URL: https://superpowerful-flashlight.gainsmy.com/
Submission: On April 24 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 114 HTTP transactions. The main IP is 52.87.116.109, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is superpowerful-flashlight.gainsmy.com.
TLS certificate: Issued by SSL.com SSL Intermediate CA ECC R2 on April 24th 2024. Valid for: 3 months.
This is the only time superpowerful-flashlight.gainsmy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
54 shopnow.us
cdn.shopnow.us
apie.shopnow.us
4 MB
30 gettechcloud.com
cdn.gettechcloud.com — Cisco Umbrella Rank: 661129
32 MB
11 gainsmy.com
superpowerful-flashlight.gainsmy.com
24 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
505 B
4 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2924
t.paypal.com — Cisco Umbrella Rank: 3505
88 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
323 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
197 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2623
1 KB
114 9
Domain Requested by
52 cdn.shopnow.us superpowerful-flashlight.gainsmy.com
cdn.shopnow.us
30 cdn.gettechcloud.com superpowerful-flashlight.gainsmy.com
11 superpowerful-flashlight.gainsmy.com cdn.shopnow.us
6 www.facebook.com superpowerful-flashlight.gainsmy.com
4 connect.facebook.net superpowerful-flashlight.gainsmy.com
connect.facebook.net
3 www.paypal.com cdn.shopnow.us
www.paypal.com
2 region1.google-analytics.com www.googletagmanager.com
2 apie.shopnow.us cdn.shopnow.us
2 www.googletagmanager.com cdn.shopnow.us
www.googletagmanager.com
1 t.paypal.com superpowerful-flashlight.gainsmy.com
1 www.paypalobjects.com superpowerful-flashlight.gainsmy.com
114 11

This site contains links to these domains. Also see Links.

Domain
report.aliexpress.com
Subject Issuer Validity Valid
superpowerful-flashlight.gainsmy.com
SSL.com SSL Intermediate CA ECC R2
2024-04-24 -
2024-08-06
3 months crt.sh
shopnow.us
Amazon RSA 2048 M02
2023-05-29 -
2024-06-27
a year crt.sh
gettechcloud.com
GTS CA 1P5
2024-04-23 -
2024-07-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-01 -
2024-05-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-10-12 -
2024-10-31
a year crt.sh

This page contains 3 frames:

Primary Page: https://superpowerful-flashlight.gainsmy.com/
Frame ID: E1F3994412CFD71A828F7DC3EFD39B67
Requests: 111 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_fa09c64026_mta6mjm6nda&buttonSize=large&clientID=AUmO9kfvOfCiPdNMlZXyzAbH1Ncn5_m7xCJC6IC4IMpNWwrD5lNhl0GD6MfGkjCoVrVacKUUUmj8E8e1&clientMetadataID=uid_28c1ffb344_mta6mjm6nda&commit=true&components.0=buttons&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&sessionID=uid_28c1ffb344_mta6mjm6nda&sdkCorrelationID=f2445585f73d5&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVVtTzlrZnZPZkNpUGROTWxaWHl6QWJIMU5jbjVfbTd4Q0pDNklDNElNcE5Xd3JENWxOaGwwR0Q2TWZHa2pDb1ZyVmFjS1VVVW1qOEU4ZTEmbG9jYWxlPWVuX1VTIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfZmhidnRkeG51eWt1bmZidHhyaHRxa2tzdWNvZ2p4In19&sdkVersion=5.0.434&storageID=uid_ba48a0a26f_mta6mjm6nda&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: EC8DDE28D01ADA7EE2441AD497E411DD
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 19971661CA7CE1B5F42243E75A62D85F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Gainsmy - ✨German Three-eyed Monster Mini Flash Super Power Flashlight🎉

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

114
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

37218 kB
Transfer

38869 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

114 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
superpowerful-flashlight.gainsmy.com/
156 KB
16 KB
Document
General
Full URL
https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx / Next.js
Resource Hash
572f0b4fb134d4a16a01b562c66f7404eb2215f8af6846701329592337b9caa6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
s-maxage=60, stale-while-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 10:23:38 GMT
etag
"1ngo27y5n53eu4"
server
nginx
vary
Accept-Encoding
x-nextjs-cache
STALE
x-powered-by
Next.js
9b3fc42cb0d605f5.css
cdn.shopnow.us/landing/_next/static/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://cdn.shopnow.us/landing/_next/static/css/9b3fc42cb0d605f5.css
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81238941af336f8eb3b505d08fade8c9511d9a8047ef127632a237fb5fb05a88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
9_pbWhO0R76rF8QZH8COhCIuMx0D8Iqz
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"4871ffcb9d1e8527b5b85c4ba5507184"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
hmh1-UcQDutB2dhtjM0_2vdlRkcCIxHzDERe8CwaWl3D97XR08dfjA==
2e3abb948ad00670.css
cdn.shopnow.us/landing/_next/static/css/
52 KB
10 KB
Stylesheet
General
Full URL
https://cdn.shopnow.us/landing/_next/static/css/2e3abb948ad00670.css
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9145d8a75a159d1648a2d15fffbb4c6c18cadc00adc877f6435db17679841dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 31 Jan 2024 17:56:14 GMT
x-amz-version-id
WR.aAgjV._BWgj6ny.91UuIAWvZxSBme
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
7230446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"1f1c11fa016cf10ffcb52b9a57fb5704"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
MGJPvvV5hkKc2TRr0DibeFsOMuvSP1TZWAaRpwmABAiG--uKFqtXBw==
webpack-6c140dfd524b37b0.js
cdn.shopnow.us/landing/_next/static/chunks/
5 KB
3 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/webpack-6c140dfd524b37b0.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8626ceccb87fecda787f19eb4b569aa72ac8621106d0a6faea4968d6399f50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Dec 2023 17:46:46 GMT
x-amz-version-id
7a.MgStj6_pIvgxB_E6CCAY0Gz5hb.wo
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
10946214
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"9ecbd64d369257cfa3303e525c3e63b7"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
FVBwLU-RKbcHPLFs9PzcoAsFKfeycepLaxUA0v1nnYw6iFh84nbV4Q==
framework-2c79e2a64abdb08b.js
cdn.shopnow.us/landing/_next/static/chunks/
138 KB
43 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
B8HdtTibO3SJmeDemmSkdJXfngPJAJWm
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"7fc4bed6b4319c62343f0bf5db91a5bb"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
yIAmSvDB-HKEvtLkPGxGgDWgENFhkVPJN0xWMMbCbBU1SAYj5BwVCQ==
main-9a72db714f5fe4c1.js
cdn.shopnow.us/landing/_next/static/chunks/
88 KB
26 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db1df2a3942ce6e667f64eee2bb9f20ece8cd4ad895e35b984bae4ebf6259307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
nnmMeeeHC.44DwIstA7V4gqBqm7zBMpR
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"5334a009271a874096ea47082704e937"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
CbrFqxMGdDovqTuzrHBqf8aNL2_k2OGmK8Ez_-1gBpBSJXYZ3FBD1g==
_app-3d927b4b44c04996.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
202 KB
56 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/_app-3d927b4b44c04996.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4a1602f8882a289721d4f17ec1d60d3fdd3316de37e7d79feb71819170a2d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
yQBvRBA8K8XUFJFaJPivJBAphZNjW.kz
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"d3cc624f8817d76ba8f4a8196e5e6c21"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
JcSb6k9DUKnm-HQo2rU-9O_YqFS5bHgE4KFWtx3ic5jnRKvPacvzsA==
922-63be89322e38531d.js
cdn.shopnow.us/landing/_next/static/chunks/
29 KB
10 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/922-63be89322e38531d.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b853253679e6179a96019a0baba0093568a6063b2e8b71538a0818dc6c32bf39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
Du424qzDbNjZlkym._gkIHnwcGSE9rKE
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"2d576e8605989d98025f232fd71b1914"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
9ox9GqF61agTZ_dv3KgR1sGF9HZIBrcnt0pKK16hOSfogcquU99tfA==
253-cef7e2da862fc7c3.js
cdn.shopnow.us/landing/_next/static/chunks/
24 KB
8 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/253-cef7e2da862fc7c3.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45033fcbc26062ba5295f72d13c203abeef97ec69598ff658684908a831a741d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
ItiAierNoRXlqNvQwO2s31Dw.rQn_MAv
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"ce6a43f36bf167de6407bb8a33d23e10"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
C0bv1QHGuhq8NoPiEB_0LSWe9r0pU8DCaOGjP4vzcedOgEMsYyRe3A==
238-f803bd8b2129461e.js
cdn.shopnow.us/landing/_next/static/chunks/
20 KB
8 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/238-f803bd8b2129461e.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ef455aeb6cf0f68e73c85dae42fa4ca553050980ef019d3646125d16eb89a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
6gFxvDEIP5m9IOF9AHrVMX.iXq5R.VES
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"834aa4f002d6bb1c2b78e2149321eabe"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
Rgct44hY7D37e9Tw766SIVf150HMIYckZm57doAWmLhFgLC6NBnBtg==
21-4084055a8abf900a.js
cdn.shopnow.us/landing/_next/static/chunks/
10 KB
