version,x-firebase-gmpid
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://xincarning.cyou
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 07:46:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5D04 11 KB
858 B 36ms
35ms Stylesheet
text/css 172.217.13.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f10.1e100.net

Software

ESF /

Resource Hash

a5a263756e794d5ad9a686025bb4174bd55dbbca9635748b247a8a527e89354c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 06:04:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:46:58 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 5D04 46 KB
46 KB 358ms
15ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 289301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 23:25:18 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 5D04 46 KB
46 KB 370ms
28ms Font
font/woff2 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 23:25:18 GMT
x-content-type-options: nosniff
age: 289301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 23:25:18 GMT

POST
H2 404 produce
xincarning.cyou/.well-known/shopify/monorail/v1/ 548 B
467 B 128ms
127ms Ping
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/.well-known/shopify/monorail/v1/produce
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 07:46:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFxjK%2B7mIateucA49KC2eW5%2Bd2HEfnaPnqRV3eTNoM5MQu%2BbkFjtDbALTuZ%2Fgv%2FvqH33CWhsqcXNG6tTz4LzF4TN3wqCwSL%2B0%2Fa23EaloVD94xoea1R3DxADBvw4dcwJb04%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b68dea19420d-EWR
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 check-customer
api-v3-docker-nrl2mwczfq-uc.a.run.app/member/ Frame 0
0 376ms
37ms Preflight
text/html 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3-docker-nrl2mwczfq-uc.a.run.app/member/check-customer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2035.1e100.net
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, authorization, status-api-key
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 07:46:59 GMT
server: Google Frontend
x-cloud-trace-context: 16585212d8110389d8b83cef3870be58
x-powered-by: Express

POST
H2 200 check-customer Show response
api-v3-docker-nrl2mwczfq-uc.a.run.app/member/ 87 B
209 B 430ms
427ms Fetch
application/json 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3-docker-nrl2mwczfq-uc.a.run.app/member/check-customer
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2035.1e100.net
Software: Google Frontend / Express
Resource Hash: 998903835942fac92a7bfa991c0111e85ba597e5c9c686c6329926f264a0babf

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjUyNmM2YTg0YWMwNjcwMDVjZTM0Y2VmZjliM2EyZTA4ZTBkZDliY2MiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9tZW1iZXJzaGlwLWIzY2EzIiwiYXVkIjoibWVtYmVyc2hpcC1iM2NhMyIsImF1dGhfdGltZSI6MTcwMzU3NjgxOCwidXNlcl9pZCI6IkhyeVhiMk5QQnVlTEtsV2psdGI3VjFKVzFMbjEiLCJzdWIiOiJIcnlYYjJOUEJ1ZUxLbFdqbHRiN1YxSlcxTG4xIiwiaWF0IjoxNzAzNTc2ODE4LCJleHAiOjE3MDM1ODA0MTgsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.BVW0RTSSoMwqjn3tejq-nAW3aYJv4BDhVXJ4NbifdjkymCMdGrRG73USMQ6x_W7JEyor-385ANjz4hkUvWjQ5gjvl3ByhjSiUxvbVmRH9E938dXsG5ZPsI8gtrUlyJlABPul3HKeB0t5Usz77xNcofpGrra6Dxru_gXIUcbYTUinE50BGhSHwsScNkp_KzUs6f6tXpZnfqdvzA-9B9uNynQVINJUiNcg6O4Kxrzsa3jDgp_qJuyEbTGkDulNU0pxYa7sWT-R7E0Sc8PAWL4cHcSh0Nnk2vgRrPqJR20TB12W-Xu6XLuKNpDR8Vo8n0F3j6CwuzxXYzsfdhlQ8O4wOg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
server: Google Frontend
etag: W/"57-Nxk1/kjLaKCK8UwaDMC4nJO4vTA"
x-powered-by: Express
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 97a08ae05138995aef2cf1b354ef344e
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, authorization, status-api-key
content-length: 87
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 user
api-v3-docker-nrl2mwczfq-uc.a.run.app/init/2175959158/ Frame 0
0 283ms
39ms Preflight
text/html 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3-docker-nrl2mwczfq-uc.a.run.app/init/2175959158/user
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2035.1e100.net
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, authorization, status-api-key
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 07:46:59 GMT
server: Google Frontend
x-cloud-trace-context: 45cd789f88e8c6b1774b9e7e83c5bdc8
x-powered-by: Express

GET
H2 200 user Show response
api-v3-docker-nrl2mwczfq-uc.a.run.app/init/2175959158/ 4 KB
4 KB 89ms
88ms Fetch
application/json 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3-docker-nrl2mwczfq-uc.a.run.app/init/2175959158/user
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2035.1e100.net
Software: Google Frontend / Express
Resource Hash: 35a4ef58c293e0e38895f07e8ac533557638e4abfe9815f353ea17d1e244bcf9

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjUyNmM2YTg0YWMwNjcwMDVjZTM0Y2VmZjliM2EyZTA4ZTBkZDliY2MiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9tZW1iZXJzaGlwLWIzY2EzIiwiYXVkIjoibWVtYmVyc2hpcC1iM2NhMyIsImF1dGhfdGltZSI6MTcwMzU3NjgxOCwidXNlcl9pZCI6IkhyeVhiMk5QQnVlTEtsV2psdGI3VjFKVzFMbjEiLCJzdWIiOiJIcnlYYjJOUEJ1ZUxLbFdqbHRiN1YxSlcxTG4xIiwiaWF0IjoxNzAzNTc2ODE4LCJleHAiOjE3MDM1ODA0MTgsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.BVW0RTSSoMwqjn3tejq-nAW3aYJv4BDhVXJ4NbifdjkymCMdGrRG73USMQ6x_W7JEyor-385ANjz4hkUvWjQ5gjvl3ByhjSiUxvbVmRH9E938dXsG5ZPsI8gtrUlyJlABPul3HKeB0t5Usz77xNcofpGrra6Dxru_gXIUcbYTUinE50BGhSHwsScNkp_KzUs6f6tXpZnfqdvzA-9B9uNynQVINJUiNcg6O4Kxrzsa3jDgp_qJuyEbTGkDulNU0pxYa7sWT-R7E0Sc8PAWL4cHcSh0Nnk2vgRrPqJR20TB12W-Xu6XLuKNpDR8Vo8n0F3j6CwuzxXYzsfdhlQ8O4wOg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
server: Google Frontend
etag: W/"10e8-gkufiZ7mBupfktqNB753JYSiJzI"
x-powered-by: Express
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 42afc6ca37e7ab96362c523fcb796a1e
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, authorization, status-api-key
content-length: 4328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 for-you Show response
api-v3-docker-nrl2mwczfq-uc.a.run.app/init/ 260 B
406 B 74ms
73ms Fetch
application/json 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3-docker-nrl2mwczfq-uc.a.run.app/init/for-you
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2035.1e100.net
Software: Google Frontend / Express
Resource Hash: 1191dfe059a0ec10779dcaf1f2030dce4639ac9586def30dff75c5ab1a58afbd

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjUyNmM2YTg0YWMwNjcwMDVjZTM0Y2VmZjliM2EyZTA4ZTBkZDliY2MiLCJ0eXAiOiJKV1QifQ.eyJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImlzcyI6Imh0dHBzOi8vc2VjdXJldG9rZW4uZ29vZ2xlLmNvbS9tZW1iZXJzaGlwLWIzY2EzIiwiYXVkIjoibWVtYmVyc2hpcC1iM2NhMyIsImF1dGhfdGltZSI6MTcwMzU3NjgxOCwidXNlcl9pZCI6IkhyeVhiMk5QQnVlTEtsV2psdGI3VjFKVzFMbjEiLCJzdWIiOiJIcnlYYjJOUEJ1ZUxLbFdqbHRiN1YxSlcxTG4xIiwiaWF0IjoxNzAzNTc2ODE4LCJleHAiOjE3MDM1ODA0MTgsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiYW5vbnltb3VzIn19.BVW0RTSSoMwqjn3tejq-nAW3aYJv4BDhVXJ4NbifdjkymCMdGrRG73USMQ6x_W7JEyor-385ANjz4hkUvWjQ5gjvl3ByhjSiUxvbVmRH9E938dXsG5ZPsI8gtrUlyJlABPul3HKeB0t5Usz77xNcofpGrra6Dxru_gXIUcbYTUinE50BGhSHwsScNkp_KzUs6f6tXpZnfqdvzA-9B9uNynQVINJUiNcg6O4Kxrzsa3jDgp_qJuyEbTGkDulNU0pxYa7sWT-R7E0Sc8PAWL4cHcSh0Nnk2vgRrPqJR20TB12W-Xu6XLuKNpDR8Vo8n0F3j6CwuzxXYzsfdhlQ8O4wOg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
server: Google Frontend
etag: W/"104-0NJXTIQjAD4GLcvY8c4WNXN6LG8"
x-powered-by: Express
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: ee13e76e304b5338b27a3dfe31ae1a8d
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, authorization, status-api-key
content-length: 260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 for-you
api-v3-docker-nrl2mwczfq-uc.a.run.app/init/ Frame 0
0 283ms
40ms Preflight
text/html 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3-docker-nrl2mwczfq-uc.a.run.app/init/for-you
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2035.1e100.net
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, authorization, status-api-key
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 07:46:59 GMT
server: Google Frontend
x-cloud-trace-context: 939aada5a20151c94546bc567ccf1718
x-powered-by: Express

