www.newlucks.com Open in urlscan Pro
2606:4700:90:0:2e5e:7a33:90a9:7707 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
Submission: On March 17 via manual (March 17th 2022, 1:04:03 pm UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 65 HTTP transactions. The main IP is 2606:4700:90:0:2e5e:7a33:90a9:7707, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.newlucks.com.
TLS certificate: Issued by R3 on January 24th 2022. Valid for: 3 months.

This is the only time www.newlucks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:90:... 2606:4700:90:0:2e5e:7a33:90a9:7707	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700::68... 2606:4700::6811:534e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:800... 2a04:4e42:800::268	54113 (FASTLY) (FASTLY)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	52.10.92.36 52.10.92.36	16509 (AMAZON-02) (AMAZON-02)
8	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	54.187.182.124 54.187.182.124	16509 (AMAZON-02) (AMAZON-02)
5	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2606:2800:233... 2606:2800:233:ce53:4396:b914:64c2:638e	15133 (EDGECAST) (EDGECAST)
65	16

9 2606:4700:90:0:2e5e:7a33:90a9:7707 (United States)

ASN13335 (CLOUDFLARENET, US)

www.newlucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6811:534e (United States)

ASN13335 (CLOUDFLARENET, US)

static.staticdj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.staticdj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:800::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.10.92.36 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-92-36.us-west-2.compute.amazonaws.com

r.shoplazza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.182.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-182-124.us-west-2.compute.amazonaws.com

size-chart.apps.shoplazza.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2527 c.paypal.com — Cisco Umbrella Rank: 5653 b.stats.paypal.com — Cisco Umbrella Rank: 4438 dub.stats.paypal.com — Cisco Umbrella Rank: 18619 c6.paypal.com — Cisco Umbrella Rank: 6488	375 KB
14	staticdj.com static.staticdj.com — Cisco Umbrella Rank: 58907 img.staticdj.com — Cisco Umbrella Rank: 42852	1 MB
9	newlucks.com www.newlucks.com	60 KB
7	shoplazza.com r.shoplazza.com — Cisco Umbrella Rank: 55442 size-chart.apps.shoplazza.com — Cisco Umbrella Rank: 260577	2 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	620 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
4	gstatic.com fonts.gstatic.com	85 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	221 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68	440 B
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2280	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	36 KB
65	11

	Domain	Requested by
9	www.newlucks.com	static.staticdj.com
8	www.paypal.com	static.staticdj.com www.paypal.com
7	img.staticdj.com	www.newlucks.com
7	static.staticdj.com	www.newlucks.com
6	r.shoplazza.com	static.staticdj.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	www.facebook.com	www.newlucks.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	www.newlucks.com
4	connect.facebook.net	www.newlucks.com connect.facebook.net
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	size-chart.apps.shoplazza.com	static.staticdj.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.shopify.com	www.newlucks.com
1	www.googletagmanager.com	www.newlucks.com
65	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com

Subject Issuer	Validity	Valid
www.newlucks.com R3	`2022-01-24` - `2022-04-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-07` - `2022-09-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-24` - `2022-03-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
r.shoplazza.com R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-04` - `2022-10-31`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.apps.shoplazza.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
Frame ID: B19B54FD2373D10D2E7622C8033DDC42
Requests: 53 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0368D6A8C261B6E7F9B5BBC57AFB9ACF
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?env=production&commit=true&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=50&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVV3b1JsdjNpWjNqdDNvM2hoY2Z0X3RaNWc2dHZlZkVwakNmOVlOR2VIN3E4cF9XcmFsZWl0a0tmTG5XSXM4SExwemFsZ1JBNUFNVDBCWU8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9pbnBsanJiZHhncWV1ZHJpc2V3eXdmcnFjY3lwenMifX0&clientID=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&sdkCorrelationID=f75481927b13b&storageID=uid_dea399872d_mtm6mdm6nty&sessionID=uid_1e399047f6_mtm6mdm6nty&buttonSessionID=uid_9757071336_mtm6mdm6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IjVkYzEwNDNiMjQ2NTFlMmI1ODQ3YTU1YWExZjc3ZTlkMDcyMzkzYTEiLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: 066CC1A5DB2D17FFE936F3B38CBF2135
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: A34E5A1EFCA21DA5FC44E50BC3615E21
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: A0F02F9B7107B77036126FE9FD95675C
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS
Frame ID: D4C6C0257267DFB1E43FC8F715F2A869
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C5149CB0FDB124EA72E6B04C4FE2A348
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carhartt Pocket Tee

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Sensors Data (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

98 %
HTTPS

67 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

2050 kB
Transfer

4381 kB
Size

21
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://www.newlucks.com/products/carhartt-pocket-tee-qe0g

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Carhartt%20Pocket%20Tee&url=https://www.newlucks.com/products/carhartt-pocket-tee-qe0g

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.newlucks.com/products/carhartt-pocket-tee-qe0g&media=//img.staticdj.com/5e79f46fdef13b4773a9a17035256067_1024x1024.jpeg&description=Carhartt%20Pocket%20Tee

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Newlucks-100156879062692

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://b.stats.paypal.com/v2/counter.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS

65 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request carhartt-pocket-tee-qe0g Show response
www.newlucks.com/products/ 180 KB
46 KB 844ms
327ms Document
text/html 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

dc91dbdfd810a1f0747377ab9f01519dea7c13528998b44fa1577f3e9df6d3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 17 Mar 2022 13:03:55 GMT
request-id: 585ae24c-200b-48a8-b8e0-a2f9cdd12d29
server: nginx
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding
x-cache-seconds: 86400
x-content-type-options: nosniff
x-download-options: noopen
x-page-type: 1
x-powered-by: ASP.NET
x-store-locale: en-US
x-xss-protection: 1; mode=block

GET
H2 200 slider-3b32387c13.css
static.staticdj.com/iconfont/font_846249_3zb2b60e2ks/iconfont.css,themes/common/assets/vendor-4d14ea7807.css,themes/theme-5ec6062b58313cab1b76042ca61fc73b.css,themes/header-fd578b3643.css,themes/fo... 186 KB
40 KB 67ms
31ms Stylesheet
text/css 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticdj.com/iconfont/font_846249_3zb2b60e2ks/iconfont.css,themes/common/assets/vendor-4d14ea7807.css,themes/theme-5ec6062b58313cab1b76042ca61fc73b.css,themes/header-fd578b3643.css,themes/footer-8f2f17b7cc.css,themes/slider-3b32387c13.css

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

36f1b4c3c5d8cb038c840c5f9ec40f5f3a09255587e907a8551566a9a09eb405

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28020287
x-powered-by: ASP.NET
request-id: 91e21f12-1a71-4fa0-a207-9f08ae384df9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Apr 2021 05:39:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-polished: origSize=192231
cf-ray: 6ed5ee76fcc801e7-ZRH
cf-bgj: minify