4 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/21-4084055a8abf900a.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19a1d76d60c9475920dddbb52136644e97addff18a96fe2beefac6953954a4d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
ZQVuJbEQojFIvSMqAkKUIUEDiL1izu_C
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"3786cda9bf569dc20b9095858c8bd669"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
i6zEj9gi8oUL2E6treKGvO1YCe8HlGdLxLqx5-EtXXTqo0DUc607GA==
158-f665049541317bec.js
cdn.shopnow.us/landing/_next/static/chunks/
101 KB
33 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/158-f665049541317bec.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a012e87a9a805de51fce391c277ed48b24f745160445148b9a8ddac6d4ec33ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 01 Feb 2024 05:01:00 GMT
x-amz-version-id
fi631OAj7i1BEoTWCoUmmD866uAAPhW3
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
7190560
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"051e741f51b23be60533c33e74c02395"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
GGQX7JRmdb035_Uk7qszTA9Op6EnLzt3tlLtiy_fhCHf1l0kwhqLGg==
310-042dbf6c5aefdaad.js
cdn.shopnow.us/landing/_next/static/chunks/
12 KB
4 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/310-042dbf6c5aefdaad.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca719182b8ac9eeb7bcc5c7661ec4c2cad45138384a632c572ac2b0613d40081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
VoECpSYljN_DjdIRQt6Vj58Yw942bO44
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"5cac2a89dfe1f31488cacafc28126115"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
IqQCRcbEKghEJrHWLxbm_RHLTApNSZ203ggY4SWTaMT2RsM7PHcv4Q==
%5Bhost%5D-92f6f2ebc735380b.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
106 KB
19 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/%5Bhost%5D-92f6f2ebc735380b.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a8ee026b06bad55d81c3ef84efa2e2ff0c3e683ea13ec7e2d9beafb0b7070a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
OLwOZtZRrY0UatwV1eeSw8Cq4LAbOzio
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"18018b7e7a82c117f4096932be303acd"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
R-JF8_5U0IxcplDoZgMo9IBGz5SLDaPL3XWA2JKj1o697UP3cz0Zjw==
_buildManifest.js
cdn.shopnow.us/landing/_next/static/2Gi73r_bUOhAknxp43IRs/
1 KB
1 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/2Gi73r_bUOhAknxp43IRs/_buildManifest.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef621edf7ff201cde4fcbb794d9f2a224d70e3de8c8fd449cb5fe7e70eb0bb6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:49 GMT
x-amz-version-id
m2lyOkN_NinCSVwbRt7JG7dAQUCXyEWp
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"3145a99798fdd743abb0bc6adc1fca6a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
8mT9iVbUJkC51LLfvNzjCijvLE6XIjxxzGXhOQPNmermaO23NWl_Ug==
_ssgManifest.js
cdn.shopnow.us/landing/_next/static/2Gi73r_bUOhAknxp43IRs/
94 B
651 B
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/2Gi73r_bUOhAknxp43IRs/_ssgManifest.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c60f6b81dbd46b2cf6f90b54880be1f7a5d50eea75324e3ac7f20c88a0b3a83e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 05:04:01 GMT
x-amz-version-id
K3eK.F3NeIkaI5jkEabJF.BPz89_efRi
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11251179
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
94
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
"ad787a3f95b7be90b8dc0e435bb113c2"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
-JBVMHfpxoUo8CeL2qPH8Knl3jc15PBGwU5PkK1L1dV1l9VxLEOw8A==
4961e9dd-5775-4f5d-9c7f-66f2b2ccf51d.png
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
73 KB
73 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/4961e9dd-5775-4f5d-9c7f-66f2b2ccf51d.png
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
195bd290753fb0415a6e3927054f5c65790768fca157380e44cb1c6e20aa0b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
ubzqlvsSYjyAbwcQ4d8W91YW9DCfL.0X
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
74354
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:49:56 GMT
server
AmazonS3
etag
"9869816a86763a2c386539db89dd6251"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
kgy_OPfsjfIFlcTfvunrwOnAo3b4uIbMVe-DK9phgYJCCHlbKyOVLQ==
ac5a85c4ffb7a107e2691d91655bde6f3c990167.gif
cdn.gettechcloud.com/image/
169 KB
169 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/ac5a85c4ffb7a107e2691d91655bde6f3c990167.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33172918d37650a750239f1b07b5aefe1202927b2f3a45e4bf20b0e2a4cd20c3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:24:59 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cflpQalZ1BVBL84gW1YrMf8qsAJdRV_HsQesDqGFoaDQ:00897645afbde0e2cf7d1b8ab8aa1faa"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d29106945-FRA
content-length
172690
cf-resized
internal=ok/m q=0 n=184+0 c=15+157 v=2024.4.0 l=172690
5bd1b53b970f8032f5d35cfd02a410ced4b4c22b.gif
cdn.gettechcloud.com/image/
5 MB
5 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/5bd1b53b970f8032f5d35cfd02a410ced4b4c22b.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91605ffbe16631d72fc97e330320139217f26405d8abb7051ed272e8417c8f42
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:02 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfKQdGUpdAs808Q2-d6C_2tENnJdRV_HsQesDqGFoaDQ:496d59f24d04d385d32bd9989effa163"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d29176945-FRA
content-length
5105248
cf-resized
internal=ok/m q=0 n=399+451 c=0+0 v=2024.3.2 l=5105248
8d0d2f14b406d96aedaa14ee487bcaa615bd98ef.gif
cdn.gettechcloud.com/image/
61 KB
61 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/8d0d2f14b406d96aedaa14ee487bcaa615bd98ef.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd69929230259d8730cf784ea47e89b3d78745f8e8ce593a311fda537bcf8815
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:05 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cf9Ww6Mu3bKfi_JPhK5P_FPx6xJdRV_HsQesDqGFoaDQ:be21f066ed6a2b86bdcb5cae7932d982"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d29156945-FRA
content-length
62068
cf-resized
internal=ok/m q=0 n=139+0 c=6+79 v=2024.3.2 l=62068
72e5922ba51f84c7758f0040c5260fae1192ee3e.gif
cdn.gettechcloud.com/image/
3 MB
3 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/72e5922ba51f84c7758f0040c5260fae1192ee3e.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94cb829a2805467920e227d8336697d2bb68ab0e92ce79f2e9925fdbdda8140c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:08 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfm13RXQ_jI3BA-g3l6eNxbFVHJdRV_HsQesDqGFoaDQ:08d9904745788a5dacc21fd67dee000c"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d291a6945-FRA
content-length
3207800
cf-resized
internal=ok/r q=0 n=88+510 c=0+0 v=2024.3.2 l=3207800
10c88e4c6112a03b1b2319029078c894558f45c5.gif
cdn.gettechcloud.com/image/
42 KB
43 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/10c88e4c6112a03b1b2319029078c894558f45c5.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e007df7b3bd3f31dcf1fa00bb7ebb5e8195f1d52dd082aee8efaf61a3b4e7dd0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:11 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfxOq79iSfXVaN6Bd7ywdAF9a_JdRV_HsQesDqGFoaDQ:9ba29f14a760a32390e1a1fb5c6a94c8"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d291d6945-FRA
content-length
43506
cf-resized
internal=ok/r q=0 n=85+0 c=8+80 v=2024.3.2 l=43506
e37a4b5afddeacf6d8decc63a4ed0e753e407e04.gif
cdn.gettechcloud.com/image/
4 MB
4 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/e37a4b5afddeacf6d8decc63a4ed0e753e407e04.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444e760caac060a0ad8efd43ebce871464603e8fe854311f8989cda3c2a08679
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfArXI0CaMPm612PP31erPPRImJdRV_HsQesDqGFoaDQ:80813824e62c4cb283e958548adae57c"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d291b6945-FRA
content-length
4190590
cf-resized
internal=ok/m q=0 n=254+281 c=0+0 v=2024.3.2 l=4190590
07211f789cca9e3b90bbca141cb66ee769d4b9cf.gif
cdn.gettechcloud.com/image/
207 KB
208 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/07211f789cca9e3b90bbca141cb66ee769d4b9cf.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68cd6c0987ce3cd0b88ccc6b3b9645cc5f87d7f637e1975fd223b56d5e5f920
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:16 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfhMNjkZ-NUuV-CQfozfzTR64KJdRV_HsQesDqGFoaDQ:528dd52b2ed74538952f1ab3583111a5"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69636945-FRA
content-length
212366
cf-resized
internal=ok/r q=0 n=75+0 c=16+163 v=2024.3.2 l=212366
fb195b4704f8147bb999f5ad898ff84eeb383f56.gif
cdn.gettechcloud.com/image/
2 MB
2 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/fb195b4704f8147bb999f5ad898ff84eeb383f56.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d64d900e26d1b95e4fadfa52afe9ec2da52d145232458a429a1a6d3a9759f23
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:19 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfqoPbQ6xL3C2T233DQODtKPsFJdRV_HsQesDqGFoaDQ:cbc9a5d18c00a0402cc26469eaa8ae30"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69686945-FRA
content-length
2030386
cf-resized
internal=ok/r q=0 n=93+127 c=0+0 v=2024.3.2 l=2030386