GET
H2 200 HYDBULQYZNCRVDQGUG6Z7S Show response
d.adroll.com/consent/check/ 515 B
1000 B 473ms
12ms Script
application/javascript 34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HYDBULQYZNCRVDQGUG6Z7S?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&_s=10d1758716da90d811435a4ab84fb082&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/HYDBULQYZNCRVDQGUG6Z7S/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: c062ebd66689c4fc70a9e28058f6f1c6ad55ebfd84d7957f0cb2471d7f1fd36c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 515
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

OPTIONS
H2 204 add
open.pixel.api.whale3.io/trek/ Frame 0
0 478ms
33ms Preflight 34.107.236.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://open.pixel.api.whale3.io/trek/add?r=2.50098662472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.236.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.236.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://xincarning.cyou
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Dec 2023 07:46:59 GMT
vary: Access-Control-Request-Headers
via: 1.1 google

POST
H2 200 add Show response
open.pixel.api.whale3.io/trek/ 49 B
168 B 130ms
123ms XHR
application/json 34.107.236.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://open.pixel.api.whale3.io/trek/add?r=2.50098662472
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.236.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.236.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2a05e2cd763376142d52b07f3d68fe6d9acd5e0d7e8335acb806063ed238f1ab

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
via: 1.1 google
etag: W/"31-d8Bt5QKhTr71XlOJx4uzd2xWYI8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 404 cart.js Show response
xincarning.cyou/ 548 B
450 B 236ms
235ms XHR
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/cart.js?r=2.50097884765
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ppGU%2BoB44SqqbFuG6Rj9SpYITFW6jBah47gehQ9QXF04lfD4K2t8%2BaHJYDcf%2Fz9fAPsoMIjtkGH%2Bu4dd%2FgCAETqIsmHe7HgJFA1XeBk%2F3IYjhLJFFDcmW2xLZrzNVURtEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83b7b68fdb0d420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 318 B
454 B 327ms
6ms XHR
text/plain 104.16.123.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.96 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9794f3b7aed63faf7f5d361c9b906068c22b4acd443ebc4a49e90ec3cb0f4dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 83b7b692fa06192a-EWR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 style.css
cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/ 89 KB
17 KB 18ms
17ms Stylesheet
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/style.css

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/status.main.24d0da2e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

91e1a12929e6014f3d6d03c20f6123738b040462e3e8bd595df1b2f6529f4e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 470764
content-encoding: br
server-timing: imagery;dur=74.447, imageryFetch;dur=74.194, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 70aa912d-71b3-41c2-92ce-3e09364e32d3
last-modified: Wed, 20 Dec 2023 21:00:12 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IIORTXEuHTUX1cMZmY09uxOo0yxj1OMfI288dudEqk%2FSOGHzJW3774hbt3yAlDdPNp71fCOvb8D4CzgTN91vz9EMeCPp%2Fe1nWLfsTsETUlBPJ%2BLIHTxeEaSW7n%2B8zKGFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/style.css>; rel="canonical"
cf-ray: 83b7b6910c505e6d-EWR

GET
H3 200 DynamicPage.de0077c1.js Show response
cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/ 2 KB
2 KB 37ms
37ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/DynamicPage.de0077c1.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/status.main.24d0da2e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

4c7024bd88f2829a6c7455c5f17edfc6bb86ba65a2fea0c056d8cf30e73d7d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://xincarning.cyou
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: imagery;dur=91.240, imageryFetch;dur=90.513, cfRequestDuration;dur=32.000065
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d87f977b-0bda-4b72-836d-4e22c2c83b0b
last-modified: Mon, 25 Dec 2023 18:43:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZRY5faLM4ojGOUJaBRoo1hlGof0NYHwHzzcH3xCzS%2FYHgFrz1DMmMFWuWFpdzvbkDJblIzSOsfLTxyIhJ0mksHu%2BSNMegESyeMQC2fs%2Fj9eo62amLb0DJWb6NISJpwVPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/bed7d249-6abb-43cc-9235-c90159577cce/2.151.13/assets/DynamicPage.de0077c1.js>; rel="canonical"
cf-ray: 83b7b6913a1b4346-EWR

GET
H2 404 cart.js Show response
xincarning.cyou/ 548 B
412 B 10ms
9ms XHR
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/cart.js?r=2.50097884765
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBLhKqbiSA9bWZ5UXPc9IGEcqcwO9aB49Zh7db%2FlciKR42enqiCH5SmyY6qIQshrz1%2FbcEtTD%2BhaccZtsMQIvEQcqveqrE05QUtiAAoaND1vpKWuEAX81cVHqeFF25VP3DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83b7b6921c3a420d-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 200 mon Show response
obs.powerrobotflower.com/ 0
39 B 15ms
15ms XHR
application/json 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/mon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://xincarning.cyou
date: Tue, 26 Dec 2023 07:46:59 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 cart.json Show response
xincarning.cyou/ 283 B
1 KB 229ms
228ms XHR
application/json 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xincarning.cyou/cart.json

Requested by

Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3218055dcace067b7d947dc81680d2a9ed17c9e81b0a895a3c27bfe717858b7e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=7889238, max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
server-timing: processing;dur=11, db;dur=4, asn;desc="46606", edge;desc="LAX", country;desc="US", servedBy;desc="rpcr", requestID;desc="81a21074-dceb-4747-b3f2-9f4d6aef3585", cfRequestDuration;dur=75.999975
powered-by: Shopify
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 2175959158
x-request-id: 81a21074-dceb-4747-b3f2-9f4d6aef3585
x-shardid: 117
x-storefront-renderer-rendered: 1
x-shopify-stage: production
server: cloudflare
x-shopid: 2175959158
vary: Accept-Encoding, Accept
x-frame-options: DENY
content-type: application/json; charset=utf-8
content-language: en
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F5e5Av6Xr8mOK88LI%2FpFUFHtmOZNPgf0qdsM%2FEJz3FCpElxYfa98heAsBjHQVDN6DmstT4OBujzrKEoJ6drAB%2BUQloyZKjyNO6Ys80eXi8m2%2F7EShgvxSdIGl7NPUn9jjga"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 83b7b6929c82420d-EWR
x-sorting-hat-podid: 117
x-cartjs-updatedat: 0

GET
H2 200 IIWJJDU7ZFDKFCXZQC4TTH Show response
d.adroll.com/segment/HYDBULQYZNCRVDQGUG6Z7S/ 42 B
982 B 23ms
19ms XHR
image/gif 34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&cookie=&adroll_s_ref=&keyw=&p0=3359&adroll_external_data=&adroll_version=2.0
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.1
x-rule: *
x-segment-eid: IQZJOX4K2VAXTJGDKPUDBD
content-type: image/gif
access-control-allow-origin: https://xincarning.cyou
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: IIWJJDU7ZFDKFCXZQC4TTH
x-organization-eid: 2RHJOLMLXJH2PC3OR24V5I
access-control-allow-headers: *
x-advertisable-eid: HYDBULQYZNCRVDQGUG6Z7S
x-conversion-currency
x-segment-name: *

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://d.adroll.com/cm/b/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://x.bidswitch.net/sync?dsp_id=44&user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

43 B
235 B

24ms
23ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=44&user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 96
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=Zp4aWpTgb9bhx26GkAQYjg
https://d.adroll.com/cm/g/in

42 B
552 B

15ms
10ms

Image
image/gif

34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expiration=1735112819

43 B
561 B

26ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expiration=1735112819
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duq%2FJse6Gl0nNmA%2BbiLNauQ%2Fw7WvwpC0Fx3EGlYeY5YU0r%2BpCzo5OIuB%2FLAgTpuzb%2BxaSK%2B64dpRc5AoDnYZ9%2BlPsih5Wpw35%2FcwVHvzehPzHzGR1%2Ft32vM3kBlykV8bP45mtH%2FvZw%2BQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7b692dbd71a1b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expiration=1735112819
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 139
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET

/
p.adsymptotic.com/d/px/
Redirect Chain

https://d.adroll.com/cm/l/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://idsync.rlcdn.com/377928.gif?partner_uid=669e1a5a94e06fd6e1c76e869004188e
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGUQABoNCPOJqqwGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=beaeef44adf5f5dc59a6fb72d9ae294085d3311eb247aafd84157074baaa2515791426b5417dce21&_=2
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=07440363

