urlscan.io logo urlscan.io
SecurityTrails logo

accounts.shopify.com Open in urlscan Pro
185.146.173.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mxpodium.com/#ce
Effective URL: https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
Submission Tags: 0xscam
Submission: On June 29 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 185.146.173.20, located in Sweden and belongs to CLOUDFLARENET, US. The main domain is accounts.shopify.com. The Cisco Umbrella rank of the primary domain is 53712.
TLS certificate: Issued by E1 on May 31st 2024. Valid for: 3 months.
This is the only time accounts.shopify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 23.227.38.65 13335 (CLOUDFLAR...)
4 8 185.146.173.20 13335 (CLOUDFLAR...)
1 104.17.2.184 13335 (CLOUDFLAR...)
1 104.17.3.184 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains		 Transfer
6 shopify.com
accounts.shopify.com — Cisco Umbrella Rank: 53712
137 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
2 myshopify.dev
mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev
2 KB
2 mxpodium.com
mxpodium.com
1 KB
8 4
Domain Requested by
6 accounts.shopify.com 2 redirects accounts.shopify.com
2 challenges.cloudflare.com accounts.shopify.com
challenges.cloudflare.com
2 mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev 2 redirects
2 mxpodium.com 2 redirects
8 4

This site contains no links.

Subject Issuer Validity Valid
accounts.shopify.com
E1		 2024-05-31 -
2024-08-29		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
Frame ID: 5C23195FB10C64DE0C53C1CA9B73FCB9
Requests: 7 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lx7oh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 2371C750145F9273EC5EBD62BDFD628D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Verifying your connection...

Page URL History Show full URLs

  1. https://mxpodium.com/ HTTP 301
    http://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 307
    https://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 302
    https://accounts.shopify.com/oauth/authorize?scope=openid+email&response_type=code&client_id=b453446d-e0f... HTTP 302
    https://accounts.shopify.com/select?rid=582b6f8c-b681-4eed-8f0c-8142c5bd8743 HTTP 307
    https://mxpodium.com/ HTTP 301
    http://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 307
    https://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 302
    https://accounts.shopify.com/oauth/authorize?scope=openid+email&response_type=code&client_id=b453446d-e0f... HTTP 302
    https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df Page URL