445de48a293f96c038ac4a42ecaf0d9ccffd44cf.gif
cdn.gettechcloud.com/image/
186 KB
186 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/445de48a293f96c038ac4a42ecaf0d9ccffd44cf.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c570e6ee6e4229e0188bfdaf86b23fca64c85f6415faaa2b70df4d1e8e449df
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:22 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfihaS1N6MvyLZAuPI-sycr4_FJdRV_HsQesDqGFoaDQ:f8a105cdafca3ded221cb0cf1cbad854"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d696c6945-FRA
content-length
190050
cf-resized
internal=ram/r q=0 n=0+0 c=0+0 v=2024.3.2 l=190050
55fc6ab1b3dcd3c1e6bb5dc9dff9492b3ccf1429.gif
cdn.gettechcloud.com/image/
3 MB
3 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/55fc6ab1b3dcd3c1e6bb5dc9dff9492b3ccf1429.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189329d38a4398510b9706d1de97b0a99cf92fe3fe8657bf6f3dbce0173e4d8a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:25 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfkMuzS2Z5Hkf_FZaafvUrQlXpJdRV_HsQesDqGFoaDQ:e8c19098f6552b060c2ea64a1f79e367"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69706945-FRA
content-length
3350552
cf-resized
internal=ok/m q=0 n=292+347 c=0+0 v=2024.3.2 l=3350552
b1561f5f8f3e6424ed85444cdc13e7a39f58cfe3.gif
cdn.gettechcloud.com/image/
177 KB
177 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/b1561f5f8f3e6424ed85444cdc13e7a39f58cfe3.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a941af092992667022afaad09f63017ede9a1ff9ba5f98c81c1593d14cfcde6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:27 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfasM-UcBOhyXKIbZFOqxkFgVCJdRV_HsQesDqGFoaDQ:cdf6f8f47146474c75f81bda0179e28b"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69746945-FRA
content-length
181288
cf-resized
internal=ok/m q=0 n=132+0 c=11+121 v=2024.3.2 l=181288
208588a783db7d340f440655502b8a9e6764b880.gif
cdn.gettechcloud.com/image/
3 MB
3 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/208588a783db7d340f440655502b8a9e6764b880.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66fde5a08c37eebac3ec43cf0e783e16c3760c2bbcd77a02b8a7dd229074e39
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:30 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfZlNLEsgVCVnT5_kOxj_BLTEjJdRV_HsQesDqGFoaDQ:07a7f21345949acfc7495c47e89f479f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69786945-FRA
content-length
3030894
cf-resized
internal=ok/r q=0 n=92+319 c=0+0 v=2024.3.2 l=3030894
da2fdf1bc57b1ea081c81c267eb78d26f38d747a.gif
cdn.gettechcloud.com/image/
93 KB
93 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/da2fdf1bc57b1ea081c81c267eb78d26f38d747a.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b173cf41f0e7b45d541a78adb1a05b55f308e9306683fd27f35f29832b6debeb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:32 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfiYinTzR53-lSro0wnTyK5dbXJdRV_HsQesDqGFoaDQ:39ca29369bffcc7dcecc6bc989094b54"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d697d6945-FRA
content-length
94888
cf-resized
internal=ok/m q=0 n=136+0 c=9+92 v=2024.4.0 l=94888
551410937956a58223d6843d5269d3017b0f327c.gif
cdn.gettechcloud.com/image/
2 MB
2 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/551410937956a58223d6843d5269d3017b0f327c.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a01b681e5c4a84420c3d3ccdd24b00c459dcd3d08de1f029cd5e85dc875470
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:35 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfx9DbJ1PAZIHYl5TvBoMN0pU6JdRV_HsQesDqGFoaDQ:f585fee303031e7a1b5dad0db3f7b23f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69816945-FRA
content-length
2398774
cf-resized
internal=ok/r q=0 n=201+509 c=0+0 v=2024.3.2 l=2398774
b240d9ee237ddf426a2dc909bb672283d4929bf7.gif
cdn.gettechcloud.com/image/
102 KB
102 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/b240d9ee237ddf426a2dc909bb672283d4929bf7.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
393581897d7e8a2e01557d9aa3b702b1ece83cd3fb25ff145452e2ce23e4572d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:38 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfMyfYYU0WQHFaN07ZmPoIleBNJdRV_HsQesDqGFoaDQ:62710429f7600c918cc5dd1ed4e7a127"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d69856945-FRA
content-length
104544
cf-resized
internal=ok/m q=0 n=191+0 c=10+92 v=2024.3.2 l=104544
2126b2d8386a937e1533f507c2c6bb49e1731263.gif
cdn.gettechcloud.com/image/
1 MB
1 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/2126b2d8386a937e1533f507c2c6bb49e1731263.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3b4a51d92abd818863b284c049c90493dbd6e43b25c0fd3af201f2eb63f6d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:40 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfoqHgSSwrZwh-5hGVoI7iT7cQJdRV_HsQesDqGFoaDQ:14f0c91d840dd4fd589d2699bd2685ac"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d698a6945-FRA
content-length
1307548
cf-resized
internal=ok/r q=0 n=78+281 c=0+0 v=2024.3.2 l=1307548
0ec74710547b5de34f5f581da1261833184b8c75.gif
cdn.gettechcloud.com/image/
129 KB
129 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/0ec74710547b5de34f5f581da1261833184b8c75.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e857d4f439327c0d49a789e2a9c2b6885b5662a7983b788c65968b4285a01370
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:43 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfDAIhm6422vqY9NlGrk84LuOzJdRV_HsQesDqGFoaDQ:72514aef60f488dba4a5b62b4aa4f646"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d698d6945-FRA
content-length
131870
cf-resized
internal=ok/m q=0 n=173+0 c=16+170 v=2024.3.2 l=131870
01ceb1293e6d45f8813d7788cd8ffa3ec728e281.gif
cdn.gettechcloud.com/image/
2 MB
2 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/01ceb1293e6d45f8813d7788cd8ffa3ec728e281.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6d93d328de2f54d8ffb3154ec3c5d2aa392522a7e3ff6e14e6433b88f920dc0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:46 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfwKpLieHkCXEtvtrLyK3vk8VpJdRV_HsQesDqGFoaDQ:76da328affb519ee9911aed48d8a168a"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79906945-FRA
content-length
2597328
cf-resized
internal=ok/m q=0 n=283+209 c=0+0 v=2024.3.2 l=2597328
5e1bc801f5793389bf13469e0e19b291aa3c1a4f.gif
cdn.gettechcloud.com/image/
106 KB
106 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/5e1bc801f5793389bf13469e0e19b291aa3c1a4f.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381e30e30a05b391cd7a5ab36bb086d3c5a8875f62684033cb37289d833c77dc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:48 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfCqO2zanckWTioe97OBumyZJSJdRV_HsQesDqGFoaDQ:d7ef8cb1b371aa72ed1778ac8972f281"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79926945-FRA
content-length
108694
cf-resized
internal=ok/r q=0 n=60+0 c=14+116 v=2024.3.2 l=108694
54a7d4406e91a891c1b7c794afd551643cf834d4.gif
cdn.gettechcloud.com/image/
906 KB
907 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/54a7d4406e91a891c1b7c794afd551643cf834d4.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857475957a508b6c33ddc9ef04cf3131fc5e24cc06efd5e93697074b6695ec87
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:51 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfcw_77fVWagxtD4ASuzyPzH-wJdRV_HsQesDqGFoaDQ:23d82bc426fc422459db38438874aeab"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79956945-FRA
content-length
927702
cf-resized
internal=ok/r q=0 n=65+185 c=0+0 v=2024.3.2 l=927702
afea0ecfb1d47d5a41e414087955617a227097ad.gif
cdn.gettechcloud.com/image/
88 KB
89 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/afea0ecfb1d47d5a41e414087955617a227097ad.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967223f8613b40f8a0894c1417181d93145ff7b6603cae45dc9bd80517674069
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:53 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cf5OehYJdtmYNEfqPxwszv6Zr-JdRV_HsQesDqGFoaDQ:b0edf5e4748dfee35a73907e88393791"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79976945-FRA
content-length
90538
cf-resized
internal=ok/m q=0 n=153+0 c=7+87 v=2024.4.0 l=90538
06f9e094445820be9462f86e762f461b1d9cbeb2.gif
cdn.gettechcloud.com/image/
94 KB
94 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/06f9e094445820be9462f86e762f461b1d9cbeb2.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd193f25416c4d4c0690650681e6a93e23bdb01509e8e8f23cd136304a7ed659
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:55 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfR5WE2lQrxbZyIi14VsmuE3hgJdRV_HsQesDqGFoaDQ:98d9c53b0ebc770c2b35112e43589679"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d799a6945-FRA
content-length
95802
cf-resized
internal=ok/m q=0 n=205+0 c=9+93 v=2024.3.2 l=95802
76dbc8eb62e842b9344d99d2e180f0f336b60815.gif
cdn.gettechcloud.com/image/
140 KB
141 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/76dbc8eb62e842b9344d99d2e180f0f336b60815.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d7367ddb7cdba777853fffe24361889ee31c561f3f7a79a779fb8a2800087f8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:25:57 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfdDImGNeu0JIuP3zXoNeVMQyUJdRV_HsQesDqGFoaDQ:8c801102961c816b6e67766f282691aa"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d799c6945-FRA