0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expires=365

42 B
939 B

131ms
130ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d3682eda7e5cb79782b1d5475f50e8fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&expires=365
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://us-u.openx.net/w/1.0/sd?id=537103138&val=669e1a5a94e06fd6e1c76e869004188e&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=669e1a5a94e06fd6e1c76e869004188e&gdpr=0&gdpr_consent=

43 B
171 B

28ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=669e1a5a94e06fd6e1c76e869004188e&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=669e1a5a94e06fd6e1c76e869004188e&gdpr=0&gdpr_consent=
date: Tue, 26 Dec 2023 07:46:59 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=&us_privacy=1---

0
287 B

10ms
9ms

Image
text/plain

64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: HTTP/1.1
Server: 64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:46:59 GMT
Cache-Control: no-cache
X-TraceId: c3cc6ba3f89c01ecb6dde5379f82c706
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
389 B

29ms
9ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 25 Dec 2023 21:24:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
330 B

13ms
12ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

0
363 B

33ms
3ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2002

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://eb2.3lift.com/xuid?mid=4714&xuid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&dongle=c85e

37 B
354 B

14ms
13ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&dongle=c85e
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&dongle=c85e
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&advertisable=HYDBULQYZNCRVDQGUG6Z7S
https://ib.adnxs.com/setuid?entity=172&code=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

43 B
918 B

3ms
3ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
an-x-request-uuid: 12fb3585-a9dd-4c0a-ae9d-5f40d61f0f14
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.133; 5.181.234.133; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=172&code=NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU
pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 93
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 /
d.adroll.com/uev/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH/ 2 B
645 B 25ms
21ms Image
text/plain 34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/uev/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH/?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&event_name=homeView&adroll_version=2.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
x-conversion-value
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: text/plain
x-event-name: homeView
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: IIWJJDU7ZFDKFCXZQC4TTH
x-organization-eid: 2RHJOLMLXJH2PC3OR24V5I
x-event-attributes
x-advertisable-eid: HYDBULQYZNCRVDQGUG6Z7S
content-length: 2
x-conversion-currency

GET
H2 200 /
d.adroll.com/uev/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH/ 2 B
647 B 24ms
21ms Image
text/plain 34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/uev/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH/?pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&event_name=productView&adroll_version=2.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
x-conversion-value
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: text/plain
x-event-name: productView
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: IIWJJDU7ZFDKFCXZQC4TTH
x-organization-eid: 2RHJOLMLXJH2PC3OR24V5I
x-event-attributes
x-advertisable-eid: HYDBULQYZNCRVDQGUG6Z7S
content-length: 2
x-conversion-currency

POST
H2 200 IIWJJDU7ZFDKFCXZQC4TTH
d.adroll.com/pex/HYDBULQYZNCRVDQGUG6Z7S/ 42 B
124 B 24ms
11ms Ping
image/gif 34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pex/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH?arrfrr=https%3A%2F%2Fxincarning.cyou%2F&ev=fpidexp&es=load&esv=&pv=12317224153.273987&ex=%7B%22fpc%22%3A%22%22%2C%22lsid%22%3A%22%22%2C%22idbid%22%3A%22%22%7D
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/HYDBULQYZNCRVDQGUG6Z7S/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
server: nginx/1.22.1
content-length: 42
content-type: image/gif

POST
H2 404 update.js Show response
xincarning.cyou/cart/ 548 B
446 B 85ms
82ms Fetch
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/cart/update.js
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPtVmHUGYFve6Ypaimvsgfux%2Fn7Bwk44ysYbj2xKNBNWBzqY6NQ0g7dJwQRLbrupES%2Bgc5if7ky4gzsAB3%2BBQ08tpa3P7YqGzRIHrMaomI00l2ofOlvZ%2F9WwwsHcdQNM53g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83b7b6933cdc420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 404 cart.js Show response
xincarning.cyou/ 548 B
405 B 11ms
10ms XHR
text/html 104.21.20.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xincarning.cyou/cart.js?r=2.50097884765
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:46:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LETjqBYcPopEYYA82SvsiUqqbOH5eWSY4%2Be9G1Q%2BBaZgoTd0vNDRFYIbPK3R058gVPDs2RoXgSri9wtgEjLXhMruuDluwozhlWqczQsiUuvq3kfHVZG1bDhuo5I5wg0TXp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83b7b6936cfa420d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
d.adroll.com/uat/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH/ 2 B
621 B 11ms
11ms Image
text/plain 34.232.35.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/uat/HYDBULQYZNCRVDQGUG6Z7S/IIWJJDU7ZFDKFCXZQC4TTH/?adroll_fpc=85190bdbfa77afa4c5a4e9572e3b40d0-1703576819633&pv=12317224153.273987&arrfrr=https%3A%2F%2Fxincarning.cyou%2F&user_attributes=%7B%22cart_token%22%3A%22b93d987e9561a8024582b67243c8d650%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.35.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-35-199.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xincarning.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:46:59 GMT
x-user-attributes: %7B%22cart_token%22%3A%22b93d987e9561a8024582b67243c8d650%22%7D
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: text/plain
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: IIWJJDU7ZFDKFCXZQC4TTH
x-advertisable-eid: HYDBULQYZNCRVDQGUG6Z7S
content-length: 2

POST
H2 200 mon Show response
obs.powerrobotflower.com/ 0
39 B 14ms
13ms XHR
application/json 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/mon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://xincarning.cyou
date: Tue, 26 Dec 2023 07:47:00 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.powerrobotflower.com/ 0
16 B 15ms
14ms XHR
application/json 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/mon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://xincarning.cyou
date: Tue, 26 Dec 2023 07:47:00 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.powerrobotflower.com/ 0
39 B 14ms
13ms XHR
application/json 52.45.196.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.powerrobotflower.com/mon
Requested by: Host: www.nililotan.com
URL: https://www.nililotan.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.45.196.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-196-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xincarning.cyou/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://xincarning.cyou
date: Tue, 26 Dec 2023 07:47:02 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/frame.js?v=2b5b303

Domain: p.adsymptotic.com
URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=07440363