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

146 kB
Transfer

450 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mxpodium.com/ HTTP 301
    http://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 307
    https://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 302
    https://accounts.shopify.com/oauth/authorize?scope=openid+email&response_type=code&client_id=b453446d-e0fe-4cfc-ac90-a129d3114660&redirect_uri=https%3A%2F%2Fcf-auth-worker.myshopify.dev%2Foauth%2Fcallback&state=9d1cb560a7f1cab1ae636729f07414f8b1a403f2c29880ee318fed77ecd55a4e752fb6a9e6cb284c1829a860ed527f8fd10e4e0c68a6e631a37c13dbf40b338b&nonce=nonce-b250fe1cae8b63c0ff86e955183f16bbd73842e99dc5be4c9d5021a5095f21562f7b5f8937032a10a27584ce9afbf3370f01a8864ccc71540dde2c50883e8ca9638c2a4d3d6ca1b3d48bc92d39f7aa4f89d583ac275dc686b83d9ccfa1623d86e4df5ff8ab5351e64898a7fec5e97f3020f12f48693d2b25d30a6bc0dff9eb56&prompt=select_account HTTP 302
    https://accounts.shopify.com/select?rid=582b6f8c-b681-4eed-8f0c-8142c5bd8743 HTTP 307
    https://mxpodium.com/ HTTP 301
    http://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 307
    https://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/ HTTP 302
    https://accounts.shopify.com/oauth/authorize?scope=openid+email&response_type=code&client_id=b453446d-e0fe-4cfc-ac90-a129d3114660&redirect_uri=https%3A%2F%2Fcf-auth-worker.myshopify.dev%2Foauth%2Fcallback&state=aaa3e83925e4f71c3590ddfa5abae1fb02d79a68f7ad026fc5d3bc8ed31a12ae2812382f79ae2a0ea3e062b0cda9c40772efa5f936baa01a0aee371a36a3aacf&nonce=nonce-42be86517f4bc84ad582e08c9eef09035d5f5f8004f7b79af7fdcda0745686c3c6695198386d3a7be26836ea96d804e9aa944cd65f0f2673e23e0ae0b8ddd68258ab5d85c288f9645ed2dab676ea8351824794ca7c531b90fb96e90b1aa5e486d3016e6f6d95f7c9c0d1d1aba226693c75c381ab487a42e92f29ec90dc2c0672&prompt=select_account HTTP 302
    https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request select
accounts.shopify.com/
Redirect Chain
  • https://mxpodium.com/
  • http://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/
  • https://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/
  • https://accounts.shopify.com/oauth/authorize?scope=openid+email&response_type=code&client_id=b453446d-e0fe-4cfc-ac90-a129d3114660&redirect_uri=https%3A%2F%2Fcf-auth-worker.myshopify.dev%2Foauth%2Fc...
  • https://accounts.shopify.com/select?rid=582b6f8c-b681-4eed-8f0c-8142c5bd8743
  • https://mxpodium.com/
  • http://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/
  • https://mx-podium-b2f5d29d9a0df165b004.o2.myshopify.dev/
  • https://accounts.shopify.com/oauth/authorize?scope=openid+email&response_type=code&client_id=b453446d-e0fe-4cfc-ac90-a129d3114660&redirect_uri=https%3A%2F%2Fcf-auth-worker.myshopify.dev%2Foauth%2Fc...
  • https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
13 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834591ff0823aa2ff07efc38dd6af7bfa93c33a9f7f7a8e231c907256c388925
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
E4DB8/ihuByOLBGbZRk5QsY2tB2FlTkjeOlYCYHKZgvMnH0i8viNTjoY9ArDNsM+xwUuN2VGOVULCLIyvQoYI+xtCKiuEikcjv+vOEp91uaizjSxOlN2JzUyvVLijFQE4lR/sJZ8zX94ZEZj/8Q4YA==$Aw8fzLV/LqJjsHmWdAFYsw==
cf-mitigated
challenge
cf-ray
89b85bd36fba36a1-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jun 2024 19:35:15 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxVtwCWp5UxIE8Qec4%2FF4YmJ%2BDQAD9EZu8%2BruXPXtSd8vFt2oqlwTmIQXqGvGcEgAnFXwp92lrd9MKalu9N4yyn6A0%2Fp761cmDmxUvvzmJBDjF93FLUoMRk8nFCWVOzfOn4c8lPr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfRequestDuration;dur=22.000074
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-options
nosniff
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, private, must-revalidate, max-age=0
cf-cache-status
BYPASS
cf-ray
89b85bd26e6036a1-YYZ
content-length
0
content-security-policy-report-only
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' https://app.shopify.com/ https://atlas.shopifysvc.com/ https://monorail-edge.shopifysvc.com/ https://hcaptcha.com https://*.hcaptcha.com; font-src 'self' shopify-assets.shopifycdn.com shopify-assets.shopifycdn.net fonts.gstatic.com cdn.shopify.com cdn.shopifycdn.net; form-action 'self' https://app.shopify.com/ https://shop.app/ https://cf-auth-worker.myshopify.dev; frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com https://*.spin.dev https://shop.app https://pay.shopify.com; img-src 'self' proxy.shopifycdn.com data: notify.bugsnag.com shopify-assets.shopifycdn.com shopify-assets.shopifycdn.net cdn.shopify.com cdn.shopifycdn.net www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-6k4WOAfvSl7DOwpWH52bnc0hmtQQjXVf5jv/uDuT7D0=' https://shopify-assets.shopifycdn.com https://shopify-assets.shopifycdn.net https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com https://*.spin.dev https://cdn.shopify.com https://cdn.shopifycdn.net; style-src 'unsafe-inline' 'self' https://shopify-assets.shopifycdn.com https://shopify-assets.shopifycdn.net https://cdn.shopify.com https://cdn.shopifycdn.net https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=new&source%5Bapp%5D=identity&source%5Bcontroller%5D=oauth%2Fauthorizations&source%5Buuid%5D=6a54d7c3-4bcf-478a-802f-362da6aaea0e-1719689715
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 29 Jun 2024 19:35:15 GMT
location
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnjnxKM%2Bb3QiBbWGfs0uervzfQNZEfJUpBDdmWWAaDR8IPZaOib01UBtZH%2FXzMnXNlxJqsC5%2Fop2NVrcaM8GQlj3IE6nOHsXbMNgJsE%2FiSPc8%2F%2FmXpn2vY8df79%2FojUcNyibk76S"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=34, socket_queue;dur=1.415, edge;dur=1.02, util;dur=0.1 cfRequestDuration;dur=126.999855