content-length
143736
cf-resized
internal=ok/r q=0 n=31+0 c=12+110 v=2024.3.2 l=143736
313d018f29797d74f24c7b3026248cb79b722a0d.gif
cdn.gettechcloud.com/image/
3 MB
3 MB
Image
General
Full URL
https://cdn.gettechcloud.com/image/313d018f29797d74f24c7b3026248cb79b722a0d.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea865f05a0025a09e18dd134420f36d2fc48b6cc97e9603cf5563b31f89fdfb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:26:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf06Q3wjJPl2VmMo7jUDFnpFaFJdRV_HsQesDqGFoaDQ:e84e548cd14e90720c9dc743b5bfec78"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79aa6945-FRA
content-length
3200784
cf-resized
internal=ram/r q=0 n=0+0 c=0+0 v=2024.3.2 l=3200784
27dfdc3ac9fb367c5045509b6161268dc94fa56f.gif
cdn.gettechcloud.com/image/
105 KB
105 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/27dfdc3ac9fb367c5045509b6161268dc94fa56f.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2aea7e201d86e2d800ea2c8e09d4ad11db4398f98b8c284caddcb232986ce6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 06:26:03 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cf7hF9cdTbBQO54hFTvyt4zVA9JdRV_HsQesDqGFoaDQ:2d90a080d09aad4e641d33e0afe64d45"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79ae6945-FRA
content-length
107042
cf-resized
internal=ok/r q=0 n=34+0 c=11+105 v=2024.3.2 l=107042
85626e4fc82662ef2246f8d8541fc2260b1c18cd.webp
cdn.gettechcloud.com/image/
10 KB
10 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/85626e4fc82662ef2246f8d8541fc2260b1c18cd.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89c29cd501a61e2daa603852e284a8716c7cb9bd55eb749ac35562a72564653
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 27 Jul 2023 08:28:24 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfVJJESBBtoEolJQMRdStxTw-EJdRV_HsQesDqGFoaDQ:63454a5a003ca02417f6ea046075591b"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79b06945-FRA
content-length
10372
cf-resized
internal=ok/m q=0 n=85+0 c=1+14 v=2024.3.2 l=10372
07ea88667d0c7521e145b778a7d6b5b887b65d86.png
cdn.gettechcloud.com/image/
5 KB
5 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/07ea88667d0c7521e145b778a7d6b5b887b65d86.png
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41cd65a0c70ce2bb02a8e76e7c464aba610751304ac740534b28a7376dc88e7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
4967
cf-resized
internal=ok/r q=0 n=72+0 c=0+10 v=2024.3.2 l=4967
last-modified
Thu, 27 Jul 2023 08:28:24 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cfMfudrmTN_vHkwh5kqPZR6fJiJdRV_HsQesDqGFoaDQ:c013250b6e06b2b0ea837f62e6f4b60d"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 981B smaller"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79b16945-FRA
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 536;u=5;i=?0)
2f63f71a9178cf444bb0b4a0eee6494e6209dceb.gif
cdn.gettechcloud.com/image/
92 KB
93 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/2f63f71a9178cf444bb0b4a0eee6494e6209dceb.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9136238f4b9e30c4c69fdf41abf764aa767e5be824d4db5374c0d39b6b2381eb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
94464
cf-resized
internal=ok/m q=0 n=134+92 c=0+0 v=2024.3.2 l=94464
last-modified
Thu, 27 Jul 2023 08:28:25 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf-IYLLT7G_lVdKRWDq8Sawd_dJdRV_HsQesDqGFoaDQ:536a54f2d4e69dde94cfa4ddfeeca1a1"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 1227794B smaller"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79b26945-FRA
priority
u=1;i=?0,cf-chb=(244;u=3;i=?0 11960;u=5;i=?0)
915a8c8a5de0a5efc089e25e01d2b52a3fe93b2e.gif
cdn.gettechcloud.com/image/
272 KB
272 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/915a8c8a5de0a5efc089e25e01d2b52a3fe93b2e.gif
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c99f274a6d16588e992e81f3f0a06263f6bde3fdb0785ebe303631d7fb3cf0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
278172
cf-resized
internal=ok/m q=0 n=143+138 c=0+0 v=2024.3.2 l=278172
last-modified
Thu, 27 Jul 2023 08:28:25 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cfF9yNACqXMJ7mantq2k8lF4uTJdRV_HsQesDqGFoaDQ:db1e04f7075728249b778741dcff6744"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 1127648B smaller"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79b76945-FRA
priority
u=1;i=?0,cf-chb=(820;u=3;i=?0 10956;u=5;i=?0)
5aae784cc244f48addd106665b1e4d9e0e08b6cf.webp
cdn.gettechcloud.com/image/
60 KB
60 KB
Image
General
Full URL
https://cdn.gettechcloud.com/image/5aae784cc244f48addd106665b1e4d9e0e08b6cf.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7764e0e71644d4194126e2f01bb651e8698682763b4e89432560bb5ca48e1a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 27 Jul 2023 08:28:26 GMT
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfrmp49b6VCHbilK_cR4ZDnZScJdRV_HsQesDqGFoaDQ:694ad43ce652638a787c5efb923d0722"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8795610d79b96945-FRA
content-length
61234
cf-resized
internal=ok/m q=0 n=97+0 c=5+39 v=2024.3.2 l=61234
1a18c76b-8289-4ac1-8005-dbc8e2cbaf92.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
32 KB
33 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/1a18c76b-8289-4ac1-8005-dbc8e2cbaf92.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b781700d09e384f8ab9e4a36c2da44dc7865ea1b23e523d9136e3c7c3d2de35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
o6qfiP.UcMX2n1cecK3crCarB1r0.5E7
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
33206
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:45:49 GMT
server
AmazonS3
etag
"a655da304639bc8a7b3376be1c4578f8"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
bZXvtR0ZhS-gEhIeNjQZ5RTxXjAgEazB8OzVmb9GY6Njd9TRikSU3Q==
cf993658-84c7-44f3-8774-59c6f00e1b75.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
27 KB
27 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/cf993658-84c7-44f3-8774-59c6f00e1b75.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
075bce2c9c7f41d7ff52853c0b446ccf1ecbba04761d55ede18f814c20196765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
o.rD1wt3PUB7SFe8usnqm39m5QxMOSMM
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
27354
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:45:59 GMT
server
AmazonS3
etag
"661bd26b7c2f279001daa8fd26a37de3"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
Q7T5CMsYlDx6TEWwmvuKMVu_u8fEvi4bvVbjOUZDKlyKfcMKKU5oDQ==
7e70c9fa-3839-49e4-96fb-c60635540766.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
27 KB
28 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/7e70c9fa-3839-49e4-96fb-c60635540766.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d5936f1b1994f007a6c020fcaeaef76d9ebf789854376bbd36f3fef76cd1d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
ez77YPSCV6mA_sxarF5q7zeCF4O9PAUX
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
28078
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:46:08 GMT
server
AmazonS3
etag
"72d1cac60f6b081d0e2c65c5a9715185"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
iW9x4HsC4C3WASvbkVSmp1tc5ldZHq3ivscm1UpNWL0unDHVWQq7kQ==
a1aef05b-8cfc-4101-adf6-7197957d2fca.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
139 KB
140 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/a1aef05b-8cfc-4101-adf6-7197957d2fca.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02b33eb99dc1090793b292bfef48c3889cc1efedac1a59140a04230f225da4ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
RTxZ2AFtE.dALVrV.qdDoIN2tMwPmipI
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
142218
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:46:28 GMT
server
AmazonS3
etag
"53b2c848167de665e643a73aef069514"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
JrNW9qOkrCUquzDJrj1pB-mp_nE4Lmox_gP7ZJLAdVb_D7bqAtLVWg==
639f1d20-5e22-4774-9d67-004f158a4fa6.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
97 KB
97 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/639f1d20-5e22-4774-9d67-004f158a4fa6.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87f4095cf39c7afc6ba2c29a618c836ef9a776a128e49f054eeb69af1bcc291b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
oQc2ssi2qvtwL_4Szl2cM12wS2akr5P0
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
98934
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:46:36 GMT
server
AmazonS3
etag
"4458836807b20af518177992c434aae2"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
3w8b8vgvA1Mv0MUEXh5GSGrbJmxP3Yir26cPPMhPhv8WHWCB34g02g==
b5b5cc8d-b742-4f0e-ae47-01e72f921154.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
188 KB
189 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/b5b5cc8d-b742-4f0e-ae47-01e72f921154.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83995248233341589d4f6d99f20d992584e26d5b2c5e66fbb4f995cbb50981e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
O3CRsZvsh_uEwxo0IJ58nNfcYUxCbpIm
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
192484
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:46:50 GMT
server
AmazonS3
etag
"51612d1b335b51f9a05ca4e9fc524490"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
C9Nim_Uu3qP70tYmVnEr-pNUQXMY4fkDw7owil2IIrIJpEImuk00lg==
60d57d3e-9b5f-4a92-92cc-d941f7700670.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
57 KB
58 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/60d57d3e-9b5f-4a92-92cc-d941f7700670.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
160bbc9c30d6e89f270c572f0a942cba4b3c2c6d4e9db5140bab9bc7bb5f7929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
1Jt724yPg7.73HKQilQClOPSpRD348eJ
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
58726
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:47:11 GMT
server
AmazonS3
etag
"619084779708b359a5c8950017351b51"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
UngKCRA5O5rQpGy6MQOet7qnRGxvNXiPhEH79lWnamFIik0VKO0PAg==
menu-icon.182b619c.svg
cdn.shopnow.us/landing/_next/static/media/
211 B
763 B
Image
General
Full URL
https://cdn.shopnow.us/landing/_next/static/media/menu-icon.182b619c.svg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35eff9a4c11b71c6a22de793f01a81d40a0b032892d92fabdbb2b192c98ca760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 23:16:58 GMT
x-amz-version-id
tSFvqv1Md3guC_2WJWK9wY5m6He1P_6Z
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11185602
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
211
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
"f2f4282cbd30ffe85c6e06c029a9965b"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
j_0NKX05LApG7pqOi7VpnX542cATb1IzGzkj7niF1Yd0kmQRUuCXNw==
cart-white.eabede84.svg
cdn.shopnow.us/landing/_next/static/media/
1 KB
1 KB
Image
General
Full URL
https://cdn.shopnow.us/landing/_next/static/media/cart-white.eabede84.svg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34a3abbdf4c5eb0154aaa8f0360f08d711fd07325167c78c9056b91dcc2ad752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Jan 2024 10:49:38 GMT
x-amz-version-id
jCHMiGmeTDBLAUFb5LDJA9YJMisQwCXC
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
8552042
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"28e9e35f5ca7352963ed87b5410a4563"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
Xc3yy45PB8m_rsgW92gN6uC9YwTM6fek6-DjPHfsg93qq97kdCjJpw==
creditcard-white.4a5ac823.svg
cdn.shopnow.us/landing/_next/static/media/
868 B
1 KB
Image
General
Full URL
https://cdn.shopnow.us/landing/_next/static/media/creditcard-white.4a5ac823.svg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
560c1f66f6dd073130ee5bdb3315df177b6f2127cf6a9227286faf4e4e2806c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 07:57:33 GMT
x-amz-version-id
RY2VfZ1jA8nO3DQBbvTzDlpiZrAA6jPu
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11240767
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
868
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
"1c06eb6318ed81fcd3d10f5b9a50ec96"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
nn_LzsrsHrtitQt4TVqVlmIYOeh5sEXWAvfFmFZn-yVUZ3H8j9ve-g==
safe-checkout.60f7203e.png
cdn.shopnow.us/landing/_next/static/media/
27 KB
27 KB
Image
General
Full URL
https://cdn.shopnow.us/landing/_next/static/media/safe-checkout.60f7203e.png
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e7d1b041c75c1356235e6a0079c1800f2eb5af838b01a6311b3e45f6039762a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 07:57:33 GMT
x-amz-version-id
HfyzFAPUKXWDiCOu70G1PYG4Xoh4Btrn
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11240767
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27146
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
"03e2ca4bc621f76dc201b5432b43170c"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
btXBnrCrZiJ7hJBErQClcvh6U999DcpNOpcQot55L2P78dSQDC1P8Q==
213.ae04e16c1aa64d3a.js
cdn.shopnow.us/landing/_next/static/chunks/
18 KB
7 KB
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/213.ae04e16c1aa64d3a.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/webpack-6c140dfd524b37b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8897300fe697970474eb1705824c495be01adc7357f9207644d8ddf5a391d2fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:50 GMT
x-amz-version-id
Vxz02X4jmYDD_YPqy9RWygnqXguUW_M0
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:12 GMT
server
AmazonS3
etag
W/"d0520036e0af5b9443e72e0674cca94f"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
F5h3jAqYS0vJHIWSd0e3Qu5k_6UY4kAJTRVRhTGa2aricZWhvJbtzw==
index.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
0
0
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/index.json?host=superpowerful-flashlight.gainsmy.com
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-nextjs-data
1
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-nextjs-matched-path
/[host]
server
nginx
etag
"a14y9vil8m1cqd"
vary
Accept-Encoding
content-type
application/json
x-nextjs-cache
HIT
cache-control
s-maxage=60, stale-while-revalidate
x-nextjs-rewrite
/superpowerful-flashlight.gainsmy.com?host=superpowerful-flashlight.gainsmy.com
content-length
63215
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 10:23:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=3, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
HJ8VB4HznJu/Ajf9Y7/G8KYTVVUhTL2McuNidyYPTIDVTcnlSPLBqJ/sEGRww53r55K4e1WSyKBdz52dCVI0dg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
294 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ESMTRJTQBP
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8db4dc18a1abfff8b3e80055b370e6a9ac3236ddc14990176b3342f4c24c96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100542
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 10:23:39 GMT
event
apie.shopnow.us/api/v1/public/
0
491 B
XHR
General
Full URL
https://apie.shopnow.us/api/v1/public/event
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/pages/_app-3d927b4b44c04996.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.47.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-47-129.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://superpowerful-flashlight.gainsmy.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
x-api-version
1.2.23
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
access-control-allow-origin
https://superpowerful-flashlight.gainsmy.com
access-control-expose-headers
X-Api-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-frame-options
DENY
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Authorization, Origin
expires
0
js
www.paypal.com/sdk/
303 KB
83 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AUmO9kfvOfCiPdNMlZXyzAbH1Ncn5_m7xCJC6IC4IMpNWwrD5lNhl0GD6MfGkjCoVrVacKUUUmj8E8e1&locale=en_US
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/21-4084055a8abf900a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8F) /
Resource Hash
b0f71b458351a833b79ea64ff3ec59810fc970c71e4a4c62d46bee82f7fc9e84
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-h6ZBQgrc+UgH34dQmevhiUP4pujmsOxez5JhP0mXxm9g/j2L' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-h6ZBQgrc+UgH34dQmevhiUP4pujmsOxez5JhP0mXxm9g/j2L' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-h6ZBQgrc+UgH34dQmevhiUP4pujmsOxez5JhP0mXxm9g/j2L' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-h6ZBQgrc+UgH34dQmevhiUP4pujmsOxez5JhP0mXxm9g/j2L' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 10:23:40 GMT
disable-set-cookie
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
true
paypal-debug-id
0335114729645
server-timing
traceparent;desc="00-00000000000000000000335114729645-ad351ec2468dfc66-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
82769
x-xss-protection
1; mode=block
last-modified
Tue, 23 Apr 2024 11:48:26 GMT
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4C8F)
traceparent
00-00000000000000000000335114729645-ae7014764329f9ac-01
etag
W/"14351-Ipm1NLW5rmNYkiiSHbVlNO/yI0U"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
timing-allow-origin
*
event
apie.shopnow.us/api/v1/public/ Frame
0
0
Preflight
General
Full URL
https://apie.shopnow.us/api/v1/public/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.47.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-47-129.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://superpowerful-flashlight.gainsmy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Authorization, Origin
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
access-control-allow-origin
https://superpowerful-flashlight.gainsmy.com
access-control-expose-headers
X-Api-Version
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 24 Apr 2024 10:23:39 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-api-version
1.2.23
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
index.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
62 KB
8 KB
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/index.json
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b248eb0f90582cdd4b42948d84311191d89bc8126484d7f98508efd87ca118f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-nextjs-matched-path
/[host]
content-encoding
gzip
server
nginx
etag
"a14y9vil8m1cqd"
vary
Accept-Encoding
content-type
application/json
x-nextjs-cache
STALE
cache-control
s-maxage=60, stale-while-revalidate
x-nextjs-rewrite
/superpowerful-flashlight.gainsmy.com
track.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/track.json
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
contact.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/contact.json
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
legal.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/legal.json?type=faqs
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
legal.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/legal.json?type=payment_methods
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
legal.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/legal.json?type=privacy
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
legal.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/legal.json?type=return_and_refund
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
legal.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/legal.json?type=shipping
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
legal.json
superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/
2 B
68 B
Fetch
General
Full URL
https://superpowerful-flashlight.gainsmy.com/_next/data/2Gi73r_bUOhAknxp43IRs/legal.json?type=terms_of_service
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.116.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-116-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
purpose
prefetch
x-nextjs-data
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://superpowerful-flashlight.gainsmy.com/
x-middleware-prefetch
1
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
x-middleware-skip
1
server
nginx
9a66bb54-2f99-45c2-b150-188a4e9bef7d.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
60 KB
61 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/9a66bb54-2f99-45c2-b150-188a4e9bef7d.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11fcb41c5b010e72307a66a3b97dbfecf210f0a21d4202e2c47e176b5f399d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
HM0vucKuBs9z2v4qBIxC96LEoJmRV.yV
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
61598
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:25:48 GMT
server
AmazonS3
etag
"9375b92c2ea5eed03c7decc02b503ddf"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
S4jlvnY04zZRAv9wY1sQjrbcq9-sueJKllZG-bs1t1DWOtNCxfx0tg==
625906c4-7a29-4bbf-8484-af688e7aa3f6.jpg
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
709 KB
710 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/625906c4-7a29-4bbf-8484-af688e7aa3f6.jpg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63bdb465c87abd21d5c600f1ab79d964237ded875b5f03c038228e9098bde011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
uDnRfmqwT9sQ1hsRT6mF2IEPg0.O4KvL
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
725684
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:27:48 GMT
server
AmazonS3
etag
"a3f83d4eb52a394f591f9ebcaa182df5"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
-v_l3el6yHRpxefciANmRDhlCF1aVx92Lu8NQMbsIoorORr0LbaARg==
444c6470-89ed-4c12-a165-c031a41cdec0.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
87 KB
88 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/444c6470-89ed-4c12-a165-c031a41cdec0.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95bc43bc01db73672ea7291a27fb89ee5fb0278daf9c4230c9ce2a34b69a94a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
OLp7UPnpHutPi9CUs8rmRDJz487teNLJ
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
89576
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:25:57 GMT
server
AmazonS3
etag
"f064bd28f1d4f0e104c7c3d7e4d1921d"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
QEAm65Gc5EHpHCVp9egT9R35gU4No_1fBikrbAfBF-ekBO98uuympg==
6d610b8d-326b-476d-90d9-42282dd7e46a.jpg
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
762 KB
764 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/6d610b8d-326b-476d-90d9-42282dd7e46a.jpg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1874270c59692603443b8ac5dcbd323754db609031f7787932626e216df518ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
2ZxVL74TzQ0qnqI.KZhAVwyli3li1fNB
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
780679
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:27:48 GMT
server
AmazonS3
etag
"eb2f08e5273102fa6fe47d02cdf73a4b"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
d-Tpug8YJ9y-pqtHqS30QDKP9DGDPzg1UI60wIpoBUYn3i1GdiAWgg==
3e62c37d-5e36-423a-9fd9-6e4cf1b85479.jpg
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
696 KB
697 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/3e62c37d-5e36-423a-9fd9-6e4cf1b85479.jpg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1168e2fe07cbd674438975a9a994e09bf6f998ac0e485f3fc2800ed5735c09ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
Oa3B8PUFLxsE7_NVW2zaguhJlYFStK9V
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
712612
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:27:48 GMT
server
AmazonS3
etag
"a40f784c435c729d0f55bc3aab1a325e"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
ub42qqk2fKEnFU-Mbcwep375P0Wyiy_CqjDejq69Myyh8-AFadoZsA==
9275789d-e386-4a84-b2c4-cf1a0dd79ec8.jpg
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
141 KB
142 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/9275789d-e386-4a84-b2c4-cf1a0dd79ec8.jpg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39c7bb1919e6d2d93d8af1c8523042595e9ab953e8351346554b95ec8f6da642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
XHH6VY5ZQb14uLtTiFJuaRjxcLPgY_hN
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
144358
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:27:47 GMT
server
AmazonS3
etag
"da15608a60a48490d224fa754b87bbf4"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
4qTeXHVbjaSQggAA3J72iGgIej7pjSQknMyaS36LmeH_Kuc1A6ICDw==
f44a5a4d-3904-4805-8064-f16f67042a83.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
37 KB
37 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/f44a5a4d-3904-4805-8064-f16f67042a83.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09aa679195b949d31b410f5369a92776c6c56893b2c70f4d4b44668e5026b8b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
mOGBa4UCtopvriz5jxHfizXBshulVcu9
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
37450
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:26:00 GMT
server
AmazonS3
etag
"0535f60cd39a8abfef1a443f5eb6a6f9"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
OoPkOUBW28pr8xcHgJxV5AAp_Xi3KgHyUWnDyl3O4B7fUXYQl2uqpw==
8b083254-1d1d-4185-a500-3f91f0ada69b.jpg
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
504 KB
505 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/8b083254-1d1d-4185-a500-3f91f0ada69b.jpg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f47e608e1bf12ae2431d8832bea09b4a5da468be14d4f54fa3f1a33c74e339c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
ETfrlhHQUL5FcMEgdguJXEkc.so.mxBz
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
515697
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:27:48 GMT
server
AmazonS3
etag
"6c2050f756a83603ba9cf8f39a6d43a5"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
QL8Uq8hnS0ykEviymSxuTUAScZ95h46JDci8oQSiT5dU7Dczd-IG2w==
c7a65319-0b3e-4245-9b4d-1af59c1a369e.webp
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
28 KB
29 KB
Image
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/c7a65319-0b3e-4245-9b4d-1af59c1a369e.webp
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c6e023636dc648d0fe2c8f7bed5c1fd6c46cc421bbec9db4d1ae92c3337f674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
fJifovJ0Jy.AM78Sab.gYMTtFn.6Ebm_
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
29008
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:26:07 GMT
server
AmazonS3
etag
"8e75b781e433d40f13a5cc8cac184df2"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
vZrCeo9Q6Z0SfX1grtsqFIsFiyMWbmdwZoEZ9hQqskPmcEAU4pjaGA==
chevron_left.46c2b4a2.svg
cdn.shopnow.us/landing/_next/static/media/
150 B
704 B
Image
General
Full URL
https://cdn.shopnow.us/landing/_next/static/media/chevron_left.46c2b4a2.svg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7d379d31dd517198d442430c50220ff290cc36b50d76ad3864e2c41891146ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 07:57:40 GMT
x-amz-version-id
TFzkQhh3haLHrXMvqS2sotUjODu9FDk7
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11240760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
150
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
"4f77fda335dce9c03af8b9e1e5d28324"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
NfJdQSVCw0Cy7BggAMpbrNu7ATfzUOTJ_pzg2zLHXIKy2mzbld791Q==
chevron_right.d7dc3daf.svg
cdn.shopnow.us/landing/_next/static/media/
149 B
700 B
Image
General
Full URL
https://cdn.shopnow.us/landing/_next/static/media/chevron_right.d7dc3daf.svg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07d63c63474652bf552370826d756bfca0e8d9e7dfef5af3b315ec443f44f31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 07:57:40 GMT
x-amz-version-id
8TTYnISfdWyV2IwrKEcoyLBgC6HHxEgs
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11240760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
149
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
"5e765e3a1e6bfc6527a39ceeeeb3259e"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
q8fd07MyueFshf7xQd-w2bdQ9zloy06T2HN_lpCfuF3DPVEhbkKuJg==