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

134 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 17:56:08	Name: _li_ss Value: CggKBgiiARDpFg
xincarning.cyou/	1970-01-21 01:59:59	Name: secure_customer_sig Value:
xincarning.cyou/	1970-01-21 01:59:59	Name: localization Value: US
xincarning.cyou/	1970-01-20 17:33:06	Name: cart_currency Value: USD
.global-e.com/	1970-01-20 17:12:58	Name: __cf_bm Value: YbrSW.tFB7XO8_fZogI04XRvbHTI1EWffxDGhzyogjw-1703576816-1-AeimV2RYpmuyNrZBgQJnN4JU5TFQ9otGaJC8bzCmFS0aBf11h8Vh5F9pgM4CFTteGN0ba+AHwIta/HbcEzpNUZ0=
.xincarning.cyou/	1970-01-21 01:51:20	Name: _shopify_y Value: a5175060-3479-49B0-460C-75AE5479992A
.xincarning.cyou/	1970-01-20 17:12:58	Name: _shopify_s Value: a5175065-AF9F-4279-A16B-37E722F8270F
.xincarning.cyou/	1970-01-20 19:22:32	Name: _gcl_au Value: 1.1.1488819632.1703576816
.xincarning.cyou/	1970-01-20 17:12:58	Name: _shopify_sa_t Value: 2023-12-26T07%3A46%3A56.365Z
.xincarning.cyou/	1970-01-20 17:12:58	Name: _shopify_sa_p Value:
xincarning.cyou/	1970-01-20 17:13:00	Name: shopify_pay_redirect Value: pending
xincarning.cyou/	1970-01-21 01:58:32	Name: ssUserId Value: adc0e3eb-42bc-4b98-97ee-0100066aa4cd
xincarning.cyou/	1970-01-21 01:58:32	Name: _isuid Value: adc0e3eb-42bc-4b98-97ee-0100066aa4cd
xincarning.cyou/	1969-12-31 23:59:59	Name: ssSessionIdNamespace Value: d0f448f4-b9dc-43e8-ac6c-b174105b05c4
.tiktok.com/	1970-01-21 02:34:32	Name: _ttp Value: 2a4TO6QD6s77l2U3iPShjQlr0ZX
.xincarning.cyou/	1970-01-21 02:48:56	Name: _ga_FP901V2FT8 Value: GS1.1.1703576816.1.0.1703576816.60.0.0
xincarning.cyou/	1970-01-21 02:48:56	Name: __kla_id Value: eyJjaWQiOiJaR1l6Wm1RMVltSXRNV0ppTnkwME9USmlMV0ZtTW1NdE1HTTNOamM0TldGaFl6aGkiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDM1NzY4MTcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8veGluY2FybmluZy5jeW91LyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcwMzU3NjgxNywidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly94aW5jYXJuaW5nLmN5b3UvIn19
.xincarning.cyou/	1970-01-21 02:48:56	Name: _ga Value: GA1.2.1771488554.1703576817
.xincarning.cyou/	1970-01-20 17:14:23	Name: _gid Value: GA1.2.1836034548.1703576817
.xincarning.cyou/	1970-01-20 17:12:56	Name: _dc_gtm_UA-17497609-1 Value: 1
.xincarning.cyou/	1970-01-20 17:12:56	Name: _gat Value: 1
xincarning.cyou/	1970-01-21 01:58:32	Name: _bamls_usid Value: 3bcec6ab-31a5-43a0-9a4f-f18ab71c7e48
.xincarning.cyou/	1970-01-20 17:14:23	Name: _uetsid Value: f1ad54c0a3c211ee8e4cc117c3f13bf7
.xincarning.cyou/	1970-01-21 02:34:32	Name: _uetvid Value: f1ad7570a3c211eeb6c09d3655f34ba1
xincarning.cyou/	1970-01-21 01:57:56	Name: __rtbh.uid Value: %7B%22eventType%22%3A%22uid%22%2C%22id%22%3A%221561019%22%7D
xincarning.cyou/	1970-01-21 01:57:56	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%221WOtcKMAxYL6vzS0siaS%22%7D
.bing.com/	1970-01-21 02:34:32	Name: MUID Value: 0779747041F369462136678340EA689B
.bat.bing.com/	1970-01-20 17:23:01	Name: MR Value: 0
.creativecdn.com/	1970-01-21 01:58:32	Name: u Value: OQnt7TKjql2AWNQ6nr5C
.creativecdn.com/	1970-01-21 01:58:32	Name: g Value: OQnt7TKjql2AWNQ6nr5C_1703576816989
.creativecdn.com/	1970-01-21 01:58:32	Name: c Value: OQnt7TKjql2AWNQ6nr5C_KWxdr8t519K1TBqFEK8V_1703576816989
.creativecdn.com/	1970-01-21 01:58:32	Name: ts Value: 1703576816
.xincarning.cyou/	1970-01-20 19:24:20	Name: _cq_duid Value: 1.1703576817.uda5JfCG0p3f9R1a
.xincarning.cyou/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1703576817.nUDHS0cVtGj9ch6p
.criteo.com/	1970-01-21 02:34:32	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:34:32	Name: uid Value: a4643653-a62e-4ca4-95ee-44975df63580
.xincarning.cyou/	1970-01-21 02:34:32	Name: _tt_enable_cookie Value: 1
.xincarning.cyou/	1970-01-21 02:34:32	Name: _ttp Value: 5huLhyZfdI7NIR3bZGgoB_I-2kd
.criteo.com/	1970-01-21 02:34:32	Name: partitioned_bundle Value: e7mTfV9tT09YUmJKSDBmNXclMkZ2T05rN3NtdzlHN2h0QzRqM2s3U3p5JTJGNW1sVkZuV1A0TUtlS1olMkZiS3FjOFZCMzEzZVlDQ0RnU0c3ZjIzbk1HWkpRZTFZMlBXT2lIcSUyQjFrdTlBNVhGUWJrcSUyQmYlMkJUeXV0d2pnelg5UUxrbldNZWc3YzI3bGQ5VWJwaGtJRlZYZmdLU2QzbVBOYUlaOGNDUkhtMCUyRjNrQ1BsJTJGb0trdGRNbzJ5cmdaaXBZT2NYOG1vclp6V2pJ
.xincarning.cyou/	1970-01-20 19:22:32	Name: _fbp Value: fb.1.1703576817261.758096220
.xincarning.cyou/	1970-01-21 01:58:32	Name: _pin_unauth Value: dWlkPVlqSTJPVFpqTVRJdFlXWXdaQzAwT1RkakxXSTJaamt0T1RjMFpUQTRPV1U1T1ROaA
.pinterest.com/	1970-01-21 01:58:32	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 01:58:32	Name: _pinterest_ct_ua Value: "TWc9PSZPUUN5UytPWldPSi81SVpKUnY1ZldtMUZiTGhqNFcyQlBSak9lbDRScTNBLzdNV2YyVDlneWt3MTNORjhkamdXcjJsL2Ewc1Y2cnN0ckVZazg1eGlyMGg4a1JDY2JrV2RSS3Y5SjFUOS9DYz0mMmFJL2wycElvbW1NZ0NBNWQzYk92YkR2NFRBPQ=="
.xincarning.cyou/	1970-01-21 02:48:56	Name: _ga_83VBZY3TR1 Value: GS1.2.1703576817.1.0.1703576817.60.0.0
.xincarning.cyou/	1970-01-21 02:42:20	Name: cto_bundle Value: YkGHyl9tT09YUmJKSDBmNXclMkZ2T05rN3NtdzlHN2h0QzRqM2s3U3p5JTJGNW1sVkZuV1A0TUtlS1olMkZiS3FjOFZCMzEzZVlDQ0RnU0c3ZjIzbk1HWkpRZTFZMlBXT2lIcSUyQjFrdTlBNVhGUWJrcSUyQmYlMkJUeXV0d2pnelg5UUxrbldNZWc3YzI3bE5FcUo3dEJJT0JJWTFETFM1byUyQm5CQSUzRCUzRA
obs.powerrobotflower.com/	1970-01-21 01:16:47	Name: cg_uuid Value: 283f5dc957ebeca8d30b8c105c92839c
xincarning.cyou/	1970-01-20 17:56:08	Name: monsido Value: 5221703576817630
.xincarning.cyou/	1970-01-21 02:48:56	Name: GLBE_SESS_ID Value: 667679922.231305321.1487
xincarning.cyou/	1970-01-20 17:12:58	Name: _shg_session_id Value: a4e2ac95-4231-4253-a776-053123e8d1da
xincarning.cyou/	1970-01-21 02:48:56	Name: _shg_user_id Value: 9b7de0cc-f4e6-4750-9eb6-db925f7e3efe
.bluekai.com/	1970-01-20 21:32:08	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:32:08	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1Lu6wMyd0ESXyewaBB/7l2cz35eDm0EntBDpEB5ePnDMhOye97hDQ
.bluekai.com/	1970-01-20 21:32:08	Name: bku Value: uUW99wsWiZUSnXLZ
.doubleclick.net/	1970-01-21 02:48:56	Name: IDE Value: AHWqTUkZ-c3W5vAR_zXwTWK2PdqYBOtJE0GJAEjqVXp_egLHxOK6RxswfnqErd7M3ZU
.demdex.net/	1970-01-20 21:32:08	Name: demdex Value: 35406696816956718122249154980869405448
.dpm.demdex.net/	1970-01-20 21:32:08	Name: dpm Value: 35406696816956718122249154980869405448
.adnxs.com/	1970-01-20 19:22:32	Name: uuid2 Value: 2437991927369266145
.xincarning.cyou/	1970-01-21 02:48:56	Name: lo-uid Value: 5c57735c-1703576817000-701050e384ad5e90
.xincarning.cyou/	1970-01-21 02:48:56	Name: lo-visits Value: 1
.bidswitch.net/	1970-01-21 01:58:32	Name: tuuid Value: 3f27e6bf-00c8-4457-8f78-cfe244358233
.bidswitch.net/	1970-01-21 01:58:32	Name: c Value: 1703576817
.bidswitch.net/	1970-01-21 01:58:32	Name: tuuid_lu Value: 1703576817
.mediawallahscript.com/	1970-01-21 02:48:56	Name: mCookie Value: f2576220-a3c2-11ee-a368-81fd2626be0b