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dc
gcp-us-central1,gcp-us-east1,us-east1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
6a54d7c3-4bcf-478a-802f-362da6aaea0e-1719689715
x-robots-tag
noindex,nofollow
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=new&source%5Bapp%5D=identity&source%5Bcontroller%5D=oauth%2Fauthorizations&source%5Buuid%5D=6a54d7c3-4bcf-478a-802f-362da6aaea0e-1719689715
v1
accounts.shopify.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		366 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.shopify.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89b85bd36fba36a1
Requested by
Host: accounts.shopify.com
URL: https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88dcd0cf88d547c030270f81e58576d92d5a02e1087200ec95e9380c6f6fc9d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df&__cf_chl_rt_tk=yx.uJx9rz3nDHSMZsUr4ZJwImdgLlL1si9_NYDeQMvw-1719689715-0.0.1.1-4350
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 19:35:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=soy99qJuNFJEOJCIGsNTZbMi7Pyw9mXDWEfrwL%2BFhbekxyG9ycVIGDeZkbNfDQRq4uhcvjnePvBcc29X9XMDMA%2Ftkk1zkob4y2R4Eldv5NH5KGfXnx%2FL%2FS9hFm4gUBGrGbmqPmqr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server-timing
cfRequestDuration;dur=6.999969
cf-ray
89b85bd4082e36a1-YYZ
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js?onload=KHGO2&render=explicit
Requested by
Host: accounts.shopify.com
URL: https://accounts.shopify.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89b85bd36fba36a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b108c7f687c327d6aa759fd1d255a981d5d505b241b5b968b674e3bf50b2b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://accounts.shopify.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 19:35:16 GMT
content-encoding
br
last-modified
Thu, 27 Jun 2024 13:08:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
89b85bd518e2a238-YYZ
alt-svc
h3=":443"; ma=86400
fe95db14-8405-4b47-92ab-c1c74c4d357a
https://accounts.shopify.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://accounts.shopify.com/fe95db14-8405-4b47-92ab-c1c74c4d357a
Requested by
Host: accounts.shopify.com
URL: https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
favicon.ico
accounts.shopify.com/ 		13 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.shopify.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bec5d26819553f6829e8789622ddadd50a12bb2fd36ef0b924d4659108e65f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 19:35:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-content-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
server-timing
cfRequestDuration;dur=9.999990
alt-svc
h3=":443"; ma=86400
cf-chl-out
SaCx4fWuGAtG70uS/gjay7j9RJwZRQ9eyIrKL8x5ICQeF80Dko+L3b4k/xqb32aPsql7ycrTyMR+G9N66jVHzzSIGAfk6CGWjtm+gyBHsfQfAUFQU1KuEsqOUy2uEDZYr7zSw/1H886Zc15wd5AJoQ==$RTH1JiGR/s2WP4MzZOCqBQ==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBsVu065n9qfYdGBbTdvY%2Fvju%2B5rlYOpBsahjnwIA3g1c09M0c%2BU%2Bk7a82hDND09yPMWTvnjXZuVtXLxcfv7UDhCeKcjB1SEgLdqDTJPYUYkzO9YlasYsFtj6OwNBVAMQ3lg1u8v"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
89b85bd5799f36a1-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT
2a094621e61647a
accounts.shopify.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1067898506:1719688158:1r43dgq2F8LiHIRcKfqnfxIwV6_Zei-bVqPmFauvV94/89b85bd36fba36a1/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.shopify.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1067898506:1719688158:1r43dgq2F8LiHIRcKfqnfxIwV6_Zei-bVqPmFauvV94/89b85bd36fba36a1/2a094621e61647a
Requested by
Host: accounts.shopify.com
URL: https://accounts.shopify.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89b85bd36fba36a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a70f4d4bff3abc3bc9a60cfeed790fc5ba9df1532aa52f6be8a1bc159912df4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
2a094621e61647a
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 19:35:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJplmpJNZtcelf3dqYP%2B4tllxPVs9Iiw5T7wbr5lyPG59E76nLYrx8D7DyVMJtD7EZK2LXo17cfRA75tf4HZcii8mLRifIEdXF18zV8npukOZfXuVpJHvaX2VOnkVhrLz56wsr8r"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
server-timing
cfRequestDuration;dur=26.999950
cf-ray
89b85bd5a9f336a1-YYZ
alt-svc
h3=":443"; ma=86400
cf-chl-gen
fswCXGdqxzqgbFuubs8XSBY2gKMUbtbJkSVGUrZfMCGpp13vJWyNUFA3lUGyypF3$eTYAYDOADUpg5O1j+6MIKA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lx7oh/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 2371 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/lx7oh/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js?onload=KHGO2&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89b85bd68aadaac5-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jun 2024 19:35:16 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
2aa0406b-bed9-4663-aebf-019a25bd6a18
https://accounts.shopify.com/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://accounts.shopify.com/2aa0406b-bed9-4663-aebf-019a25bd6a18
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| _cf_chl_opt object| t string| language string| id object| translations object| target function| KHGO2 boolean| ZFyKf0 function| SBtAS8 function| BGbnV0 function| wsLTs4 function| dscnO2 object| hcQnI6 object| rlmv3 function| VvKsa7 function| dWbrn0 object| sfBA6 number| YdJA6 object| angular object| turnstile boolean| VmyJD3 string| uysSN2