GET
H2 200 5e79f46fdef13b4773a9a17035256067_1080x.jpeg
img.staticdj.com/ 396 KB
396 KB 403ms
366ms Image
image/jpeg 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/5e79f46fdef13b4773a9a17035256067_1080x.jpeg

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b51d051ef0f8b45bb0050111b3e6be2d03a5397543778530522e4c75abc06a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="5e79f46fdef13b4773a9a17035256067.jpg"
expires: Fri, 04 Mar 2022 10:05:59 GMT
request-id: 8d69f690-3da8-469e-a21e-bad35a47eb92
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 405186
x-xss-protection: 1; mode=block
x-request-id: 8d69f690-3da8-469e-a21e-bad35a47eb92
dj-cache: miss
last-modified: Fri, 04 Mar 2022 09:05:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-polished: origSize=424467, status=vary_header_present
accept-ranges: bytes
cf-ray: 6ed5ee770ccd01e7-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 49ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205505252-1

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77d9a71d101328412c013ea2f1e93cc35f737be22c81329b3cd258f8d29bb6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36855
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 13:03:56 GMT

GET
H2 200 afb90979e9a470292185cebe10f330c3_600x.png
img.staticdj.com/ 26 KB
27 KB 216ms
212ms Image
image/png 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/afb90979e9a470292185cebe10f330c3_600x.png

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ec6faf4fd33ad316869f39d331aefb58bb645e2c08e4f854f7dee77850c2b33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="afb90979e9a470292185cebe10f330c3.png"
expires: Mon, 10 Jan 2022 04:30:38 GMT
request-id: 4ca28fe1-aae5-4ace-9273-3f50377e9399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26863
x-xss-protection: 1; mode=block
x-request-id: 4ca28fe1-aae5-4ace-9273-3f50377e9399
dj-cache: miss
last-modified: Mon, 10 Jan 2022 03:30:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-polished: origSize=46337, status=vary_header_present
accept-ranges: bytes
cf-ray: 6ed5ee779dc901e7-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 trust-badge-1.png
cdn.shopify.com/s/files/1/0558/3703/2612/files/ 31 KB
32 KB 528ms
165ms Image
image/webp 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0558/3703/2612/files/trust-badge-1.png?v=1617883886

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-lax10669-LGB /

Resource Hash

381ff6067637453502420d5f13439c4c462e5d65171554be7a5d58e9a110753b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.906,cdnPop;desc=LGB,cdnCache;desc=HIT-CLUSTER
content-length: 32044
x-xss-protection: 1; mode=block
x-request-id: c6e17f70367f313d61a0ce37bd7d37fa
x-served-by: cache-lga21942-LGA, cache-lax10669-LGB
server: cache-lax10669-LGB
x-timer: S1647522237.540232,VS0,VE1
date: Thu, 17 Mar 2022 13:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0558/3703/2612/files/trust-badge-1.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 62ms
36ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: 86o7itSWERf7K9IkaxK0g9oi9Zsntk+Z+8olzZ5P+d4mPbXp/KBtjnGGwscUEP4I+IpEh/1rVAhuqmYhKUpabA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 17 Mar 2022 13:03:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 61c6ff7d3d8309f530c26cf4576bad9d.js Show response
static.staticdj.com/oss/operation/ 62 KB
19 KB 43ms
41ms Script
text/javascript 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2422a1dc66747668eec2b0d4a56ca93bfaedb846625d622976ca3b72f4dd1993

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-oss-request-id: 6082039624A34D39342DABB2
content-md5: Ycb/fT2DCfUwwmz0V2utnQ==
age: 28388902
cf-polished: origSize=63907
cf-cache-status: HIT
request-id: 10282d31-5b0b-4d8d-b5a6-f962500906ed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-oss-object-type: Normal
last-modified: Wed, 29 May 2019 11:32:47 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"61C6FF7D3D8309F530C26CF4576BAD9D"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
x-oss-storage-class: Standard
cf-ray: 6ed5ee77adcc01e7-ZRH
x-oss-hash-crc64ecma: 115218351031286118
x-oss-server-time: 19
cf-bgj: minify

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 132ms
72ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newlucks.com/
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 63206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
DATA 200
OK truncated
/ 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e36a560377ecac02ac51dc4c9479d6e931da0b7c0170723819d135f333331b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 86ms
62ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newlucks.com/
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:33:16 GMT
x-content-type-options: nosniff
age: 55840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 21:33:16 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15103fe52362902c5b51e4ba54241475d67a4521a5c106ccbb4353b974de6bb6

Request headers

Referer
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H3 200 paypal_express.e34031fe.js Show response
static.staticdj.com/ 17 KB
7 KB 253ms
212ms Script
application/javascript 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticdj.com/paypal_express.e34031fe.js

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fc30fce6fcdbe5ea796bfe578ea20364a9ed484509346b6ff765711356c89b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
x-oss-request-id: 6135FCC26135533837AE9B16
content-md5: UXVT6eEg0WvbSAcgpC6bFA==
x-powered-by: ASP.NET
cf-cache-status: HIT
request-id: 77231230-a0e8-4b12-a806-563b6b95fef8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-oss-object-type: Normal
last-modified: Thu, 22 Apr 2021 06:23:07 GMT
server: cloudflare
etag: W/"517553E9E120D16BDB480720A42E9B14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
x-oss-storage-class: Standard
cf-ray: 6ed5ee78482723df-ZRH
x-oss-hash-crc64ecma: 3792442090352611753
x-oss-server-time: 2
cf-bgj: minify

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 37ms
32ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newlucks.com/
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 63205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H3 200 zoom-bad8fec116.js Show response
static.staticdj.com/themes/jquery-min-dbf25edba7.js,themes/common/assets/vendor-6f5abf3a01.js,themes/common/assets/serial_list-a8b9117f0d.js,themes/header-4a4d970725.js,themes/footer-90df86dabe.js,... 276 KB
86 KB 62ms
62ms Script
text/javascript 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticdj.com/themes/jquery-min-dbf25edba7.js,themes/common/assets/vendor-6f5abf3a01.js,themes/common/assets/serial_list-a8b9117f0d.js,themes/header-4a4d970725.js,themes/footer-90df86dabe.js,themes/search-2653810422.js,themes/collection_detail-3ac1d4653e.js,themes/product_detail-82bd61b5de.js,themes/common/assets/zoom-bad8fec116.js

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c2b94654282b1ce3981ab2177117ce73ff80b2380d9ac6aef5061fab7445a99e

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28368495
x-powered-by: ASP.NET
request-id: 585cd0b9-fa6a-4963-b54e-290095387186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Apr 2021 04:55:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6ed5ee783f2601eb-ZRH
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 93ms
21ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205505252-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5346
date: Thu, 17 Mar 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 13:34:50 GMT