collect
region1.google-analytics.com/g/
0
269 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ESMTRJTQBP&gtm=45je44m0v9116704377za200&_p=1713954219331&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=852816456.1713954220&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&sid=1713954219&sct=1&seg=0&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&dt=Gainsmy%20-%20%E2%9C%A8German%20Three-eyed%20Monster%20Mini%20Flash%20Super%20Power%20Flashlight%F0%9F%8E%89&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1361
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ESMTRJTQBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 10:23:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://superpowerful-flashlight.gainsmy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
295 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4RVGMEP3JD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ESMTRJTQBP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a887335ccf6d96b49e7a87f2de61b7f13aca7f3be28b42bf1b194ae5d9b0a074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100651
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 10:23:39 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4RVGMEP3JD&gtm=45je44m0v9181070277za200&_p=1713954219331&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=852816456.1713954220&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2F&sid=1713954219&sct=1&seg=0&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&dt=Gainsmy%20-%20%E2%9C%A8German%20Three-eyed%20Monster%20Mini%20Flash%20Super%20Power%20Flashlight%F0%9F%8E%89&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1529
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4RVGMEP3JD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 10:23:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://superpowerful-flashlight.gainsmy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2e3abb948ad00670.css
cdn.shopnow.us/landing/_next/static/css/
52 KB
521 B
Fetch
General
Full URL
https://cdn.shopnow.us/landing/_next/static/css/2e3abb948ad00670.css
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9145d8a75a159d1648a2d15fffbb4c6c18cadc00adc877f6435db17679841dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
x-amz-version-id
WR.aAgjV._BWgj6ny.91UuIAWvZxSBme
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P8
age
7230447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"1f1c11fa016cf10ffcb52b9a57fb5704"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
gJ-moVPfFimRxxIxvWSi_GAiJ75KgF6Os9QtmONd2XTq80nHn1vkig==
contact-0ecbda7c0ad6f023.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
0
5 KB
Other
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/contact-0ecbda7c0ad6f023.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 01 Feb 2024 05:01:02 GMT
x-amz-version-id
AjfMEHl9YtRRdnITXspsQ2P4n3YG6t4b
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
7190559
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"c0b686b0d7888b20824632a5da136ce6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
EXSPGvBXEiDn37BnvlAEMMKlV20LpnYMWiKLjnMMYZAbCXb36s1NGA==
track-2a4f3b878a637553.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
0
4 KB
Other
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/track-2a4f3b878a637553.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:52 GMT
x-amz-version-id
Up6qaLqu9cZuF_42KT7ZmGd8vnJSTIFs
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"3c2c57de6a1e81b257df012f214678da"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
kHG865R2rxklrUk7Gn_HaeiQrfA5xe8qBpOvKNnGnhCF9xwgbiylLQ==
734-4839db71fc404820.js
cdn.shopnow.us/landing/_next/static/chunks/
0
5 KB
Other
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/734-4839db71fc404820.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:52 GMT
x-amz-version-id
MQESprc7J4qwbx4kMNk5EZuWsrbCklZS
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"298e2502ee45b07e2fa73dcd5b343efa"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
NoQb4hJq4K6gAPGop3dLTt8DLIIX1alZd6I2zqZgZ18siPtYiHT-Yw==
legal-b8af29dc41dc174d.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
0
3 KB
Other
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/legal-b8af29dc41dc174d.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:52 GMT
x-amz-version-id
awZs712lZM3g6Cj098vP_ACxcM3rcpnz
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"af7b3920926e9d5b7eddbb8bcd5e46d6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
LNA_yfglOZcse_tTc8qlvOPK-7c1sBL2-Rn8JKvxOSo_k4F_radxqQ==
contact-0ecbda7c0ad6f023.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
15 KB
0
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/contact-0ecbda7c0ad6f023.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32720653d5ef94a8d3e880204d20a355ed277397b439f205cd27f8ad3f330575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 01 Feb 2024 05:01:02 GMT
x-amz-version-id
AjfMEHl9YtRRdnITXspsQ2P4n3YG6t4b
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
7190559
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"c0b686b0d7888b20824632a5da136ce6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
EXSPGvBXEiDn37BnvlAEMMKlV20LpnYMWiKLjnMMYZAbCXb36s1NGA==
1173e99efc82bdbb.css
cdn.shopnow.us/landing/_next/static/css/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.shopnow.us/landing/_next/static/css/1173e99efc82bdbb.css
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a4862c2e56568021b5eba81a96fc8df79b5a2a212b8e0b9b58a5bbdff61f69d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:53 GMT
x-amz-version-id
rNS6iKgrxUESArPvDAlkxELxIJE7jHOZ
content-encoding
br
x-content-type-options
nosniff
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
11252868
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"784f8be3ee48600897208e2d98d24507"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
z3Zdy5mGnAXx2T44xhFtvHU2zTqqNCCkYsXtUq_leBdK3QZNVOsTsg==
track-2a4f3b878a637553.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
12 KB
0
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/track-2a4f3b878a637553.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b190696df4c19c9238ce7c3e09129ffeaf203ea6ae64443d6f9edc6be6c32c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:52 GMT
x-amz-version-id
Up6qaLqu9cZuF_42KT7ZmGd8vnJSTIFs
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
11252869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"3c2c57de6a1e81b257df012f214678da"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
kHG865R2rxklrUk7Gn_HaeiQrfA5xe8qBpOvKNnGnhCF9xwgbiylLQ==
c44c8a1345ca821a.css
cdn.shopnow.us/landing/_next/static/css/
4 KB
2 KB
Fetch
General
Full URL
https://cdn.shopnow.us/landing/_next/static/css/c44c8a1345ca821a.css
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5c113a9d6fad4fa0c5cf3dd3af79ac4e9bafcb57e5dee3f783a97b321390f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 01 Feb 2024 17:27:35 GMT
x-amz-version-id
PTl7Y3GeS8pnmLfOALE5WxwmwX_mYmXj
content-encoding
br
x-content-type-options
nosniff
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
7145766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"df2d3535e25df37b3e75a8bff3e77454"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
jO_8MsXeVF9Bxrz8hQd9nhTmvv291mEa9bVLGlNV9lgyZLjm-b1Xtw==
734-4839db71fc404820.js
cdn.shopnow.us/landing/_next/static/chunks/
10 KB
0
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/734-4839db71fc404820.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a3ae10958b9db2861260d96ffe705cd09700b58361f2434aab9f67f62da25df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:52 GMT
x-amz-version-id
MQESprc7J4qwbx4kMNk5EZuWsrbCklZS
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
11252869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"298e2502ee45b07e2fa73dcd5b343efa"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
NoQb4hJq4K6gAPGop3dLTt8DLIIX1alZd6I2zqZgZ18siPtYiHT-Yw==
legal-b8af29dc41dc174d.js
cdn.shopnow.us/landing/_next/static/chunks/pages/
6 KB
0
Script
General
Full URL
https://cdn.shopnow.us/landing/_next/static/chunks/pages/legal-b8af29dc41dc174d.js
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6d60496122616e537987cea169cbf7eab4f2c0f39cf6c3922d6c1095bb64c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Dec 2023 04:35:52 GMT
x-amz-version-id
awZs712lZM3g6Cj098vP_ACxcM3rcpnz
content-encoding
br
x-content-type-options
nosniff
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
11252869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"af7b3920926e9d5b7eddbb8bcd5e46d6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
LNA_yfglOZcse_tTc8qlvOPK-7c1sBL2-Rn8JKvxOSo_k4F_radxqQ==
c0d8b965b12c4182.css
cdn.shopnow.us/landing/_next/static/css/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.shopnow.us/landing/_next/static/css/c0d8b965b12c4182.css
Requested by
Host: cdn.shopnow.us
URL: https://cdn.shopnow.us/landing/_next/static/chunks/main-9a72db714f5fe4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9da0bf042628b640368cd7ea0904ef8dd09de199c6537d8a8c021c337cb7f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jan 2024 16:22:36 GMT
x-amz-version-id
Vc2bXXVFuNTuocDDeHFbX_Ds6vxO_t9.