.mediawallahscript.com/	1970-01-21 02:48:56	Name: mUserCookie Value: %7B%7D
.media.net/	1970-01-21 01:58:32	Name: visitor-id Value: 3465784170813349000V10
.media.net/	1970-01-20 17:56:08	Name: data-c-ts Value: 1703576817
.media.net/	1970-01-20 17:56:08	Name: data-c Value: k-_7cDmHeeeyKR2yh2IeMkpawXU-4LGBUwZlmpAg~~3
.taboola.com/	1970-01-21 01:58:32	Name: t_gid Value: 07a137b0-2391-4570-9477-dd81fa3018c9-tuctc840a72
.taboola.com/	1970-01-21 01:58:32	Name: t_pt_gid Value: 07a137b0-2391-4570-9477-dd81fa3018c9-tuctc840a72
.smartadserver.com/	1970-01-21 02:43:11	Name: pid Value: 1673965067520586429
.smartadserver.com/	1970-01-21 02:43:11	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 01:59:59	Name: csync Value: 79:k-LTK3V3eeeyKR2yh2IeMkpawXU-7M7k3w0bzcpA
.teads.tv/	1970-01-21 01:57:06	Name: tt_viewer Value: 74244f54-622e-4902-9043-c3fb6b3099d3
.3lift.com/	1970-01-20 19:22:32	Name: tluid Value: 285164793996474024393
.casalemedia.com/	1970-01-21 01:58:32	Name: CMID Value: ZYqE8oyHMSpvFhbuFwFfHAAA
.casalemedia.com/	1970-01-20 19:22:32	Name: CMPS Value: 3553
.casalemedia.com/	1970-01-20 19:22:32	Name: CMPRO Value: 3553
.360yield.com/	1970-01-20 19:22:32	Name: tuuid Value: 563adde3-672a-4029-ac3f-de5a73db5362
.360yield.com/	1970-01-20 19:22:32	Name: tuuid_lu Value: 1703576818
.yahoo.com/	1970-01-21 01:58:54	Name: A3 Value: d=AQABBPKEimUCEA3yNxe8fuzAxEcIaoBm63EFEgEBAQHWi2WUZdxX0iMA_eMAAA&S=AQAAAjAM7qFH_lL5ipqwan3iF14
xincarning.cyou/	1970-01-20 17:12:58	Name: keep_alive Value: 43b38f8d-8c82-456b-850e-43f81c131619
.hb.yahoo.net/	1970-01-20 21:32:08	Name: visitor-id Value: 3465784180813382000V10
.omnitagjs.com/	1970-01-20 17:56:08	Name: ayl_visitor Value: f20c6cbb56a6cf21a1e87f5e5fb45228
.liadm.com/	1970-01-21 02:48:56	Name: lidid Value: 4d08e8d3-d7e4-4d3c-9ba6-df5b813e9c5e
exchange.mediavine.com/	1970-01-20 17:33:06	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22f2704150-a3c2-11ee-b9f1-9fa2b3ebd3d6%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:33:06	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22f2704150-a3c2-11ee-b9f1-9fa2b3ebd3d6%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:33:06	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22f2704150-a3c2-11ee-b9f1-9fa2b3ebd3d6%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:33:06	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22f2704150-a3c2-11ee-b9f1-9fa2b3ebd3d6%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:33:06	Name: criteo Value: %7B%22id%22%3A%22k-ggViMXeeeyKR2yh2IeMkpawXU-57RiskzzWGRw%22%2C%22version%22%3A%22criteo%22%7D
.agkn.com/	1970-01-21 01:58:32	Name: ab Value: 0001%3AE5hq8EkLgO6qVSMAYKPO5B%2F5VAmPWMus
.c.bing.com/	1970-01-20 17:23:01	Name: MR Value: 0
.postrelease.com/	1970-01-21 01:58:32	Name: visitor Value: ef3dbbe9-e09f-40a3-97f1-3d12846cfe83
.postrelease.com/	1970-01-21 01:58:32	Name: status Value: 0
.pubmatic.com/	1970-01-20 17:56:08	Name: KRTBCOOKIE_97 Value: 3385-uid:k-A16hyXeeeyKR2yh2IeMkpawXU-6q1fSWiuFj8w&KRTB&23144-uid:k-A16hyXeeeyKR2yh2IeMkpawXU-6q1fSWiuFj8w&KRTB&23286-uid:k-A16hyXeeeyKR2yh2IeMkpawXU-6q1fSWiuFj8w&KRTB&23287-uid:k-A16hyXeeeyKR2yh2IeMkpawXU-6q1fSWiuFj8w
.sharethrough.com/	1970-01-20 17:56:08	Name: stx_user_id Value: b70daee5-1711-4ca3-8e37-93e0dea7a9ff
.360yield.com/	1970-01-20 19:22:32	Name: um Value: !38,67LFbFzKeHc5AyYhYldw.jSvxSP3QoqxPIu1pOmKbeOSQePxxmf1g8zT-gN21qRsACzl5g80,1711352818
.360yield.com/	1970-01-20 19:22:32	Name: umeh Value: !38,0,1765784818,-1
.crwdcntrl.net/	1970-01-20 23:41:42	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:41:42	Name: _cc_id Value: ea0dfe5d485607c713f97cf828023ea8
.adsrvr.org/	1970-01-21 01:59:59	Name: TDID Value: 274e8769-75b8-415f-a6cb-821b4da01aa2
.adsrvr.org/	1970-01-21 01:59:59	Name: TDCPM Value: CAEYBSABKAIyCwiIidWesvzCPBAFOAE.
.mediawallahscript.com/	1970-01-20 17:14:23	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_12_2023 Value: %7B%227bYSR%22%3A1%7D
.hb.yahoo.net/	1970-01-20 21:32:08	Name: data-crt Value: k-ADWC13eeeyKR2yh2IeMkpawXU-4609wHh_Ymmg~~63
.ads.stickyadstv.com/	1970-01-20 17:56:08	Name: UID Value: bea8c86d2a664550ebce19fc1f10ae9
.ads.stickyadstv.com/	1970-01-20 18:39:20	Name: uid-bp-11554 Value: k-LSF8l3eeeyKR2yh2IeMkpawXU-6kNLvvZO0zKA
.rqtrk.eu/	1970-01-20 17:23:01	Name: browser_id Value: 1:80e50774-fdca-48bb-92ba-04715b066774
xincarning.cyou/	1969-12-31 23:59:59	Name: locale_bar_accepted Value: 1
.xincarning.cyou/	1969-12-31 23:59:59	Name: GlobalE_Consent Value: %7B%22required%22%3Afalse%2C%22groups%22%3A%7B%221%22%3A1%2C%222%22%3A1%2C%223%22%3A1%7D%7D
.rezync.com/	1970-01-21 02:34:32	Name: zync-uuid Value: 43bc4958-5da7-415e-af77-66f7b02f3576:1703576818.516597
.rubiconproject.com/	1970-01-21 01:58:32	Name: khaos Value: LQM1NHW1-V-1ELY
pixel.rubiconproject.com/	1970-01-20 19:22:32	Name: receive-cookie-deprecation Value: 1
.smaato.net/	1970-01-20 17:43:11	Name: SCM Value: 92f65302ef
xincarning.cyou/	1970-01-21 01:58:32	Name: AMP_9bdc728a74 Value: {"deviceId":"5a55a70d-4348-4392-b0c2-5ffe9d916ce5","sessionId":1703576818939,"optOut":false}
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzNLSwMDcyNjG1tDAzt7QwF-Iz1A3Lrsh3Cnc0iC80CgcA2VwkdSQAAAA
.rfihub.com/	1970-01-21 02:34:32	Name: rud Value: H4sIAAAAAAAA_-MSsjSzNLSwMDcyNjG1tDAzt7QwF-Iz1A3Lrsh3Cnc0iC80CgcA2VwkdSQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_xXFwRGAMAwDsA_rhGtobKds0wIZhMk59NG7Mfq6YiAN95SF47FZkpGl1Y7qEE9X-0_PHU4MfQQoH_45AAAA
.rfihub.com/	1970-01-21 02:34:32	Name: eud Value: H4sIAAAAAAAA_5skbGZinJRsYmlqoWuakmiua2JomqqbmGZurmtmlmaeZGCUZmxqbmZlaG4Aoi0MLfRMDc1MLc1nCfPCxSwNDM0WofLNAXuDLFVZAAAA
live.rezync.com/	1970-01-21 02:34:32	Name: sd-session-id Value: .eJwVjEEOgyAQAP-yZ2lEWHaXzxjUJSGttBF7qenfS0-TSSZzwfzSY09V6wnxPN46wPoo3RrEC1r57HqHCBLEMtPkPAoHEib4DtC0tfKsc9l64t2yekE2uCUy3qKalIlMCJmWccoOKURL459s-YY2oPTND24qJRk.ZYqE8w.Y1U3tUEkTBk9V8Dg_brN1J4IJaI
.pippio.com/	1970-01-21 01:58:32	Name: did Value: lXz8VRkjSIXeclkw
.pippio.com/	1970-01-21 01:58:32	Name: didts Value: 1703576819
.pippio.com/	1970-01-20 18:39:20	Name: nnls Value:
.xincarning.cyou/	1970-01-21 01:58:32	Name: __ar_v4 Value: %7CHYDBULQYZNCRVDQGUG6Z7S%3A20240025%3A1%7CIIWJJDU7ZFDKFCXZQC4TTH%3A20240025%3A1
.xincarning.cyou/	1970-01-21 01:58:54	Name: __adroll_fpc Value: 85190bdbfa77afa4c5a4e9572e3b40d0-1703576819633
.adnxs.com/	1970-01-20 19:22:32	Name: anj Value: dTM7k!M40*dWIy(ghqdmU(7TOoA@39#?nHYNW9TnR]VCb2wfb)1)R=.w7PT2j7X3TY[Rznh[(klO$M8=>lJeYuJrn3NykC>stXKHW_GBK<QJ:PIWSwg4CLx]gHN0=%CA<^%`7O%Iy=pxgHo`@g:4W3]DgG1%?!5M'wo2uJ+f+0K:TKe'.0%3(Ed5b>w-/6a`-uU
.analytics.yahoo.com/	1970-01-21 01:58:32	Name: IDSYNC Value: "18zh~2ftj:19e0~2ftj:1770~2ftj"