POST
H2 200 sa.gif
r.shoplazza.com/beacon/ 3 B
61 B 695ms
160ms Ping
image/gif 52.10.92.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.shoplazza.com/beacon/sa.gif?project=production&store_id=166259&gzip=0

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.10.92.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-92-36.us-west-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
request-id: 0a0e53f7-cd2f-480a-875b-c8bb20e6b924
content-length: 3
x-xss-protection: 1; mode=block

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 65ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

167549d476f2de7aafe21665a35957328e7978580fdad0f2e387ea9ff67a2210

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20657
x-xss-protection: 0
pragma: public
x-fb-debug: fPzD1Mf+Sai4gs51LxrJfJVIXdvmm13YvifRnhecw7UpxPKviGWdu1Pp8Q73tPTzVsojTKsHyf3fGgZM4oy94A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 13:03:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 209282747368546 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 191ms
150ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/209282747368546?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3b51fd0807364f8381e1cf4c0bf32cb27bea7ca30185acfb8d6e181c7d4326a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9ApYyTINFFfFbu1qzyYYLNnNAPva2MiqBiYzNqGH5ypnHrECt3vtF6RdEc+z3Wtyo3+/ezl2t5CvuXkqgdICSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 13:03:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 sa.gif
r.shoplazza.com/beacon/ 3 B
246 B 652ms
157ms Ping
image/gif 52.10.92.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.shoplazza.com/beacon/sa.gif?project=production&store_id=166259&gzip=0

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.10.92.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-92-36.us-west-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
request-id: 6c95fc7d-fa9c-4545-a15f-157cdbb36387
content-length: 3
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
23ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1340574567&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newlucks.com%2Fproducts%2Fcarhartt-pocket-tee-qe0g%3Fscm%3Dspz.search%26ssp%3Dspz%26spm%3D..search.search_1.17&ul=en-us&de=UTF-8&dt=Carhartt%20Pocket%20Tee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1556224148&gjid=1110281378&cid=735507331.1647522236&tid=UA-205505252-1&_gid=1473083650.1647522236&_r=1&gtm=2ou3e0&z=338180779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 13:03:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newlucks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 similar-products Show response
www.newlucks.com/api/product/ 110 KB
10 KB 390ms
390ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/product/similar-products?product_id=339e81d5-d64d-4a08-99ef-4b5877059531&page=1&per_page=30

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/themes/jquery-min-dbf25edba7.js,themes/common/assets/vendor-6f5abf3a01.js,themes/common/assets/serial_list-a8b9117f0d.js,themes/header-4a4d970725.js,themes/footer-90df86dabe.js,themes/search-2653810422.js,themes/collection_detail-3ac1d4653e.js,themes/product_detail-82bd61b5de.js,themes/common/assets/zoom-bad8fec116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c3ded38ca2fe124debc0d0a77b4620767311354417782f7049d20c50275b7dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
strict-transport-security: max-age=315360000; includeSubdomains
request-id: 35b0a670-2422-4ada-a0b4-6d5dbede4550
x-xss-protection: 1; mode=block

GET
H2 200 count Show response
www.newlucks.com/api/cart/ 63 B
412 B 346ms
345ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/cart/count

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

cceddd47ad6eca9ade33922b4890220a642fe68a6e678c19b12b756b535ebf7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: ASP.NET
request-id: 7d0e2034-a8c7-4444-9383-67ee12b10417
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-length: 78
x-xss-protection: 1; mode=block
server: nginx
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, PATCH
content-type: application/json; charset=UTF-8
access-control-allow-origin: storefront
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 js Show response
www.paypal.com/sdk/ 343 KB
107 KB 168ms
26ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/paypal_express.e34031fe.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

45df45c542ffb0c6a5eeecdeb999967d0ebf0e121c3157ab7bdfbc9104e57973

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
p3p: true
paypal-debug-id: a4458a33ed38f
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 108569
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:03:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1a819-JFg/28gLH4Y4wSy/yjA3esJ0bPE"

GET
H3 200 1288752371546099 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 141ms
140ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1288752371546099?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a0d1a98ac96359a1a96fac10c01ed7895bf1951658f3e1c005e1f54a8e52f90

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Qe1iqZacbXp8bIc1AjG4HVqumTB1Lcuxu94Y/XxmvIO2J0amJg3AhRmKINnsZnlOlIsgjMMV1Kewq/6DiAPhbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 17 Mar 2022 13:03:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=209282747368546&ev=PageView&dl=https%3A%2F%2Fwww.newlucks.com%2Fproducts%2Fcarhartt-pocket-tee-qe0g%3Fscm%3Dspz.search%26ssp%3Dspz%26spm%3D..search.search_1.17&rl=&if=false&ts=1647522236565&sw=1600&sh=1200&ud[agent]=11ae7b7322933ed80ed683b08dd91d8bb2384b88798bc8f34d0964689d03c6f5&ud[external_id]=070af823ad377d4bf071010473968c519e01bb314f1537582c06a21be232a8b2&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647522236563.1131288974&it=1647522236343&coo=false&eid=1647522236188332&exp=p0&rqm=GET

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 17 Mar 2022 13:03:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 68ms
24ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-205505252-1&cid=735507331.1647522236&jid=1556224148&gjid=1110281378&_gid=1473083650.1647522236&_u=YEBAAUAAAAAAAC~&z=1648730105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 13:03:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.newlucks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 11 KB
5 KB 28ms
28ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.newlucks.com&t=xo&v=5.0.288&source=payments_sdk&client_id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

86898e7a68b291aeba199cbc0f4a2ea589a3102ef92381785adfcf0be9c5d00e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qPtKtnzci3dkw1mLmtUj9mAuUbtwSdEvkPbOwk0XmduuC9qx' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 827
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qPtKtnzci3dkw1mLmtUj9mAuUbtwSdEvkPbOwk0XmduuC9qx' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
paypal-debug-id: ad4f038a1844e
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 4014
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:03:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"2c01-eOgcZVkBjyWAHpST2LMDmUSzoM4"

GET
H3 200 common.2a663b8b.js,flashsale.62092184.js,image_video.131ddbc6.js,social_login.7103dccc.js,share_product.2ce870c5.js,reviews.5448e99c.js,coupon.8fa9be4f.js,size_guide.d773d86c.js Show response
static.staticdj.com/ 312 KB
68 KB 430ms
430ms Script
text/javascript 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staticdj.com/common.2a663b8b.js,flashsale.62092184.js,image_video.131ddbc6.js,social_login.7103dccc.js,share_product.2ce870c5.js,reviews.5448e99c.js,coupon.8fa9be4f.js,size_guide.d773d86c.js

Requested by

Host: www.newlucks.com
URL: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5805ffaf12c2a4b80bf5993b8738862fb70cf434f12cd2986c0e61f3898c2a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
request-id: b2b25d56-6bdc-461f-8d0f-e140a12c1ad3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 10:23:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-polished: origSize=319797
cf-ray: 6ed5ee7b8cd823df-ZRH
cf-bgj: minify

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 816 B
2 KB 226ms
225ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

527861a74a13d1effdc5b6ffd81f58d58f6d358c1d200dba1a9868eb7dc66b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 42
date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 149
etag: W/"330-xAeEPCrQO2cyhJyhacEeMJ5R1F0"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newlucks.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: aad91ebf6dca9
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 816

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 271ms
220ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newlucks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.newlucks.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: a0038dc17b2c0
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-edgeconnect-midmile-rtt: 150
x-edgeconnect-origin-mex-latency: 42
date: Thu, 17 Mar 2022 13:03:57 GMT
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newlucks.com/
Origin: https://www.newlucks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 21:34:13 GMT
x-content-type-options: nosniff
age: 55783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 21:34:13 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0368 0
18 B 19ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.newlucks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.newlucks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Thu, 17 Mar 2022 13:03:56 GMT

POST
H2 200 sa.gif
r.shoplazza.com/beacon/ 3 B
84 B 162ms
161ms Ping
image/gif 52.10.92.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.shoplazza.com/beacon/sa.gif?project=production&store_id=166259&gzip=0

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.10.92.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-92-36.us-west-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
request-id: 21097fb6-14c9-4d50-abd3-22b94a8eacab
content-length: 3
x-xss-protection: 1; mode=block

GET
H3 200 2f1f0a7023fe894e90c4957dbfddf16a_360.jpeg
img.staticdj.com/ 47 KB
48 KB 264ms
263ms Image
image/jpeg 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/2f1f0a7023fe894e90c4957dbfddf16a_360.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

494ca69fd73a4f3a43162f71698ed9a802d25fd3b4033df6eaa433b9c4362786

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="2f1f0a7023fe894e90c4957dbfddf16a.jpg"
expires: Wed, 16 Mar 2022 11:48:44 GMT
request-id: c6cfb382-eae1-45c0-9634-6f9328b19947
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48420
x-xss-protection: 1; mode=block
x-request-id: c6cfb382-eae1-45c0-9634-6f9328b19947
dj-cache: miss
last-modified: Wed, 16 Mar 2022 10:48:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-polished: origSize=51078, status=vary_header_present
accept-ranges: bytes
cf-ray: 6ed5ee7e38d401eb-ZRH
cf-bgj: imgq:100,h2pri

GET
H3 200 1f68e64d517cfd3913d1032241b921c0_360.jpeg
img.staticdj.com/ 46 KB
47 KB 271ms
269ms Image
image/jpeg 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/1f68e64d517cfd3913d1032241b921c0_360.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4969b8b42a9b2662eb62c6b9ebe84b2d6a844962bab40d72c65ee4f84c0eb824

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="1f68e64d517cfd3913d1032241b921c0.jpg"
expires: Wed, 02 Mar 2022 14:11:21 GMT
request-id: 9935d202-4097-4d18-9ffe-9afc4806b42a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47596
x-xss-protection: 1; mode=block
x-request-id: 9935d202-4097-4d18-9ffe-9afc4806b42a
dj-cache: miss
last-modified: Wed, 02 Mar 2022 13:11:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-polished: origSize=50638, status=vary_header_present
accept-ranges: bytes
cf-ray: 6ed5ee7e38d801eb-ZRH
cf-bgj: imgq:100,h2pri

GET
H3 200 95e35422e3d02766d2984aa7606b1b2a_360.jpeg
img.staticdj.com/ 47 KB
48 KB 279ms
278ms Image
image/jpeg 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/95e35422e3d02766d2984aa7606b1b2a_360.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ac21bd6280247704ed55d8fc657e273379f33f07f699b665282914b97cd3d753

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="95e35422e3d02766d2984aa7606b1b2a.jpg"
expires: Wed, 16 Mar 2022 11:57:04 GMT
request-id: 58f8b6c2-c665-4555-9a9a-137e59b1f675
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48087
x-xss-protection: 1; mode=block
x-request-id: 58f8b6c2-c665-4555-9a9a-137e59b1f675
dj-cache: miss
last-modified: Wed, 16 Mar 2022 10:57:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-polished: origSize=51195, status=vary_header_present
accept-ranges: bytes
cf-ray: 6ed5ee7e38db01eb-ZRH
cf-bgj: imgq:100,h2pri

GET
H3 200 34392eace4f794095aeb6908193897c5_360.jpeg
img.staticdj.com/ 37 KB
38 KB 214ms
213ms Image
image/jpeg 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/34392eace4f794095aeb6908193897c5_360.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1ce28cbad5b765a23778d3b6893e43732fba7d09e9c4f984af0d97e1cf3d53da

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="34392eace4f794095aeb6908193897c5.jpg"
expires: Wed, 02 Mar 2022 14:11:21 GMT
request-id: 230ab418-53f1-4a10-be30-2006923ef2f2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38356
x-xss-protection: 1; mode=block
x-request-id: 230ab418-53f1-4a10-be30-2006923ef2f2
dj-cache: miss
last-modified: Wed, 02 Mar 2022 13:11:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-polished: origSize=40170, status=vary_header_present
accept-ranges: bytes
cf-ray: 6ed5ee7e38dc01eb-ZRH
cf-bgj: imgq:100,h2pri

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 066C 352 KB
110 KB 396ms
396ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?env=production&commit=true&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=50&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVV3b1JsdjNpWjNqdDNvM2hoY2Z0X3RaNWc2dHZlZkVwakNmOVlOR2VIN3E4cF9XcmFsZWl0a0tmTG5XSXM4SExwemFsZ1JBNUFNVDBCWU8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9pbnBsanJiZHhncWV1ZHJpc2V3eXdmcnFjY3lwenMifX0&clientID=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&sdkCorrelationID=f75481927b13b&storageID=uid_dea399872d_mtm6mdm6nty&sessionID=uid_1e399047f6_mtm6mdm6nty&buttonSessionID=uid_9757071336_mtm6mdm6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IjVkYzEwNDNiMjQ2NTFlMmI1ODQ3YTU1YWExZjc3ZTlkMDcyMzkzYTEiLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

f6612e09554c4378e11460148441b1e0725b8f01a5b772d4a69c0fc7619a0b33

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"57fb0-OuFQxBnR/bT3rKD96cI+8HG0Jz8"
p3p: true
paypal-debug-id: a63ffb7b55ac3
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 152
x-edgeconnect-origin-mex-latency: 158
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 17 Mar 2022 13:03:57 GMT
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000

GET
DATA 200
OK truncated
/ Frame A34E 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 product-config Show response
www.newlucks.com/api/discount-flashsale/ 2 B
86 B 167ms
167ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/discount-flashsale/product-config?product_id=339e81d5-d64d-4a08-99ef-4b5877059531&variant_ids%5B%5D=56767603-2d4d-4031-943a-d48a6a64625c&variant_ids%5B%5D=bf8bba74-0bd9-4a56-92cd-25127a482969&variant_ids%5B%5D=63e4975f-bb42-42df-9d5c-c69435fc49a7&variant_ids%5B%5D=562d9f23-c9ec-4c82-b9e8-fc6207db8b1d&variant_ids%5B%5D=c75aa3eb-069a-40dd-9333-eac2fde5f0a9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
strict-transport-security: max-age=315360000; includeSubdomains
request-id: 3a7b3654-8e27-4db7-825a-e90175e9b5d3
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 monkey-i18n Show response
www.newlucks.com/api/ 3 KB
1 KB 179ms
179ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/monkey-i18n

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

2968fc06e62192a570fcc77fa6421823a9d87ff00e117b986f924e07028b2ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=315360000; includeSubdomains
request-id: daebe23c-fcb0-45ca-9fbb-3d97176ca396
content-length: 952
x-xss-protection: 1; mode=block

GET
H2 200 coupons Show response
www.newlucks.com/api/discount-code/ 21 KB
2 KB 235ms
235ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/discount-code/coupons?product_id=339e81d5-d64d-4a08-99ef-4b5877059531&variant_ids%5B%5D=56767603-2d4d-4031-943a-d48a6a64625c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

46a5f22b8654fcc71ef29a6ecc3cb704276db8eba0bb538aa085e5b199d1290b

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: ASP.NET
request-id: 70b89b34-e6c7-4c2f-bed3-d91b62160f1a
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-length: 1670
x-xss-protection: 1; mode=block
server: nginx
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, PATCH
content-type: application/json; charset=UTF-8
access-control-allow-origin: storefront
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H3 200 21de67bfbccf269db226976ebfa8c5d9_360.webp
img.staticdj.com/ 45 KB
46 KB 236ms
235ms Image
image/webp 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.staticdj.com/21de67bfbccf269db226976ebfa8c5d9_360.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e9b843e55621de9430d7e749596ae5f41222693a060cdc6f710f4f84566e3eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: ASP.NET
content-disposition: inline; filename="21de67bfbccf269db226976ebfa8c5d9.webp"
request-id: 332418e4-cbdd-41f1-b4c0-87d8e710b0f9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 332418e4-cbdd-41f1-b4c0-87d8e710b0f9
dj-cache: miss
last-modified: Mon, 07 Mar 2022 07:33:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: image/webp
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31557600, max-age=3600, public
cf-ray: 6ed5ee7ee9fd01eb-ZRH
expires: Mon, 07 Mar 2022 08:33:14 GMT

GET
H2 200 charts Show response
size-chart.apps.shoplazza.com/api/v2/front/ 8 KB
1 KB 589ms
173ms XHR
application/json 54.187.182.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://size-chart.apps.shoplazza.com/api/v2/front/charts?product_id=339e81d5-d64d-4a08-99ef-4b5877059531&store_id=166259
Requested by: Host: static.staticdj.com
URL: https://static.staticdj.com/themes/jquery-min-dbf25edba7.js,themes/common/assets/vendor-6f5abf3a01.js,themes/common/assets/serial_list-a8b9117f0d.js,themes/header-4a4d970725.js,themes/footer-90df86dabe.js,themes/search-2653810422.js,themes/collection_detail-3ac1d4653e.js,themes/product_detail-82bd61b5de.js,themes/common/assets/zoom-bad8fec116.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.182.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-182-124.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d62afd030932885d3faf5ad0b8e688e9ab24a059ab326839250718f01931e942

Request headers

Accept: */*
Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newlucks.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Store-Id,X-Csrf-token,Login-User-Id,X-Locale
content-length: 1087

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Mar 2022 14:00:42 GMT

POST
H2 200 sa.gif
r.shoplazza.com/beacon/ 3 B
60 B 158ms
157ms Ping
image/gif 52.10.92.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.shoplazza.com/beacon/sa.gif?project=production&store_id=166259&gzip=0

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.10.92.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-92-36.us-west-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
request-id: 3323e51b-e0ab-492c-bd32-51bbbf970880
content-length: 3
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=209282747368546&ev=ViewContent&dl=https%3A%2F%2Fwww.newlucks.com%2Fproducts%2Fcarhartt-pocket-tee-qe0g%3Fscm%3Dspz.search%26ssp%3Dspz%26spm%3D..search.search_1.17&rl=&if=false&ts=1647522237505&cd[content_type]=product&cd[content_ids]=%5B%2256767603-2d4d-4031-943a-d48a6a64625c%22%5D&cd[value]=23.97&cd[content_name]=Carhartt%20Pocket%20Tee%20-%20S&cd[currency]=USD&cd[content_category]=&sw=1600&sh=1200&ud[agent]=11ae7b7322933ed80ed683b08dd91d8bb2384b88798bc8f34d0964689d03c6f5&ud[external_id]=070af823ad377d4bf071010473968c519e01bb314f1537582c06a21be232a8b2&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1647522236563.1131288974&it=1647522236343&coo=false&eid=viewContent1647522237500&tm=1&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 13:03:57 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1288752371546099&ev=ViewContent&dl=https%3A%2F%2Fwww.newlucks.com%2Fproducts%2Fcarhartt-pocket-tee-qe0g%3Fscm%3Dspz.search%26ssp%3Dspz%26spm%3D..search.search_1.17&rl=&if=false&ts=1647522237508&cd[content_type]=product&cd[content_ids]=%5B%2256767603-2d4d-4031-943a-d48a6a64625c%22%5D&cd[value]=23.97&cd[content_name]=Carhartt%20Pocket%20Tee%20-%20S&cd[currency]=USD&cd[content_category]=&sw=1600&sh=1200&ud[agent]=11ae7b7322933ed80ed683b08dd91d8bb2384b88798bc8f34d0964689d03c6f5&ud[external_id]=070af823ad377d4bf071010473968c519e01bb314f1537582c06a21be232a8b2&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647522236563.1131288974&it=1647522236343&coo=false&eid=viewContent1647522237500&tm=1&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 17 Mar 2022 13:03:57 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1340574567&t=event&ni=1&cu=USD&_s=2&dl=https%3A%2F%2Fwww.newlucks.com%2Fproducts%2Fcarhartt-pocket-tee-qe0g%3Fscm%3Dspz.search%26ssp%3Dspz%26spm%3D..search.search_1.17&ul=en-us&de=UTF-8&dt=Carhartt%20Pocket%20Tee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item&_u=aGBAAUALAAAAAC~&jid=&gjid=&cid=735507331.1647522236&uid=1647522236188332&tid=UA-205505252-1&_gid=1473083650.1647522236&gtm=2ou3e0&pal=product&pa=detail&pr1id=shoplaza_US_56767603-2d4d-4031-943a-d48a6a64625c&pr1nm=Carhartt%20Pocket%20Tee&pr1br=&pr1ca=&pr1va=S&pr1pr=23.97&pr1qt=1&z=1174615875

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 13:42:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84094
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 discount-i18n Show response
www.newlucks.com/api/ 7 KB
1 KB 181ms
181ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/discount-i18n

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

ccb04ed7dc36734cb5de061f1313c550a975db102110be5b0486884f59329803

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: ASP.NET
request-id: a5770e02-93ac-4f8c-bf31-878e1eda7583
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-length: 1447
x-xss-protection: 1; mode=block
server: nginx
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
access-control-allow-methods: OPTIONS, GET, POST, DELETE, PUT, PATCH
content-type: application/json; charset=UTF-8
access-control-allow-origin: storefront
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 comment-config Show response
www.newlucks.com/api/ 557 B
388 B 177ms
177ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/comment-config

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

d56513e890f08c22eb6a1a40cb3bdd5bdacb338d0899b0cb0ba30a3853472cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=315360000; includeSubdomains
request-id: d42a811f-b287-440e-afa2-88c32d091689
content-length: 322
x-xss-protection: 1; mode=block

GET
H2 200 theme-config Show response
www.newlucks.com/api/comment/ 43 B
125 B 189ms
188ms XHR
application/json 2606:4700:90:0:2e5e:7a33:90a9:7707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newlucks.com/api/comment/theme-config?theme_id=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:90:0:2e5e:7a33:90a9:7707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

78050ed1ddfc5158149852293dd59c11f08a30f8a634f48f62e737c64f86def8

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.newlucks.com/products/carhartt-pocket-tee-qe0g?scm=spz.search&ssp=spz&spm=..search.search_1.17
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=315360000; includeSubdomains
request-id: dc27cb6b-7f52-493e-89cc-2d249eb8c573
content-length: 59
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 066C 343 KB
107 KB 30ms
30ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?env=production&commit=true&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=50&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVV3b1JsdjNpWjNqdDNvM2hoY2Z0X3RaNWc2dHZlZkVwakNmOVlOR2VIN3E4cF9XcmFsZWl0a0tmTG5XSXM4SExwemFsZ1JBNUFNVDBCWU8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9pbnBsanJiZHhncWV1ZHJpc2V3eXdmcnFjY3lwenMifX0&clientID=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&sdkCorrelationID=f75481927b13b&storageID=uid_dea399872d_mtm6mdm6nty&sessionID=uid_1e399047f6_mtm6mdm6nty&buttonSessionID=uid_9757071336_mtm6mdm6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IjVkYzEwNDNiMjQ2NTFlMmI1ODQ3YTU1YWExZjc3ZTlkMDcyMzkzYTEiLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

45df45c542ffb0c6a5eeecdeb999967d0ebf0e121c3157ab7bdfbc9104e57973

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?env=production&commit=true&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=50&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVV3b1JsdjNpWjNqdDNvM2hoY2Z0X3RaNWc2dHZlZkVwakNmOVlOR2VIN3E4cF9XcmFsZWl0a0tmTG5XSXM4SExwemFsZ1JBNUFNVDBCWU8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9pbnBsanJiZHhncWV1ZHJpc2V3eXdmcnFjY3lwenMifX0&clientID=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&sdkCorrelationID=f75481927b13b&storageID=uid_dea399872d_mtm6mdm6nty&sessionID=uid_1e399047f6_mtm6mdm6nty&buttonSessionID=uid_9757071336_mtm6mdm6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IjVkYzEwNDNiMjQ2NTFlMmI1ODQ3YTU1YWExZjc3ZTlkMDcyMzkzYTEiLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-V7awD8y+vXoEHcTEfJONHmZB68rVWYEe38CQTpYmBoz0vZpz' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
p3p: true
paypal-debug-id: a4458a33ed38f
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 108569
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 17 Mar 2022 13:03:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1a819-JFg/28gLH4Y4wSy/yjA3esJ0bPE"

GET
H3 200 eagle.b079bf8781d9b944d06384fb7bd2242c.css
static.staticdj.com/iconfont/font_1000265_v18uwp41hp/iconfont.css,themes/ 72 KB
72 KB 30ms
30ms Image
text/css 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.staticdj.com/iconfont/font_1000265_v18uwp41hp/iconfont.css,themes/eagle.b079bf8781d9b944d06384fb7bd2242c.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26628258
x-powered-by: ASP.NET
request-id: b1d2afb3-00cb-469e-b44d-a8a746f0f186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 May 2021 08:19:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-polished: origSize=74508
cf-ray: 6ed5ee81be7501eb-ZRH
cf-bgj: minify

GET
H3 200 eagle.18acf620fc4b6e575183bb6e4656e894.js
static.staticdj.com/oss/operation/c82dde7da7ac5208eeece19ec2bd8dca.js,themes/ 264 KB
264 KB 40ms
40ms Image
text/javascript 2606:4700::6811:534e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.staticdj.com/oss/operation/c82dde7da7ac5208eeece19ec2bd8dca.js,themes/eagle.18acf620fc4b6e575183bb6e4656e894.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:534e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25441678
x-powered-by: ASP.NET
request-id: 38468dc7-521c-4a50-b301-bb5f663e3aa5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 27 May 2021 01:55:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains
x-download-options: noopen
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31536000
cf-polished: origSize=378325
cf-ray: 6ed5ee81be7801eb-ZRH
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 066C 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 066C 56 KB
19 KB 62ms
9ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49139
x-cache: HIT
paypal-debug-id: 5330b0a2ed6e9
x-cache-hits: 27361
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19345
via: 1.1 varnish
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 01 Mar 2022 17:38:12 GMT
x-timer: S1647522238.863047,VS0,VE2
etag: W/"621e5a04-de78"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:03:57 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 066C 822 B
2 KB 235ms
235ms Ping
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b494566d4897f4e1d5790f60266c049ff0c27324b5e84c70b9b40a044237c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?env=production&commit=true&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=50&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVV3b1JsdjNpWjNqdDNvM2hoY2Z0X3RaNWc2dHZlZkVwakNmOVlOR2VIN3E4cF9XcmFsZWl0a0tmTG5XSXM4SExwemFsZ1JBNUFNVDBCWU8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9pbnBsanJiZHhncWV1ZHJpc2V3eXdmcnFjY3lwenMifX0&clientID=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&sdkCorrelationID=f75481927b13b&storageID=uid_dea399872d_mtm6mdm6nty&sessionID=uid_1e399047f6_mtm6mdm6nty&buttonSessionID=uid_9757071336_mtm6mdm6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IjVkYzEwNDNiMjQ2NTFlMmI1ODQ3YTU1YWExZjc3ZTlkMDcyMzkzYTEiLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 30
date: Thu, 17 Mar 2022 13:03:58 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 150
etag: W/"336-wY6xzhzHQRlCXRc3f9NZ/Dfn79c"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: a12d02a3b3d0c
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 822

