GET
H2
|
200
|
Primary Request
/
Show response
butterfieldholidayshopping.com/
Redirect Chain
-
http://butterfieldholidayshopping.com/
-
https://butterfieldholidayshopping.com/
|
15 KB
6 KB
|
401ms
276ms
|
Document
text/html |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 324e275639363b97974bb2dca489ce8cd188a93775839a39c822945787958a8d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
bootstrap.min.css
butterfieldholidayshopping.com/css/
|
227 KB
36 KB
|
51ms
50ms
|
Stylesheet
text/css |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/css/bootstrap.min.css
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a4c123551432f10a965b8a9f706d3a8f9ed36e1564620f520de64cdf5bfe6dc9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
main.css
butterfieldholidayshopping.com/css/
|
44 KB
11 KB
|
52ms
51ms
|
Stylesheet
text/css |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/css/main.css
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 4a5dced7f6ff983df1e485af7cef3349c3155ac9534c4cb50f6ffee033d37d72
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
swiper-bundle.min.css
butterfieldholidayshopping.com/css/vendor/
|
21 KB
8 KB
|
93ms
92ms
|
Stylesheet
text/css |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/css/vendor/swiper-bundle.min.css
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 44e46c4fdef6f1bad12b9a04657312506932a88dec1a3b2830f66ad26c607b07
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
vue.min.js
Show response
butterfieldholidayshopping.com/js/vendor/
|
91 KB
38 KB
|
57ms
57ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/vendor/vue.min.js
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
logo_mastercard_butterfield.svg
butterfieldholidayshopping.com/img/vector/
|
52 KB
40 KB
|
52ms
52ms
|
Image
image/svg+xml |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/vector/logo_mastercard_butterfield.svg
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- df69510676c2f2a7874753499d97de285991eae432dd7cf3c0281871661d745b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
logo_mastercard_butterfieldM.png
butterfieldholidayshopping.com/img/vector/
|
3 KB
6 KB
|
54ms
54ms
|
Image
image/png |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/vector/logo_mastercard_butterfieldM.png
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- cac618443a07dab34ebe9ea03ebd2f5bb736d5fd42fc5ec61ab45f3a8027a833
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
img-landing-card.png
butterfieldholidayshopping.com/img/brand/
|
9 KB
13 KB
|
72ms
71ms
|
Image
image/png |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/brand/img-landing-card.png
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 75607416aa60dfb8d358b29d4b7629fb1a5074a354e9f9a58f5bb471a0c02b9c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
img-landing-card-1.png
butterfieldholidayshopping.com/img/brand/
|
3 KB
6 KB
|
50ms
50ms
|
Image
image/png |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/brand/img-landing-card-1.png
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 3290deee18a4ec2edab9f629b57bbb4063baa38cbe964f99c8ef4405a3a8610d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
img-landing-card-2.png
butterfieldholidayshopping.com/img/brand/
|
4 KB
7 KB
|
54ms
53ms
|
Image
image/png |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/brand/img-landing-card-2.png
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1671f705e135b881a75a5a0840bdd9f6034774e6db6d646c8b4c8d839fc9b174
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
close-circle.svg
butterfieldholidayshopping.com/img/vector/
|
545 B
3 KB
|
63ms
61ms
|
Image
image/svg+xml |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/vector/close-circle.svg
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1df56af66680348c91da9b075e09b0a3f3939383c39ae5afaa04d0e9c1b886a2
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
gtm.js
Show response
www.googletagmanager.com/
|
213 KB
76 KB
|
180ms
79ms
|
Script
application/javascript |
2a00:1450:4001:827::2008
GOOGLE
|
|
|
GET
H2
|
200
|
loading.gif
butterfieldholidayshopping.com/img/vector/
|
61 KB
64 KB
|
56ms
55ms
|
Image
image/gif |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/vector/loading.gif
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 5db74e78c2a94e4d5688344197d46f1e06dde57bb98f5e1d8e983537ec610ef9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
email-decode.min.js
Show response
butterfieldholidayshopping.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