6 Cookies

Domain/Path Name / Value
mxpodium.com/ Name: receive-cookie-deprecation
Value: 1
.myshopify.dev/ Name: __cf_bm
Value: M1_j88avtcOWgtb7KwNEKXXrQDchx.4qDW7aRS6kNcg-1719689715-1.0.1.1-fXJnYxwQu9DbZRyd4Md_p2VtM4Lujcpo3WmEtUVwO7mTfW649sLdG5_RbyEmwQKBXcwUWublWJi3JVF1c.YMSA
accounts.shopify.com/ Name: device_id
Value: qMERBoeWxIX%2BNUqOvyTe1tbz9ipZ5uDUBGUlAgaN7Aju8jreoADRnDPH9cy6KsskdnNzTeU7jQXO0kGI6yG5mqQGAYCNbKpC%2FN4ByI1USVBJQFmsKlhQqxIWGsDLU%2Fjz7dgIqkOdMeugiwEPHjJzzHc%3D--jN24x%2BPC23E9242j--%2BFRSBx1bQsk2lTBYwWNBrQ%3D%3D
.shopify.com/ Name: master_device_id
Value: 9f90937a-60cb-4864-b8df-0b61d6be4a3b
accounts.shopify.com/ Name: _identity_session
Value: 3e53c43913fe94d7bd0eeec52f3e1349
accounts.shopify.com/ Name: __Host-_identity_session_same_site
Value: 3e53c43913fe94d7bd0eeec52f3e1349

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.shopify.com/select?rid=99bb4602-7b1e-4c7b-addc-8276370da3df#ce
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.shopify.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN