chicenter-com-thank-you-receipt-passages.qwkcheckout.com Open in urlscan Pro
209.170.211.182  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response chicenter-com-thank-you-receipt-passages.qwkcheckout.com/	16 KB 5 KB	392ms 238ms	Document text/html	209.170.211.182 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS Software Ontraport / Resource Hash 12cd7fc815ee99689e16a4ab086c9e0c8d29fb48cc746c6a81c89bb13ec1c86b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 03 Sep 2024 14:12:42 GMT P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Server Ontraport Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding Accept-Encoding X-op-ca 5.181.234.134
GET H2	200	normalize.css optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/	2 KB 927 B	115ms 26ms	Stylesheet text/css	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/normalize.css Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85129671a3a7e50e880d82cdf2666bc6303c5719db28dbabbaa7bfdc7425d11b Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 2769 cf-polished origSize=7797 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.137 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:12 GMT server cloudflare etag W/"66d1199c-1e75" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd6561629280f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	skeleton.css optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/	6 KB 2 KB	131ms 42ms	Stylesheet text/css	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/skeleton.css Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0f34d8a7768c26a7fa26614bc8fd032eb5e1fff3284f26c73058ef14bdb7a4d Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 4137 cf-polished origSize=11452 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.147 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:12 GMT server cloudflare etag W/"66d1199c-2cbc" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd65616292d0f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	skeleton.ontraport.css optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/	10 KB 3 KB	114ms 25ms	Stylesheet text/css	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/skeleton.ontraport.css Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa148541eb52fe7dba38df3c1a81d6172e22e0996427e019593229aac10a5d4e Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 6284 cf-polished origSize=20359 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.147 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:12 GMT server cloudflare etag W/"66d1199c-4f87" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd6561629290f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	fonts.css optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/	222 KB 7 KB	113ms 25ms	Stylesheet text/css	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 673d7219f1c3a603171ef0b35eeee5c5c7968127c779bda31f2edaba0fd94ce2 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 367 cf-polished origSize=347840 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.202 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:12 GMT server cloudflare etag W/"66d1199c-54ec0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd6561629260f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	wysihtml5-textalign.css optassets.ontraport.com/opt_assets/blocks/common/css/	297 B 195 B	112ms 24ms	Stylesheet text/css	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/blocks/common/css/wysihtml5-textalign.css Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ba404759a02456dad5471f582d230e6f59bfbecc57c088737c34f433aa49a10 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 6421 cf-polished origSize=769 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.197 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:12 GMT server cloudflare etag W/"66d1199c-301" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd65616292b0f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	tracking.js Show response optassets.ontraport.com/	8 KB 3 KB	15ms 14ms	Script application/javascript	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/tracking.js Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 1366 cf-polished origSize=12107 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.155 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:05 GMT server cloudflare etag W/"66d11995-2f4b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd6561689ab0f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H/1.1	200 OK	127812.b7556ca29dae4362808c4fde692e0f75.PNG i.ontraport.com/	60 KB 61 KB	767ms 582ms	Image image/png	108.138.128.84 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/127812.b7556ca29dae4362808c4fde692e0f75.PNG Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.128.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-84.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 26f39e3600b15703560a4fc1d61fb1bab8edf27823d7efab296cab013c688274 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Tue, 03 Sep 2024 14:12:44 GMT Via 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront) x-amz-request-id KSCQ7MHYQ3XHB4QH X-Amz-Cf-Pop JFK50-P4 X-Cache Miss from cloudfront Connection keep-alive Content-Length 61948 x-amz-id-2 +/aBMesBcgyQL6SHyaeiU+qVRdGmJTpEkjeN+v/uJ4/hFNYBJj60c1eiFD6dDE/QOnCcSjhLGWs= Last-Modified Thu, 18 Oct 2018 22:41:51 GMT Server AmazonS3 ETag "b93f9a7cfb48afdd55db02b7d9ece1c8" Access-Control-Allow-Methods GET Content-Type image/png Access-Control-Allow-Origin * x-amz-meta-touched true Cache-Control max-age=84600, public, no-transform Accept-Ranges bytes X-Amz-Cf-Id ZcYk1VRO8bOPBNh32ZzPDEX_VSECqCPhkZqVpit12wC0WlctSnuseA==