.pubmatic.com/	1970-01-20 19:22:32	Name: KRTBCOOKIE_10 Value: 22808-NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&KRTB&22883-NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU&KRTB&23504-NjY5ZTFhNWE5NGUwNmZkNmUxYzc2ZTg2OTAwNDE4OGU
.pubmatic.com/	1970-01-20 17:56:08	Name: PugT Value: 1703539497
.rlcdn.com/	1970-01-21 01:58:32	Name: rlas3 Value: AI2cAzYywTKUqG/Py51P6DM/kv0Q/Wz7Gn5mmZO1LGY=
.openx.net/	1970-01-21 01:58:32	Name: i Value: 29d214b4-4a90-470c-8e7b-648ed49cd5d6\|1703576819
.d.adroll.com/	1970-01-21 02:41:44	Name: __adroll Value: 669e1a5a94e06fd6e1c76e869004188e-g_1703576819-a_1703576819
.adroll.com/	1970-01-21 02:41:44	Name: __adroll_shared Value: 669e1a5a94e06fd6e1c76e869004188e-g_1703576819-a_1703576819
.rlcdn.com/	1970-01-20 18:39:20	Name: pxrc Value: CPOJqqwGEgUI6AcQABIFCOhHEAA=
.pippio.com/	1970-01-20 18:39:20	Name: pxrc Value: CPOJqqwGEgYI36wrEAA=
.rubiconproject.com/	1970-01-21 01:58:32	Name: audit Value: 1\|zDSqdKu4XMrC5FBUNizpqDgTQfX+mgYqJUkg+rFg812MaGpsUGBQ3vLR+igwmhMdO23s9rUMfFmM1KxoLazIt+aleybw1oy9Ba0etFFpiE3ASW0nx6napLfsxLlKCetFh+py8D7970d+jwEPRoZNjLL486KfF4ZMKODGmWQBvsrmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xincarning.cyou/checkouts/internal/preloads.js?permanent-domain=nili-lotan.myshopify.com&locale=en-US Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-shopify-app-pixel@0570/sandbox/worker.modern.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/wpm@80cd6a5fw8efabb83pbabe92ddm0cb690ee/web-pixel-14712950@ac96a02e1f5608479f943ddad83583cd/sandbox/worker.modern.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://lcx-widgets.bambuser.com/embed.js(Line 1) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://connect.facebook.net/signals/config/647812202032179?v=2.9.138&r=stable&domain=xincarning.cyou(Line 132) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/unstable/produce_batch Message: Failed to load resource: the server responded with a status of 404 ()
worker	verbose	URL: blob:https://xincarning.cyou/726b9d87-c367-438b-82e9-202151e98ab9(Line 1) Message: Error
network	error	URL: https://xincarning.cyou/.well-known/shopify/monorail/v1/produce Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/cart.js?r=2.50097884765 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/cart.js?r=2.50097884765 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/cart.js?r=2.50097884765 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xincarning.cyou/cart/update.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://xincarning.cyou/ Message: The resource https://www.nililotan.com/cdn/shop/t/378/assets/theme.js?v=105428044142932824621692816769 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
aa.agkn.com
ad.360yield.com
ads.stickyadstv.com
analytics.getshogun.com
analytics.google.com
analytics.tiktok.com
api-v3-docker-nrl2mwczfq-uc.a.run.app
api.config-security.com
app-script.monsido.com
assets.gorgias.chat
assets1.adroll.com
bat.bing.com
beacon.searchspring.io
c.bing.com
cdn.amplitude.com
cdn.jsdelivr.net
cdn.shopify.com
cm.g.doubleclick.net
code.jquery.com
conf.config-security.com
config.gorgias.chat
connect.facebook.net
container.pepperjam.com
contextual.media.net
criteo-sync.teads.tv
crossborder-integration.global-e.com
ct.pinterest.com
d.adroll.com
d23dclunsivw3h.cloudfront.net
d38xvr37kwwhcm.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
easy-redirects.shopcircle.co
eb2.3lift.com
exchange.mediavine.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
geolocation-recommendations.shopifyapps.com
gthz36.a.searchspring.io
gum.criteo.com
hb.yahoo.net
i.liadm.com
ib.adnxs.com
identitytoolkit.googleapis.com
image2.pubmatic.com
jadserve.postrelease.com
lcx-widgets.bambuser.com
live.rezync.com
match.adsrvr.org
match.sharethrough.com
na-library.klarnaservices.com
nili-lotan.myshopify.com
ob.powerrobotflower.com
obs.powerrobotflower.com
open.pixel.api.whale3.io
p.adsymptotic.com
p.rfihub.com
partner.mediawallahscript.com
pippio.com
pixel.rubiconproject.com
production-klarna-il-shopify-osm.s3.eu-west-1.amazonaws.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.adroll.com
s.pinimg.com
s3.eu-west-1.amazonaws.com
secure.adnxs.com
sessions.bugsnag.com
settings.luckyorange.com
shop.app
shopify-init.blackcrow.ai
shopify.rakutenadvertising.io
simage2.pubmatic.com
snapui.searchspring.io
sslwidget.criteo.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.criteo.net
static.klaviyo.com
stats.g.doubleclick.net
svc-prod-us.liveshopping.bambuser.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
sync.taboola.com
tag.rmp.rakuten.com
tags.bluekai.com
tags.creativecdn.com
tools.luckyorange.com
tracking-cdn.figpii.com
tracking-settings.figpii.com
tracking.monsido.com
trends.revcontent.com
triplewhale-pixel.web.app
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
utils.global-e.com
visitor.omnitagjs.com
webservices.global-e.com
ws.rqtrk.eu
www.cloudflare.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.nililotan.com
x.bidswitch.net
xincarning.cyou
p.adsymptotic.com
tools.luckyorange.com
104.16.123.96
104.16.228.60
104.18.18.95
104.18.3.187
104.21.20.61
104.26.14.69
107.178.254.65
13.249.59.47
13.249.59.91
135.148.2.56
141.226.224.48
142.250.31.156
15.235.42.102
151.101.1.229
151.101.1.91
151.101.130.137
151.101.194.133
151.101.2.133
151.101.66.133
156.146.36.24
172.217.13.110
172.217.13.138
172.217.13.142
172.217.13.163
172.217.13.168
172.217.13.194
172.217.13.196
172.217.13.202
172.217.13.211
172.64.151.101
172.67.145.63
18.160.168.189
18.160.172.101
18.160.172.46
18.160.172.47
18.160.172.87
18.160.172.92
185.146.173.20
185.184.10.30
199.36.158.100
199.38.167.131
204.79.197.200
216.239.32.21
216.239.32.53
23.216.137.114
23.227.38.33
23.227.38.74
23.227.60.200
23.44.201.172
23.44.203.147
23.47.168.66
23.51.57.155
23.56.163.9
3.130.164.37
3.222.179.146
3.225.250.255
3.33.220.150
3.5.66.104
3.92.154.249
31.13.71.36
31.13.71.7
34.102.147.248
34.107.203.234
34.107.236.171
34.149.60.135
34.200.65.202
34.231.181.97
34.232.35.199
34.98.105.146
35.168.167.152
35.190.88.7
35.190.93.146
35.211.178.172
35.244.159.8
35.71.139.29
52.204.77.239
52.22.5.155
52.45.196.192
52.92.34.136
54.165.111.121
54.80.169.49
54.84.89.113
63.251.28.233
64.202.112.223
68.67.179.155
69.173.151.100
74.119.119.131
74.119.119.139
74.119.119.142
74.119.119.150
8.28.7.83
99.86.102.24
99.86.102.6
99.86.102.75
99.86.102.82
99.86.74.17
99.86.74.26
99.86.74.44
99.86.74.50
99.86.74.77
99.86.83.118
0068af387bf1e48d915cf09feca8bc55b911dcd9300e7741ba1b5298504415d4
00ba9c2d3f43fbece812d3bb63e2cf770cf7b81bf600ca8ec8c4a67806afd621
020eff85258c93e4249af888e8c166d43411f8332c101383f291a04e876dbaec
049bea8a1df87ebe9292c77a866aaa4ce0d3c7812fada4d5c7653e90458d7f32
069bd6d73d7c5c7380be1f427a766d71e44453eb50569b7e7ff79cd080fb56ec
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c92d46581f313de0e958ee989ac07de549ddbdb3fe4aafc7da0416efbb9d8ce
0e3beec46d0b116dce5344eb4248d2eb72c5dad09defa6c9239df1ec4839e4fe
0e3ecbd97c79b1c43125eb294359763c5c1632a14432ee41507ef5c30d5ae8a3
1024c034b1189e8dd36009c89773c7ffd183f5689d4849728076272db684b02b
1191dfe059a0ec10779dcaf1f2030dce4639ac9586def30dff75c5ab1a58afbd
16878f720076d27d5290375a49ac421d643d96b1748b51affd2f4f18fa4d9df9
171a2f8d6ca299d632f4c176f4c0a9fa71ea5cfda7e483cac45432493d048d9f
179a471a9e859abc8338f104a5e367e7f724d9f540454ea0fd9c793324bb409c
17c0809ad3c3b69d95e0683ecc149aaa967125db346673cd341ea0ae5f365c15
19313a7182e4586fedc718f8d4c8768956e01d831ca17be8f16c5c20c2045190
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1de4105dd06ceef53730507841baaef5b642a72f8560a397c90d87ce74969173
1faa3b3c35ea87fc446a3419ad08ad2648a67e250014605551680e29632ec52a
209f51d1a85a1d50f30758934252ba56bf17183c1e456cdc8261ab1380326a19
21018622f3f9b229d93468158dac1a9ff87584f90bb1d9124bf1db6be9ecfbec
25372458d5d0137621f8069ca8a5120c7ef71607d6cb7330efba1f8e6e6a54d7
2604e0106de740bae018e30ef8acfb6b2b8a7f921ceef50db1d4aa07dd40422a
2608b5b36debc6d7321d4fdb1267726febe7e9d2b7bfc711f6c1b56571b95d38
2853c7a4937602c4f23c2a4cd0de87b6cf5411dad6910b3f799194d725d20e69
29b58e012dac5911aed7638b7829c073fc7fc85180bddc8adca5e5fcb39473a3
2a05e2cd763376142d52b07f3d68fe6d9acd5e0d7e8335acb806063ed238f1ab
2b7fa1cdaae770412788d3dc974fb860bbdfedf2a7ea721914faf9ad09d41125
2e7fbf57fb1239a1ddae4a31d5e96c1dd5b2875657d9a1eb81db56b8647cd4cc
3218055dcace067b7d947dc81680d2a9ed17c9e81b0a895a3c27bfe717858b7e
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329173b311eb02ebad5191d3b7314d7ffaeb93d00504f46009f4392bbad28e8d
33bb9d312118840468a53f36b59c62c1e8f2b7d1a0a77250db9e300441827470
345622782ee57bf6575a11bbedf8442a7b6d1e24fa2f41dc91efe7b675ebad7a
353f85cdd75082efd47eb3b3f1f0ab5ff7e0d21fd0a27ef7836a573cca5348f1
3546a54dcf785503921fd892381da30935d01fbf8196bff060b52b07ebba0072
35a4ef58c293e0e38895f07e8ac533557638e4abfe9815f353ea17d1e244bcf9
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37bc2a718999f7b89c5fc3dbe3ca540e7b24dde8b4743d5bbf8321e55be1ea26
3a3aaf8e740c9330b339e89ccd1cbd2fbd6710cccab666824b9637b3bf03242f
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3df3c5e83c1d9f689f73d4ef41b17aeb87a5a74b06f7b5a75ce3712b7ca72394
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f3c67caf23be8362b9045651ba52ac2c1f6da611a56a47f366e244bc2790ceb
407600d9de0555f3120cc2ff257e9ab2e139ed2275415f039c1004f34842ea43
45419c9cc45136cb0b2933aa20a95aa847e248d6b71f68f941a387c36c8e39af
45729480768750d17814000f2f2d2587ae848be18113f27e2539ab361f29d43d
487ee51160b371609fe5dab407e1ea865dca8b692c69feb166effef8b3056956
4b08c9feb0648e053737ecf28c438bedcd308f48df7b0a1081f8a8bbceb914ae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bafbc4b6e39d7716fcc8b99fd86f68676f0b529010aaf0ca003fce48729ea73
4c7024bd88f2829a6c7455c5f17edfc6bb86ba65a2fea0c056d8cf30e73d7d66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e08e2d248fa1c9e922e7c3c1427357297ca7ade8dd963e10d3f6bf162aa6c15
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500243c7cfb30bbb2c5052d69bad8a04774c9404d241cee6da322183dd0aea8f
530ce7a8fdd3709a8a8baa83c8eb1c5fff6f24e50562be0b684cfdd54fc41258
53a76c1136dc2cda3bfc85479843d4f71407471926955db0b25b02a60303c391
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b4ee39aa55f3ea87e7af3212cbadcf5561fcf27edb13a7c28d26b2a6486d82
586a1808c7f3819e20ab09c2cf9b0f785f2f20d06f9b583d095b385362e9139a
5901244ffada2a6a5ad910c8fadc13ead5024ef4b2d18659ff8347aa33ef414f
5984b560afcc6a663018faff525c81523bc8c95a7c7d5a728581628a65cf8ec1
599a02d5ad9a0a15a90f7771b656fa38aa4731de9856f51fdd205d0d3329cfb9
5bddc2359827710b6660b83b1b6e13804654bcc2793109e6f1c7160f4030c429
5cd87d4b3f829cc8a95eab28737afc1b7d626600e06e6772a91dc967f6577433
5d96e6c61621fddb2a2070d3875f04d4dcb13b5df5e001845f5a767feed3ba71
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
61ed2338bbbc4d7e8e289c51a34ab1d8c835da917bc9e8d59e5525351187dd7b
6212da996db600361ef49c3027acc2fc9d316dd441e3c899357863f63962e656
6320da670c21581426dc62ed594375e418570a8f8ad9c19bfc1ffc6ffce8bea6
634d7fee184be9be28aa69bf8ea56684f6c8e771d38501c08f821df46cdd442a
6352462047da04fef0c9e83236e414c6e39f4667a608f04285d7e54f0362bd10
6495e272aa3eda8978beefc1d039d66a11f09a05734d3c7ec56ab5094b507f0d
64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d
64e8ce58f2d8ee4332cc27fcb759c31013f418b6523586b6441fd2f097107b35
65c5432288de4fcdf6ec21a0f9533a46a310215e22e79ae7ff449814102445a0
6700d1b49a401ec02f4f9b7ee2bc2b16268ebb8d538b48128c1ad6c1e0766773
6966bd087cb010072d3e36f81d52dc37225d53cc8d4c275d237f8c2ce3c9fd42
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af4bcb3682d264b8c6c71aa0a96f2a707e46621379a0001e5990292c8572f68
6e9edd7e64d4c72718e69fc42b724328b056fcd4c47bf663e876e939bec92b1e
6ece770b9f251a20e98bba619982dc51186b3b037211d695915110111adf063f
6ef0b26f16ecf59e8ec163a899d92edcbf22c89b22ffa793be88ac19dfca82a3
6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5
71566b1911e5beccf7b107cb1a541613f2bbf182ad277d99e0a35e457c71bb71
721df7492b54395377d0730cc8b8f1d1480c0396d49a3046bfb655cce07a82eb
72d4af70a6b8fe2e81d9127ed541e76f8dfc40564fa37e07e1631c8b9c12f2e0
73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e
758bc8e3494b4e52f8ed1a147866ecde4a330fe0bb3f0aa1cd650f18acf34d7a
75f46f863b37ada8682d1e3f7efd65289a8d8e2272c0f1559b4ff2c956ab0315
77a8838e3b7d7419c7cf2384374cb01add21a311c9bee83960c652a6bbdf56ae
7845267ae53970ff5d1b6bdbb5eda70c2a6a9edd8e5468e38536023e77220074
79011209c373b5535ddc2702eb2fd4b4106797a9e8b4e4573bfacfcb3f976f59
79b181b859fd02dd35b1171e66d516c17dddd0f1e666ecc352756227626b9f29
7b8f7fd16cc689019d0c2c0125c373cd320a5fd19b6164c369590890a745de1f
7e1cfe91067658964e77b49596c9000ece21e1a9e19c7fccc5494894ff3a4510
7f448814993f4a8d3e8f4590c7ede0ef2e503e9f9326083c645a154a2e00a7e0
80117ddb29cb5fc777a0894ef1596151065b8805ceffd2b41327bf633f9ac111
81691baa950bdab9abab164934d982a2238371d1f2f50f74c18017ae9b091583
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
87c14f094253cb7538e516d55c2a6980ff86e4d20f9edb04595724362e3ef2ed
87fe611a5ef64990e71ea393cee23858028522dc7fb8ee1f616a81286799b447
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8950b07df4320437825a697b97a631e1e437855d405178affb6249f9a343f2eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1add45b133053fa46875954e4fd9628e025a077b4f44c6447126ebc5ab2381
8b41263821289570317cfd0670979b400f1c80f84fb9f29b5fd761b0687317e5
8c397a6712f44ed23a49be65fd2e55c3e90eb0d3ef716ebe0828b5f737aab7f2
8cc4df6a1d93b7794d21dffe137a123438763d8cb0b620d3ef2d1814cd28eba0
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