|
1 KB
1 KB
|
44ms
41ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
axios.min.js
Show response
butterfieldholidayshopping.com/js/vendor/
|
13 KB
8 KB
|
69ms
66ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/vendor/axios.min.js
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 8b849e3f5952daf2c7404f61140ed4b275c1e3f01d9cbe6839d276a0a1f1ff94
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
swiper-bundle.min.js
Show response
butterfieldholidayshopping.com/js/vendor/
|
257 KB
57 KB
|
96ms
93ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/vendor/swiper-bundle.min.js
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 899db03a9409a45b4988c60e65b8c08d4c6936d6dda1363d86a5a1298109023e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
popper.min.js
Show response
butterfieldholidayshopping.com/js/vendor/
|
20 KB
11 KB
|
55ms
52ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/vendor/popper.min.js
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 41d59b04452edce75331c4416ff9435de714df5f1183e4e620d259d54874f9af
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
bootstrap.min.js
Show response
butterfieldholidayshopping.com/js/vendor/
|
59 KB
20 KB
|
54ms
52ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/vendor/bootstrap.min.js
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- fb1e9574b097e7e8c86577ea959e36220e65553c96369fc15e98ba6414982e84
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
main.js
Show response
butterfieldholidayshopping.com/js/
|
3 KB
4 KB
|
62ms
60ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/main.js
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- d9d74de704895fbf015da64d019e976c6aaf53d24bb7ce5e636de12d818cfd14
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
site.js
Show response
butterfieldholidayshopping.com/js/
|
230 B
3 KB
|
53ms
51ms
|
Script
application/javascript |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/js/site.js?v=4q1jwFhaPaZgr8WAUSrux6hAuh0XDg9kPS3xIVq36I0
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
bg-landing.png
butterfieldholidayshopping.com/img/brand/
|
1002 KB
1006 KB
|
70ms
68ms
|
Image
image/png |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/brand/bg-landing.png
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/css/main.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b8e4eca40b6c5cff975c70edb3e8c2a2dbe4dc231aebe2b3e904f448b1c9e88b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
Poppins-Bold.ttf
butterfieldholidayshopping.com/fonts/
|
150 KB
154 KB
|
131ms
130ms
|
Font
application/x-font-ttf |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/fonts/Poppins-Bold.ttf
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/css/main.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 7219547ee25334cbac0fe4b3acf0bf631e48ebb622c71af038edaaa652c60875
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
Poppins-Regular.ttf
butterfieldholidayshopping.com/fonts/
|
155 KB
158 KB
|
90ms
90ms
|
Font
application/x-font-ttf |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/fonts/Poppins-Regular.ttf
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/css/main.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
Poppins-SemiBold.ttf
butterfieldholidayshopping.com/fonts/
|
152 KB
155 KB
|
106ms
106ms
|
Font
application/x-font-ttf |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/fonts/Poppins-SemiBold.ttf
- Requested by
- Host: butterfieldholidayshopping.com
URL: https://butterfieldholidayshopping.com/css/main.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
js
Show response
www.googletagmanager.com/gtag/
|
323 KB
108 KB
|
73ms
73ms
|
Script
application/javascript |
2a00:1450:4001:827::2008
GOOGLE
|
|
|
POST
H2
|
204
|
collect
region1.analytics.google.com/g/
|
0
0
|
150ms
50ms
|
Fetch
text/plain |
2001:4860:4802:34::36
GOOGLE
|
|
General
- Full URL
- https://region1.analytics.google.com/g/collect?v=2&tid=G-FKZR04EPRM>m=45je4bc0v9189867276z89189857042za200zb9189857042&_p=1731923499542&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=1892095095.1731923500&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731923500&sct=1&seg=0&dl=https%3A%2F%2Fbutterfieldholidayshopping.com%2F&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1000
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FKZR04EPRM&l=dataLayer&cx=c>m=45He4bc0v9189857042za200
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2001:4860:4802:34::36
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
|
POST
H2
|
204
|
collect
stats.g.doubleclick.net/g/
|
0
564 B
|
149ms
50ms
|
Ping
text/plain |
2a00:1450:400c:c0d::9d
GOOGLE
|
|
General
- Full URL
- https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FKZR04EPRM&cid=1892095095.1731923500>m=45je4bc0v9189867276z89189857042za200zb9189857042&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FKZR04EPRM&l=dataLayer&cx=c>m=45He4bc0v9189857042za200
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:400c:c0d::9d
Brussels, Belgium,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
GET
|
|
ga-audiences
www.google.de/ads/
|
0
0
|
|
|
|
|
|
GET
H2
|
200
|
favicon.png
butterfieldholidayshopping.com/img/
|
14 KB
17 KB
|
55ms
55ms
|
Other
image/png |
2606:4700:20::681a:112
CLOUDFLARENET
|
|
General
- Full URL
- https://butterfieldholidayshopping.com/img/favicon.png
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700:20::681a:112
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- a4a34cbf498055e7264cbcc61eac51e4671a46483733044de80cd61916d561dd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.clarity.ms https://useyourdebittowin.com https://lptag.liveperson.net https://cdn.jsdelivr.net *.cdn.jsdelivr.net *.gstatic.com *.analytics.twitter.com *.twitter.com *.cdnjs.cloudflare.com *.cloudflare.com https://api.smooch.io/faye https://player.vimeo.com *.player.vimeo.com *.googletagmanager.com *.google-analytics.com *.snap.licdn.com *.licdn.com *.static.ads-twitter.com *.ads-twitter.com *.p.adsymptotic.com *.adsymptotic.com *.sync.teads.tv *.facebook.com https://code.jquery.com https://fanaticos.bi.com.gt/ *.jquery.com *.px.ads.linkedin.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com *.connect.facebook.net *.googleadservices.com *.linkedin.com *.stats.g.doubleclick.net *.doubleclick.net *.static.hotjar.com https://static.zdassets.com/ https://connect.facebook.net https://www.googleadservices.com https://static.hotjar.com https://tags.bkrtx.com wss://ws.hotjar.com wss://api.smooch.io https://tags.bluekai.com https://www.google.com https://script.hotjar.com *.script.hotjar.com *.grupobancolombia.com https://static.zdassets.com https://maps.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com; img-src 'self' data: https://d1haqd36xwow0n.cloudfront.net *.d1haqd36xwow0n.cloudfront.net https://script.hotjar.com *.script.hotjar.com https://bancoindustrialsupport.zendesk.com https://static.zdassets.com *.script.hotjar.com https://fanaticos.bi.com.gt/ https://backend.activarpromo.com *.backend.activarpromo.com https://test.multistrategy.co/ *.test.multistrategy.co https://analytics.twitter.com *.googleadservices.com *.facebook.com *.activarpromo.com mastercard.multistrategy.co https://www.facebook.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.t.co https://t.co *.google.com https://www.google.com.co *.maps.gstatic.com https://player.vimeo.com *.player.vimeo.com https://maps.gstatic.com *.gstatic.com https://googleads.g.doubleclick.net *.googleads.g.doubleclick.net; media-src 'self'; frame-src 'self' https://* https://static.zdassets.com *.connect.facebook.net *.googleadservices.com *.cloudfront.net https://player.vimeo.com *.player.vimeo.com *.google-analytics.com https://www.google.com *.google.com https://connect.facebook.net https://www.google-analytics.com ; style-src 'self' 'unsafe-inline' https://* https://connect.facebook.net https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com https://www.gstatic.com *.gstatic.com https://use.fontawesome.com *.fontawesome.com https://fonts.googleapis.com *.google.com https://www.google-analytics.com *.google-analytics.com https://www.google.com ; connect-src 'self' https://* https://api.smooch.io/faye wss://api.smooch.io wss://ws.hotjar.com https://static.zdassets.com https://script.hotjar.com *.script.hotjar.com https://connect.facebook.net https://www.googleadservices.com https://www.google.com *.google.com https://www.google-analytics.com *.google-analytics.com *.connect.facebook.net *.googlevideo.com *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com; font-src *.st.dynamicyield.com *.cdn.dynamicyield.com *.rcom.dynamicyield.com 'self' data: https://* https://www.googleadservices.com https://cdnjs.cloudflare.com *.cloudflare.com *.cloudfront.net https://fonts.gstatic.com *.gstatic.com https://stackpath.bootstrapcdn.com *.bootstrapcdn.com https://use.fontawesome.com *.fontawesome.com; |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
1; mode=block |
|