GET H/1.1	200 OK	127812.670016c6e5a946d7543ed91a3dc104d8.PNG i.ontraport.com/	56 KB 57 KB	773ms 589ms	Image image/png	108.138.128.84 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/127812.670016c6e5a946d7543ed91a3dc104d8.PNG Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.128.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-84.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 22421e79052f8e2f17202d449d4f6147cb832c1b74b03fb3b80825a97c8577c1 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Tue, 03 Sep 2024 14:12:44 GMT Via 1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront) x-amz-request-id KSCQNAVT0YVFMSGA X-Amz-Cf-Pop JFK50-P4 X-Cache Miss from cloudfront Connection keep-alive Content-Length 57421 x-amz-id-2 VyHs1Jz3M4Y5w+rLAbyJxGdSK8D/FRxQHL3vb47KzCgeZt0vaG97/p809/gIAS4FulxllPRTWlE= Last-Modified Thu, 18 Oct 2018 22:41:43 GMT Server AmazonS3 ETag "d260ff91151e0bb67be81e79a3639282" Access-Control-Allow-Methods GET Content-Type image/png Access-Control-Allow-Origin * x-amz-meta-touched true Cache-Control max-age=84600, public, no-transform Accept-Ranges bytes X-Amz-Cf-Id wHYvC5VOLCNqS7sgY6fnFddCEKR7q0sskBO8FqJtCAZmzqUobi-5Uw==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.1/	92 KB 33 KB	338ms 7ms	Script text/javascript	142.251.35.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f10.1e100.net Software sffe / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 12:44:48 GMT content-encoding gzip x-content-type-options nosniff age 350874 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33333 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 12:44:48 GMT
GET H2	200	underscore.js Show response optassets.ontraport.com/opt_assets/blocks/common/jQueryPageBackgroundPro/js/libs/	14 KB 5 KB	16ms 15ms	Script application/javascript	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/blocks/common/jQueryPageBackgroundPro/js/libs/underscore.js Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33d5d79c5f06aee16f3f4e577b87bb4ec09435d1c4811bd7f73f299b492fdc51 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 5506 cf-polished origSize=14319 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.166 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:12 GMT server cloudflare etag W/"66d1199c-37ef" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd6561689a90f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	globalize.js Show response app.ontraport.com/js/globalize/	14 KB 6 KB	214ms 26ms	Script application/javascript	172.64.155.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.ontraport.com/js/globalize/globalize.js Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82fc1dcd60ea5ecf1a0362d8d87deb5d5686bf739f8d23c78f248477ba3d6c07 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 72 cf-polished origSize=19965 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.203 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:10 GMT server cloudflare etag W/"66d1199a-4dfd" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1200 access-control-allow-credentials true cf-ray 8bd65617bdc0c334-EWR expires Tue, 03 Sep 2024 14:32:42 GMT
GET H/1.1	200 OK	127812.c633836a2e367486296d09c73c49af05.JPEG i.ontraport.com/	169 KB 170 KB	623ms 616ms	Image image/jpeg	108.138.128.84 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/127812.c633836a2e367486296d09c73c49af05.JPEG Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.128.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-84.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 7e135c264c46756566575e8f4e45621048bae60052dd2658fdb30a9c2c70900b Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Tue, 03 Sep 2024 14:12:44 GMT Via 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront) x-amz-request-id KSCNGB4FN033WW3C X-Amz-Cf-Pop JFK50-P4 X-Cache Miss from cloudfront Connection keep-alive Content-Length 173407 x-amz-id-2 KZim4fiwZ1KmmKHJ0JNbDNDnmBFAdMJ5C3SYCqEPw6A9m2D74YIdKXQXvNeDuggZJikIa6i5vNY= Last-Modified Thu, 18 Oct 2018 22:41:52 GMT Server AmazonS3 ETag "958291d0c255fa345b2dfb26701c9118" Access-Control-Allow-Methods GET Content-Type image/jpeg Access-Control-Allow-Origin * x-amz-meta-touched true Cache-Control max-age=84600, public, no-transform Accept-Ranges bytes X-Amz-Cf-Id pS0jXXHU5th_S8_2VvbGO7V_WDGwSwoF3FXfb2qmmXU3foRSpTObIA==