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame A0F0 160 B
906 B 159ms
159ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

correlation-id: f201357d94ffc
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: f201357d94ffc
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
date: Thu, 17 Mar 2022 13:03:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4054-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1647522238.896479,VS0,VE151
vary: Accept-Encoding
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame D4C6
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS

42 B
299 B

102ms
33ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 13:03:58 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS
Date: Thu, 17 Mar 2022 13:03:58 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 sa.gif
r.shoplazza.com/beacon/ 3 B
61 B 156ms
156ms Ping
image/gif 52.10.92.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.shoplazza.com/beacon/sa.gif?project=production&store_id=166259&gzip=0

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.10.92.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-92-36.us-west-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
request-id: e05516b9-b9d4-4fd3-abdf-848661e7efb8
content-length: 3
x-xss-protection: 1; mode=block

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C514 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.newlucks.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newlucks.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.newlucks.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Thu, 17 Mar 2022 13:03:57 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame A0F0 56 KB
19 KB 10ms
10ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49139
x-cache: HIT
paypal-debug-id: 5330b0a2ed6e9
x-cache-hits: 27362
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19345
via: 1.1 varnish
x-served-by: cache-hhn4054-HHN
last-modified: Tue, 01 Mar 2022 17:38:12 GMT
x-timer: S1647522238.102814,VS0,VE1
etag: W/"621e5a04-de78"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:03:58 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame A0F0 125 B
605 B 223ms
223ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60a4a79013bcd4857ed732aec4f02585caffd9b1970e6ac0856e546d29fe50ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 13:03:58 GMT
via: 1.1 varnish
correlation-id: 5477401298d08
x-served-by: cache-hhn4054-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 5477401298d08
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame A0F0 15 B
200 B 187ms
186ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Mar 2022 13:03:58 GMT
via: 1.1 varnish
correlation-id: d915c4868354a
x-served-by: cache-hhn4054-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
content-type: application/json
paypal-debug-id: d915c4868354a
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 15
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame A0F0 0
241 B 416ms
255ms Image
text/plain 2606:2800:233:ce53:4396:b914:64c2:638e
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_1e399047f6_mtm6mdm6nty&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F48) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:03:57 GMT
correlation-id: a7183c3d706d
server: ECAcc (frc/8F48)
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: a7183c3d706d
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc=,x-cdn;desc=edgecast,edge;dur=195
timing-allow-origin: *
content-length: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 066C 825 B
2 KB 223ms
222ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

288b323b4713a5b620c51d51e29a9115e04e061f1a665ee27dfa96425b8bbe96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?env=production&commit=true&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=50&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVV3b1JsdjNpWjNqdDNvM2hoY2Z0X3RaNWc2dHZlZkVwakNmOVlOR2VIN3E4cF9XcmFsZWl0a0tmTG5XSXM4SExwemFsZ1JBNUFNVDBCWU8iLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9pbnBsanJiZHhncWV1ZHJpc2V3eXdmcnFjY3lwenMifX0&clientID=AUwoRlv3iZ3jt3o3hhcft_tZ5g6tvefEpjCf9YNGeH7q8p_WraleitkKfLnWIs8HLpzalgRA5AMT0BYO&sdkCorrelationID=f75481927b13b&storageID=uid_dea399872d_mtm6mdm6nty&sessionID=uid_1e399047f6_mtm6mdm6nty&buttonSessionID=uid_9757071336_mtm6mdm6ntc&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IjVkYzEwNDNiMjQ2NTFlMmI1ODQ3YTU1YWExZjc3ZTlkMDcyMzkzYTEiLCJwcm9kdWN0cyI6eyJwYXlJbjMiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 30
date: Thu, 17 Mar 2022 13:03:58 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 150
etag: W/"339-aMMFkOXN6VcCcvyMDfwNIvaeBAA"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: ad8769c4e8152
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 825

POST
H2 200 sa.gif
r.shoplazza.com/beacon/ 3 B
84 B 174ms
174ms Ping
image/gif 52.10.92.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.shoplazza.com/beacon/sa.gif?project=production&store_id=166259&gzip=0

Requested by

Host: static.staticdj.com
URL: https://static.staticdj.com/oss/operation/61c6ff7d3d8309f530c26cf4576bad9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.10.92.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-92-36.us-west-2.compute.amazonaws.com

Software

nginx / ASP.NET

Resource Hash

dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newlucks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 17 Mar 2022 13:03:58 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: ASP.NET
x-download-options: noopen
strict-transport-security: max-age=315360000; includeSubdomains
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
request-id: 9c89c7df-ed0e-424a-b9ef-6e6ce89b7dd7
content-length: 3
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newlucks.com/	1970-01-20 10:24:18	Name: _c_id Value: 1647522235675545387
www.newlucks.com/	1970-01-20 01:40:08	Name: awesomeab Value: ywgd4071-product-api-v22s9s0
www.newlucks.com/	1970-01-20 10:24:18	Name: store_locale Value: en-US
.newlucks.com/	1970-01-20 10:24:18	Name: client_id Value: 1647522236188332
.newlucks.com/	1970-01-20 01:38:44	Name: session_id Value: 1647522236211172
.newlucks.com/	1970-01-20 01:48:47	Name: shoplazza_source Value: %7B%22%24first_visit_url%22%3A%22https%3A%2F%2Fwww.newlucks.com%2Fproducts%2Fcarhartt-pocket-tee-qe0g%3Fscm%3Dspz.search%26ssp%3Dspz%26spm%3D..search.search_1.17%22%2C%22%24latest_referrer_host%22%3A%22%22%2C%22expire%22%3A1648127036214%7D
.newlucks.com/	1970-01-20 01:39:21	Name: sajssdk_2015_cross_new_user Value: 1
.newlucks.com/	1970-04-03 01:38:42	Name: sensorsdata2015jssdkcross Value: %7B%22distinct_id%22%3A%2217f97fa47a38af-09f4dee0adf912-977173c-1920000-17f97fa47a4a2c%22%2C%22%24device_id%22%3A%2217f97fa47a38af-09f4dee0adf912-977173c-1920000-17f97fa47a4a2c%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_referrer%22%3A%22%22%2C%22%24latest_referrer_host%22%3A%22%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%7D%7D
.newlucks.com/	1970-01-20 19:09:54	Name: _ga Value: GA1.2.735507331.1647522236
.newlucks.com/	1970-01-20 01:40:08	Name: _gid Value: GA1.2.1473083650.1647522236
.newlucks.com/	1970-01-20 01:38:42	Name: _gat_gtag_UA_205505252_1 Value: 1
.newlucks.com/	1970-01-20 03:48:18	Name: _fbp Value: fb.1.1647522236563.1131288974
.facebook.com/	1970-01-20 03:48:18	Name: fr Value: 0FpMVQmfMELyifxYa..BiMzG8...1.0.BiMzG8.
www.newlucks.com/	1970-02-25 04:53:06	Name: _identity_cart Value: 451bc999-03ab-46b7-9d1c-cd6ae5c4f741
www.newlucks.com/	1969-12-31 23:59:59	Name: _pdv Value: %5B%7B%22product_id%22%3A%22339e81d5-d64d-4a08-99ef-4b5877059531%22%2C%22timestamp%22%3A1647522237519%7D%5D
.paypal.com/	1970-01-20 01:38:44	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 03:55:30	Name: ts_c Value: vr%3D97fa4b8817f0a7a07f0080e0fab27abf%26vt%3D97fa4b8817f0a7a07f0080e0fab27abe
.paypal.com/	1970-01-20 01:43:01	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-21 21:26:42	Name: sc_f Value: EtodWXNpgp5_vNj12iDc4FL8p9SqGt1CqIOCToGV6dnzmT4AwL4vVPX62g6IjcnQDR9Nc_ZChhcZRVTVCtCvA_lsA1PcdSzkE71SRW
.paypal.com/	1970-01-27 08:50:42	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: TrsMOvWqGaUKgaZwsnnWlMrBwE36oUBtaOlrOBuUkzI-p8pi5nL5AuogBvoO0frHMzDd9JMDRdV8pxyC
.paypal.com/	1970-01-21 03:55:30	Name: ts Value: vreXpYrS%3D1742216638%26vteXpYrS%3D1647524038%26vr%3D97fa4b8817f0a7a07f0080e0fab27abf%26vt%3D97fa4b8817f0a7a07f0080e0fab27abe%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.shopify.com
connect.facebook.net
dub.stats.paypal.com
fonts.gstatic.com
img.staticdj.com
r.shoplazza.com
size-chart.apps.shoplazza.com
static.staticdj.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.newlucks.com
www.paypal.com
104.111.228.123
151.101.193.35
2606:2800:233:ce53:4396:b914:64c2:638e
2606:4700:90:0:2e5e:7a33:90a9:7707
2606:4700::6811:534e
2a00:1450:4001:809::200e
2a00:1450:4001:813::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:800::268
52.10.92.36
54.187.182.124
64.4.245.84
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15103fe52362902c5b51e4ba54241475d67a4521a5c106ccbb4353b974de6bb6
167549d476f2de7aafe21665a35957328e7978580fdad0f2e387ea9ff67a2210
1ce28cbad5b765a23778d3b6893e43732fba7d09e9c4f984af0d97e1cf3d53da
2422a1dc66747668eec2b0d4a56ca93bfaedb846625d622976ca3b72f4dd1993
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
288b323b4713a5b620c51d51e29a9115e04e061f1a665ee27dfa96425b8bbe96
2968fc06e62192a570fcc77fa6421823a9d87ff00e117b986f924e07028b2ba6
36f1b4c3c5d8cb038c840c5f9ec40f5f3a09255587e907a8551566a9a09eb405
381ff6067637453502420d5f13439c4c462e5d65171554be7a5d58e9a110753b
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
45df45c542ffb0c6a5eeecdeb999967d0ebf0e121c3157ab7bdfbc9104e57973
46a5f22b8654fcc71ef29a6ecc3cb704276db8eba0bb538aa085e5b199d1290b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
494ca69fd73a4f3a43162f71698ed9a802d25fd3b4033df6eaa433b9c4362786
4969b8b42a9b2662eb62c6b9ebe84b2d6a844962bab40d72c65ee4f84c0eb824
4e36a560377ecac02ac51dc4c9479d6e931da0b7c0170723819d135f333331b6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
527861a74a13d1effdc5b6ffd81f58d58f6d358c1d200dba1a9868eb7dc66b8c
5805ffaf12c2a4b80bf5993b8738862fb70cf434f12cd2986c0e61f3898c2a8e
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
5b494566d4897f4e1d5790f60266c049ff0c27324b5e84c70b9b40a044237c4c
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
60a4a79013bcd4857ed732aec4f02585caffd9b1970e6ac0856e546d29fe50ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77d9a71d101328412c013ea2f1e93cc35f737be22c81329b3cd258f8d29bb6d6
78050ed1ddfc5158149852293dd59c11f08a30f8a634f48f62e737c64f86def8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86898e7a68b291aeba199cbc0f4a2ea589a3102ef92381785adfcf0be9c5d00e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9a0d1a98ac96359a1a96fac10c01ed7895bf1951658f3e1c005e1f54a8e52f90
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac21bd6280247704ed55d8fc657e273379f33f07f699b665282914b97cd3d753
b3b51fd0807364f8381e1cf4c0bf32cb27bea7ca30185acfb8d6e181c7d4326a
b51d051ef0f8b45bb0050111b3e6be2d03a5397543778530522e4c75abc06a63
c2b94654282b1ce3981ab2177117ce73ff80b2380d9ac6aef5061fab7445a99e
c3ded38ca2fe124debc0d0a77b4620767311354417782f7049d20c50275b7dca
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ccb04ed7dc36734cb5de061f1313c550a975db102110be5b0486884f59329803
cceddd47ad6eca9ade33922b4890220a642fe68a6e678c19b12b756b535ebf7c
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d56513e890f08c22eb6a1a40cb3bdd5bdacb338d0899b0cb0ba30a3853472cd3
d62afd030932885d3faf5ad0b8e688e9ab24a059ab326839250718f01931e942
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22
dc91dbdfd810a1f0747377ab9f01519dea7c13528998b44fa1577f3e9df6d3c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b843e55621de9430d7e749596ae5f41222693a060cdc6f710f4f84566e3eff
ec6faf4fd33ad316869f39d331aefb58bb645e2c08e4f854f7dee77850c2b33a
f6612e09554c4378e11460148441b1e0725b8f01a5b772d4a69c0fc7619a0b33
fc30fce6fcdbe5ea796bfe578ea20364a9ed484509346b6ff765711356c89b4d

www.newlucks.com Open in urlscan Pro 2606:4700:90:0:2e5e:7a33:90a9:7707 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

67 %IPv6

11 Domains

17 Subdomains

16 IPs

3 Countries

2050 kBTransfer

4381 kBSize

21 Cookies

4 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newlucks.com Open in urlscan Pro
2606:4700:90:0:2e5e:7a33:90a9:7707 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

67 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

2050 kB
Transfer

4381 kB
Size

21
Cookies

65 HTTP transactions
4 data transactions