8e504412fa8566caae82c76a5212c4ae0fbcb94cd2483adc095eb2bec5e2c72e
8ef8eadcb7682cb89f339014580eac4541fea890d200fcd2aa3cc94cfcf23e55
91e1a12929e6014f3d6d03c20f6123738b040462e3e8bd595df1b2f6529f4e5b
922082bfc728630c5220413f5c3f362ed7c45e321260411c2fe2cd21ff0879d3
924b08b6ebd1b1f8672dc271cdab3fb89b1710afd74b0f9caac4cbd2c6c1edae
94777943371b42ba3b86120d52f2e50383c90b3a192bee61a64540360d634c26
978e92d4d78fe3dcc45fb38fd44c91b8f1dfa6031eb75fcba221db216e36dc9a
9794f3b7aed63faf7f5d361c9b906068c22b4acd443ebc4a49e90ec3cb0f4dd9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9950a35c46164a5379c34e04fa19cbb757cea949d729feb90e4b61889c565f20
998903835942fac92a7bfa991c0111e85ba597e5c9c686c6329926f264a0babf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ebefc6d820d1a4fc5353bdf009f7973e2254581f7917e961480a03bf4fa6f0
9a11e37cf91698aad83112484e3499d9b23b27302ca46a5e71ffb311f0de1b17
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9bcc1a413d4026fcc5ec55b5dc7e23805236cfb990b507a9044bb47b164cad66
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
9dbfe94a846a31999a41f2e3949729e4216f6b9506c82c0c5aa44176eaff510d
9ef77b18dfbf75133f1d9bb3e222dcf3f7c8708acfc2406ec597e13b9406101a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13dfd25c1306f5b1e64beed6584109124a7a326638ef0e87348a7ed63023b19
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f
a39cfeea4bb221c0683a69d71359de60099b395c5ea0bf1849637fea2868dcf3
a4b74104974b47ebf3d45cc32f1929cbe05289f36987d320eed3dc90f8d6fbf2
a5a263756e794d5ad9a686025bb4174bd55dbbca9635748b247a8a527e89354c
a5eb56c6311aa4316a9c08cef635a6a5c2655100b89ae39bf7891e41722b3639
a71fba5a99f1949fc8a60ba0d7aed7d83026d099c9421ca821a69387aa9f545b
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
a971f8f24fa5581e2d55947a5c1e05ce52cb44ebf12f6b858e586522073a5b7b
ab608ae91b59dbb48c7c30c9481f5eda570179428cece656ca10ac59830b511b
ab86cb45e2d8101d3b8733d8f58a58eb6bec8449a3a6f5cf2b45cfe0d32c597c
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
ad2ee104d5c167aed2fc52c327137df29e479bb934beff99b6779dad7d0d0917
af22e6bb1626b33603bc97ea635ecbb9608797dfd5e00769d1ef4c4363bf2ae1
b08cb4df0fc2cd3af5b07b85d035e9ca9af934e6bf61f6e47f86b210690e1f37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5612f69b7e9bc926acd5b28953653996ec75e6de73fdb110f3598c28754a610
b6a501dae0ff55a967880e5a6b1caa0caf12e9b35e479542b8f3fac89d69d56c
b6eab03ad51f93654e0fb62df33e915fe237c4c505d5e9d6519b012e909ea549
b8ba057fa64029eed55cc954869661ec73362292afee75c4b8f74961511120ad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb5c2f85fb0b8435885c5816d9a8fdadfccb4b75bb017bcfefff7d391c72ff8
bd8e0b669dd11f9eb42a467db749bd6168f944c3c9e82461d0e84d6429064554
bdad2e3f8d79600eb0a61c57a568a7910cc93c77bb956b92e11184436cf95a4d
bdbda48bdc0153b50ab58bd701463558a613e614a3a0a822ea113180ed0a417c
be7fbbae4d2bc676ad2fceef0baa5e91233a24969079bd6f10e0d7df604b76b4
bf7cfb4daea39c77f62c6f21fcf70531ab3080b9b26060b61ecf344c69659f5d
c062ebd66689c4fc70a9e28058f6f1c6ad55ebfd84d7957f0cb2471d7f1fd36c
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424
c2826662aa8ed619ed54af92065f3a6e80f4570e341c2d8daa95530548b26306
c2a5b2b2e98a14f163f3ac3baf6edb445a5446baff45e8139efc0f30efc4a78a
c2b4dbc03e748f5021a768a9478941d40371c44cfe36183c48c01018a1a110d9
c75b1164741e2d46de2d96b8684b39ac11b566d4c999ae91d186ac317b2927be
c889a12e296533a6361dfebbe6ccdfa3d8e1a38d3c2e0504ef0dc4da5a48a3c8
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
cac3757b6db31bd3c30a4bd56a913f3e5d37a334299257c5911ad4c8f7b4082e
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d179a95f323fea709ddba50be80ca43e77c316ebd7dc18583bd42144efadfbe0
d2a05ff92bc20b705d1f09271527dac3e7b24b0d38986dbaa83817544d80b0fe
d3310e4c9856362bc33a710693c752a4a5278b3c6635a8826aa7aed2c74d0483
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d535fbb135127255dfe0d265d35220ebefe02973c46596736603c97a3a8a42a0
d55f85cb1a0d87fcddc112f8348aa55dafa8a2b72cac0c7b97fef541dc4869fa
d95cfa32ec5c1a59de72dacc5b359d8c4c8f562bf3c44cc962eed8a9924af758
d9d84bb996279cf311996e3ddeee766bb52181b0a3a57baeade3f078c8fbbc5b
db2025289da025badf9d4a61a150e0a5bf241200d186b96ea9763846a45c170b
dc35ba3b66f65d5e9df410362da83d79bdb1d6e6fd59bc91f4a0b3164d5167fa
dd3307a05d3466cfcb2b79872d36c0688389e2fec8e4bb9ff8a13f69dd49d41f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f0b5d3e35ffdf7c8d3aca66ab9591e8f57229a36fea2a9c2f246f99d6f202e
e458fde2b6bca16ceea6c719dde735764efaadfc9a5c526febd0658b3394ea6e
e5eb597d69d2a0820d2c3a9d3bf8fe5f3da976f57ea54fed66243f1782f0e2f1
e8aae41e1a2b8d60ec5c73a13665fe0946db2aef3d557c8704629711bd277320
ea0a73f79d3a48d4ae551bf0360b4ccfe0be6c02646d5bbc218425ed3d5db8c2
ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837
ebca132a3e958d38c903df746ea515e0b43e6c8bd2d909fa213fdafb53d39f45
ebef128b3ec706f4b46ad06a47d701e9dddc38dbbb91e0870510b8501a2570fa
ec3416d6b304b622e1d270b35159341b6b3e95fc55ec2015ba8f4a2fe24dd2bb
ec63fc7e4afd3dd55f868192f094718a981b0f636f6d1f0e1fab0caf27313421
ecf195a492087cf7849821d85ff95d206b91fbe07381d494a74b57a0eaa96504
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee1a12a0421e8662c1a027f6a956c27d517c5e3bb841d2a85e262e684fc19d99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
ef5695392329615991aef82ee880b52c17e6dd36d875c34000975d796a602815
f16c526827b6837e7c7f48482f72574b6db9ee13cbbf0e6cffe4b0eb263b3f75
f24a06411c8df5fe23242f307ed344660d896add1790cde721b5feaa7f90179b
f2525634cafe04563f4e71e4745c1aaf3603c04ee7d4e61a8f7c0c1d35415f61
f44e9c872141fdc5eb5fbff567a5d1be662c1a3d97de09dd01eec82c48cddbda
f5bc7336ee1e5c43bb4af1c3af966d3bb588961ee01371dbdadc3c89409f1884
f684a0760b005a69495b8af0118ba6e3181bf1e41c6dbf1d9f642eb0a0d19cb2
f6d3b81d7cf7f951d87a3f2c4939b1c8e335e68f27818ff64ad77ded066766d3
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f99773abc36c62afc7b0e7173181c7af23da42d6b4e9f480169dcb478862e9d4
f9a1d14cef26ba37d91ce0b0e355558f453af19585e4a8ffae4e83fd6e7b3b94
f9c10602b3d4b7bed9b9a7bc3a9f0e4db880e454c4e64f1b938fb6bb55bfa8d4
ff96436c4de02261766ea0d90b99bece5a07b19ca4dce0f90363908218085bc3
ffba6237ef5da71fc6676efc75a9ae67d9f6d01819c1337f0bf9bc20f1255cca

xincarning.cyou Open in urlscan Pro 104.21.20.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

327 Requests

91 %HTTPS

0 %IPv6

83 Domains

115 Subdomains

95 IPs

6 Countries

3932 kBTransfer

10959 kBSize

134 Cookies

18 Outgoing links

Redirected requests

327 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xincarning.cyou Open in urlscan Pro
104.21.20.61 Public Scan

Screenshot
Live screenshot

Full Image

327
Requests

91 %
HTTPS

0 %
IPv6

83
Domains

115
Subdomains

95
IPs

6
Countries

3932 kB
Transfer

10959 kB
Size

134
Cookies

327 HTTP transactions
1 data transactions