GET H2	200	oswald-v49-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-700.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	25 KB 25 KB	423ms 405ms	Font application/octet-stream	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/oswald-v49-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-700.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23dd9dd46ea206093e13e414d25d9331cdd42e8b3362edede6a90ecfc7d36279 Request headers Referer https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Origin https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:43 GMT content-encoding gzip cf-cache-status MISS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.70.134.28 last-modified Fri, 30 Aug 2024 01:00:14 GMT server cloudflare etag W/"66d1199e-6424" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd656171e5f0cc4-EWR expires Tue, 03 Sep 2024 22:12:43 GMT
GET H2	200	oswald-v49-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-200.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	24 KB 24 KB	207ms 190ms	Font application/octet-stream	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/oswald-v49-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-200.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b1850b90563b7321f0a5bcb616ccd33b9b243ef0f1a0042356704bfd1c782f7 Request headers Referer https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Origin https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding gzip cf-cache-status MISS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.178 last-modified Fri, 30 Aug 2024 01:00:14 GMT server cloudflare etag W/"66d1199e-6104" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd656171e670cc4-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	55 KB 55 KB	161ms 144ms	Font application/octet-stream	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c11cfbd87aed976e8b636a1b3474310343b83bc9ded516c26fb51cb97eecad96 Request headers Referer https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Origin https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding gzip cf-cache-status MISS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.178 last-modified Fri, 30 Aug 2024 01:00:14 GMT server cloudflare etag W/"66d1199e-db48" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd656171e630cc4-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	raleway-v28-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	52 KB 52 KB	168ms 151ms	Font application/octet-stream	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/raleway-v28-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-regular.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32a23778519e4f3db43b037ed0f8370d967ac9b66bde148f4cc8fb34eb603120 Request headers Referer https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Origin https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding gzip cf-cache-status MISS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.152 last-modified Fri, 30 Aug 2024 01:00:14 GMT server cloudflare etag W/"66d1199e-d0a8" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd656171e610cc4-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	oswald-v49-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-300.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	25 KB 25 KB	157ms 141ms	Font application/octet-stream	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/oswald-v49-vietnamese_latin-ext_latin_cyrillic-ext_cyrillic-300.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fdf15332f0fa4e25053c94c0d2b1c9b862634806161bcfdffc4d648d8391f75 Request headers Referer https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css Origin https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding gzip cf-cache-status MISS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.143 last-modified Fri, 30 Aug 2024 01:00:14 GMT server cloudflare etag W/"66d1199e-62cc" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd656171e660cc4-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H2	200	tracking.js Show response optassets.ontraport.com/	8 KB 0	6ms 4ms	Script application/javascript	104.18.32.136 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/tracking.js Requested by Host: chicenter-com-thank-you-receipt-passages.qwkcheckout.com URL: https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 03 Sep 2024 14:12:42 GMT content-encoding br cf-cache-status HIT age 1366 cf-polished origSize=12107 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.155 cf-bgj minify last-modified Fri, 30 Aug 2024 01:00:05 GMT server cloudflare etag W/"66d11995-2f4b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 8bd6561689ab0f64-EWR expires Tue, 03 Sep 2024 22:12:42 GMT
GET H/1.1	200 OK	track.php Show response the-chi-center.ontralink.com/	774 B 1 KB	291ms 128ms	Script text/html	209.170.211.179 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://the-chi-center.ontralink.com/track.php?mid=127812&llc=https%253A%252F%252Fchicenter-com-thank-you-receipt-passages.qwkcheckout.com%252F&first_visit=1&referral_page=&s=36shfqdk8kyqf6gxjb4n&l=chicenter-com-thank-you-receipt-passages.qwkcheckout.com/&ti=&is_unique=1 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/tracking.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS mail9.ontramail.com Software ONTRAport / Resource Hash 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Tue, 03 Sep 2024 14:12:43 GMT Content-Encoding gzip Server ONTRAport Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=UTF-8 X-op-release 1 Access-Control-Allow-Credentials true Connection keep-alive X-op-class default X-op-ca 5.181.234.134
GET H/1.1	200 OK	track.php Show response the-chi-center.ontralink.com/	774 B 1 KB	334ms 171ms	Script text/html	209.170.211.179 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://the-chi-center.ontralink.com/track.php?mid=127812_lp451.0_2&llc=https%253A%252F%252Fchicenter-com-thank-you-receipt-passages.qwkcheckout.com%252F&s=36shfqdk8kyqf6gxjb4n&l=chicenter-com-thank-you-receipt-passages.qwkcheckout.com/&ti=&is_unique=1 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/tracking.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS mail9.ontramail.com Software ONTRAport / Resource Hash 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Tue, 03 Sep 2024 14:12:43 GMT Content-Encoding gzip Server ONTRAport Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=UTF-8 X-op-release 1 Access-Control-Allow-Credentials true Connection keep-alive X-op-class default X-op-ca 5.181.234.134
GET H/1.1	200 OK	127812.882b63845e6e3184644255effdf41340.PNG i.ontraport.com/	297 KB 298 KB	641ms 640ms	Other image/png	108.138.128.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://i.ontraport.com/127812.882b63845e6e3184644255effdf41340.PNG Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.128.84 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-84.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 9fee7a110334e4778bc4afdc80044bee864bdfd19f5453cabdba76d7db1cbfd4 Request headers Referer https://chicenter-com-thank-you-receipt-passages.qwkcheckout.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Tue, 03 Sep 2024 14:12:44 GMT Via 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront) x-amz-request-id KSCKKTAAN2J4G8S2 X-Amz-Cf-Pop JFK50-P4 X-Cache Miss from cloudfront Connection keep-alive Content-Length 304460 x-amz-id-2 3wh6x5j8q4dfWIYU/eGRPU93D9hlGOWHFp8Y6K0U9hTNd7PngOZsIOFA8ZISisnDNvbBhc6X5G8= Last-Modified Thu, 18 Oct 2018 22:41:46 GMT Server AmazonS3 ETag "8352903cc9f8f7125f81c9de7a1419a7" Access-Control-Allow-Methods GET Content-Type image/png Access-Control-Allow-Origin * x-amz-meta-touched true Cache-Control max-age=84600, public, no-transform Accept-Ranges bytes X-Amz-Cf-Id D7-8YJxjjYpjbRRkE0Imwc557l_bo63L4uy87NIi_KcUCwzoIGNlyw==

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dcParam string| awsParam string| _opt_lpid boolean| isONTRApage string| _mri object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible function| $ function| jQuery function| _ function| Globalize object| _mrTrackLinks

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			chicenter-com-thank-you-receipt-passages.qwkcheckout.com/	1969-12-31 23:59:59	Name: lpsplt_451 Value: 0
			chicenter-com-thank-you-receipt-passages.qwkcheckout.com/	1970-01-21 08:52:12	Name: sess_ Value: 36shfqdk8kyqf6gxjb4n
			chicenter-com-thank-you-receipt-passages.qwkcheckout.com/	1970-01-21 08:52:12	Name: referral_page Value:
			chicenter-com-thank-you-receipt-passages.qwkcheckout.com/	1970-01-21 08:52:12	Name: vid Value:
			chicenter-com-thank-you-receipt-passages.qwkcheckout.com/	1970-01-21 08:52:12	Name: lastvisit Value: 1725372763
			the-chi-center.ontralink.com/	1970-01-21 03:35:24	Name: sess_ Value: 36shfqdk8kyqf6gxjb4n
			the-chi-center.ontralink.com/	1970-01-21 03:35:24	Name: mr_src Value: lp451

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.ontraport.com
chicenter-com-thank-you-receipt-passages.qwkcheckout.com
i.ontraport.com
optassets.ontraport.com
the-chi-center.ontralink.com
104.18.32.136
108.138.128.84
142.251.35.170
172.64.155.120
209.170.211.179
209.170.211.182
12cd7fc815ee99689e16a4ab086c9e0c8d29fb48cc746c6a81c89bb13ec1c86b
22421e79052f8e2f17202d449d4f6147cb832c1b74b03fb3b80825a97c8577c1
23dd9dd46ea206093e13e414d25d9331cdd42e8b3362edede6a90ecfc7d36279
26f39e3600b15703560a4fc1d61fb1bab8edf27823d7efab296cab013c688274
2ba404759a02456dad5471f582d230e6f59bfbecc57c088737c34f433aa49a10
32a23778519e4f3db43b037ed0f8370d967ac9b66bde148f4cc8fb34eb603120
33d5d79c5f06aee16f3f4e577b87bb4ec09435d1c4811bd7f73f299b492fdc51
4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f
673d7219f1c3a603171ef0b35eeee5c5c7968127c779bda31f2edaba0fd94ce2
6b1850b90563b7321f0a5bcb616ccd33b9b243ef0f1a0042356704bfd1c782f7
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48
7e135c264c46756566575e8f4e45621048bae60052dd2658fdb30a9c2c70900b
7fdf15332f0fa4e25053c94c0d2b1c9b862634806161bcfdffc4d648d8391f75
82fc1dcd60ea5ecf1a0362d8d87deb5d5686bf739f8d23c78f248477ba3d6c07
85129671a3a7e50e880d82cdf2666bc6303c5719db28dbabbaa7bfdc7425d11b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9fee7a110334e4778bc4afdc80044bee864bdfd19f5453cabdba76d7db1cbfd4
c0f34d8a7768c26a7fa26614bc8fd032eb5e1fff3284f26c73058ef14bdb7a4d
c11cfbd87aed976e8b636a1b3474310343b83bc9ded516c26fb51cb97eecad96
fa148541eb52fe7dba38df3c1a81d6172e22e0996427e019593229aac10a5d4e