content-encoding
br
x-content-type-options
nosniff
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
age
9568865
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 16 Dec 2023 03:40:13 GMT
server
AmazonS3
etag
W/"bf2e7f22f94ccbef3de801cea7e7fd75"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
86LvTxB9OBlWn0svMzRn9n25-OSDwFcb40rZn3yIUr4YlWzSmP1rgA==
pptm.js
www.paypal.com/tagmanager/
12 KB
5 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=superpowerful-flashlight.gainsmy.com&t=xo&v=5.0.434&source=payments_sdk&client_id=AUmO9kfvOfCiPdNMlZXyzAbH1Ncn5_m7xCJC6IC4IMpNWwrD5lNhl0GD6MfGkjCoVrVacKUUUmj8E8e1&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUmO9kfvOfCiPdNMlZXyzAbH1Ncn5_m7xCJC6IC4IMpNWwrD5lNhl0GD6MfGkjCoVrVacKUUUmj8E8e1&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB1) /
Resource Hash
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EzYqmEF8+RfCDvyZ9Hvl0OcNemIyK0g0yJrSBVizIDxKoRRS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EzYqmEF8+RfCDvyZ9Hvl0OcNemIyK0g0yJrSBVizIDxKoRRS' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0b9931b243390
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CB1)
traceparent
00-00000000000000000000b9931b243390-17e87bc895efa3d3-01
etag
W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
buttons
www.paypal.com/smart/ Frame EC8D
0
0
Document
General
Full URL
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_fa09c64026_mta6mjm6nda&buttonSize=large&clientID=AUmO9kfvOfCiPdNMlZXyzAbH1Ncn5_m7xCJC6IC4IMpNWwrD5lNhl0GD6MfGkjCoVrVacKUUUmj8E8e1&clientMetadataID=uid_28c1ffb344_mta6mjm6nda&commit=true&components.0=buttons&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.lang=en&locale.country=US&platform=desktop&renderedButtons.0=paypal&sessionID=uid_28c1ffb344_mta6mjm6nda&sdkCorrelationID=f2445585f73d5&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVVtTzlrZnZPZkNpUGROTWxaWHl6QWJIMU5jbjVfbTd4Q0pDNklDNElNcE5Xd3JENWxOaGwwR0Q2TWZHa2pDb1ZyVmFjS1VVVW1qOEU4ZTEmbG9jYWxlPWVuX1VTIiwiYXR0cnMiOnsiZGF0YS1zZGstaW50ZWdyYXRpb24tc291cmNlIjoicmVhY3QtcGF5cGFsLWpzIiwiZGF0YS11aWQiOiJ1aWRfZmhidnRkeG51eWt1bmZidHhyaHRxa2tzdWNvZ2p4In19&sdkVersion=5.0.434&storageID=uid_ba48a0a26f_mta6mjm6nda&supportedNativeBrowser=false&supportsPopups=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUmO9kfvOfCiPdNMlZXyzAbH1Ncn5_m7xCJC6IC4IMpNWwrD5lNhl0GD6MfGkjCoVrVacKUUUmj8E8e1&locale=en_US
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9A) /
Resource Hash
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://superpowerful-flashlight.gainsmy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 10:23:40 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"69ba9-I6t7Nn1d+TdjWbFvvTYnpQ9dJ+s"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
043b95a322789
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4C9A)
server-timing
traceparent;desc="00-0000000000000000000043b95a322789-90f848b9ac17e036-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000043b95a322789-848a9d65b114d97d-01
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 1997
3 KB
1 KB
Image
General
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBA) /
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
e0953c7feefe8
dc
ccg11-origin-www-1.paypal.com
content-length
1207
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (frc/4CBA)
traceparent
00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 24 Apr 2024 11:23:40 GMT
838044551063881
connect.facebook.net/signals/config/
56 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/838044551063881?v=2.9.154&r=stable&domain=superpowerful-flashlight.gainsmy.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3283f27f24f93583d1c2b935feee132883f09043a97a5ad6be9c68b0aa01008
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 10:23:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=11, c=40, mss=1294, tbw=63202, tp=-1, tpl=-1, uplat=58, ullat=0
pragma
public
x-fb-debug
S95kPInD6wTjtfRbXe3jmWJ8BUByXbRr/hjk2CAp8pUbqcUgenEvrfH6wZIuvpkm8sjZ38BFMbfjUT4pjfDoOg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ts
t.paypal.com/
42 B
272 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Gainsmy%20-%20%E2%9C%A8German%20Three-eyed%20Monster%20Mini%20Flash%20Super%20Power%20Flashlight%F0%9F%8E%89&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1713954220854&g=-120&completeurl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 10:23:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
72691c61e0204
server
ECAcc (frc/4CC5)
traceparent
00-000000000000000000072691c61e0204-902903e3ee69b4eb-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
72691c61e0204
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Wed, 24 Apr 2024 10:23:40 GMT
1312645606309007
connect.facebook.net/signals/config/
20 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1312645606309007?v=2.9.154&r=stable&domain=superpowerful-flashlight.gainsmy.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
b84440a19ab5b59dc6b66092026172ce5bd525902d3a4a28bc56e7e0fc2c477f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 10:23:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4320, tp=9, tpl=0, uplat=55, ullat=0
pragma
public
x-fb-debug
+Q4J80GNbt7pl+qWDG2ClzNqylS3rdwLMAR9cytMe0RHQO3L3UYo4JNpPXtyPFCCZq4EtOBJJ9x9dsjHJjEibw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
23964715969842614
connect.facebook.net/signals/config/
20 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/23964715969842614?v=2.9.154&r=stable&domain=superpowerful-flashlight.gainsmy.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
68a5b4cf3ecf02f11c415a88139af056046220ecb335378fc750b91e59fec7e6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=27, mss=1232, tbw=9376, tp=15, tpl=0, uplat=77, ullat=0
pragma
public
x-fb-debug
GdllXnQtAtJNgE/sH6FKyHwKeh1lkKfy2epp0YFmRU8l9IlAILeUrBSDsEjXJChVlMi2yNYH9j5SV5ivrxN0jg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=838044551063881&ev=ViewContent&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&rl=&if=false&ts=1713954221083&cd[currency]=USD&cd[content_ids]=%5B5478%5D&cd[content_type]=product&cd[num_items]=1&cd[value]=17.99&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713954221082.1214597124&ler=empty&cdl=API_unavailable&it=1713954220646&coo=false&rqm=GET
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=3187, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1312645606309007&ev=ViewContent&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&rl=&if=false&ts=1713954221084&cd[currency]=USD&cd[content_ids]=%5B5478%5D&cd[content_type]=product&cd[num_items]=1&cd[value]=17.99&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713954221082.1214597124&ler=empty&cdl=API_unavailable&it=1713954220646&coo=false&rqm=GET
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=2877, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=23964715969842614&ev=ViewContent&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&rl=&if=false&ts=1713954221084&cd[currency]=USD&cd[content_ids]=%5B5478%5D&cd[content_type]=product&cd[num_items]=1&cd[value]=17.99&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713954221082.1214597124&ler=empty&cdl=API_unavailable&it=1713954220646&coo=false&rqm=GET
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=3187, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=838044551063881&ev=PageView&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&rl=&if=false&ts=1713954221085&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713954221082.1214597124&ler=empty&cdl=API_unavailable&it=1713954220646&coo=false&rqm=GET
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=2877, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
103 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1312645606309007&ev=PageView&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&rl=&if=false&ts=1713954221086&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713954221082.1214597124&ler=empty&cdl=API_unavailable&it=1713954220646&coo=false&rqm=GET
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=3187, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=23964715969842614&ev=PageView&dl=https%3A%2F%2Fsuperpowerful-flashlight.gainsmy.com%2F&rl=&if=false&ts=1713954221087&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713954221082.1214597124&ler=empty&cdl=API_unavailable&it=1713954220646&coo=false&rqm=GET
Requested by
Host: superpowerful-flashlight.gainsmy.com
URL: https://superpowerful-flashlight.gainsmy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=3187, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 10:23:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
d2913d3a-1a39-4ef5-b351-c02d0a78fd57.png
cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/
72 KB
72 KB
Other
General
Full URL
https://cdn.shopnow.us/files/75fc093c0ee742f6dddaa13fff98f104/d2913d3a-1a39-4ef5-b351-c02d0a78fd57.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5600:11:4a51:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ecd2d26c25cef7ea4e8fc2a558185ac215d3737f9183a28ecec229f8d186582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://superpowerful-flashlight.gainsmy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 10:23:42 GMT
x-amz-version-id
ddMR_dO32wSEsh2KJdsBF83U4LdcAIzi
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
73505
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Apr 2024 03:49:59 GMT
server
AmazonS3
etag
"bb56422bf670fbaa04d71b5bad4a3d23"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
sfYSkGNfuHr0wNq0njOTlq-X9dpgqAM1tJpDgbsxosdRkbmKyoL3tw==

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| DOMPurify function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| pixelIds function| fbq function| _fbq object| gaIds function| gtag object| dataLayer string| previousEvent object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __post_robot_11_0_0___uid_fhbvtdxnuykunfbtxrhtqkksucogjx object| paypal object| __zoid_10_3_3___uid_fhbvtdxnuykunfbtxrhtqkksucogjx object| paypalDDL

9 Cookies

Domain/Path Name / Value
superpowerful-flashlight.gainsmy.com/ Name: LAST_PAGE_VIEW_CONTENT
Value: true
.gainsmy.com/ Name: _ga_ESMTRJTQBP
Value: GS1.1.1713954219.1.0.1713954219.0.0.0
.gainsmy.com/ Name: _ga
Value: GA1.1.852816456.1713954220
.gainsmy.com/ Name: _ga_4RVGMEP3JD
Value: GS1.1.1713954219.1.0.1713954219.0.0.0
.paypal.com/ Name: tsrce
Value: smartcomponentnodeweb
.paypal.com/ Name: l7_az
Value: dcg16.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1808562220%26vteXpYrS%3D1713956020%26vr%3D0fa1e9de18f0a5547090ffc2fd221fa6%26vt%3D0fa1e9de18f0a5547090ffc2fd221fa5%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D0fa1e9de18f0a5547090ffc2fd221fa6%26vt%3D0fa1e9de18f0a5547090ffc2fd221fa5
.gainsmy.com/ Name: _fbp
Value: fb.1.1713954221082.1214597124

17 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/838044551063881?v=2.9.154&r=stable&domain=superpowerful-flashlight.gainsmy.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://superpowerful-flashlight.gainsmy.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apie.shopnow.us
cdn.gettechcloud.com
cdn.shopnow.us
connect.facebook.net
region1.google-analytics.com
superpowerful-flashlight.gainsmy.com
t.paypal.com
www.facebook.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
157.240.252.13
192.229.221.25
2001:4860:4802:32::36
2600:9000:2761:5600:11:4a51:5340:93a1
2606:4700:4400::ac40:96c3
2a00:1450:4001:812::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.198.47.129
52.87.116.109
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
02b33eb99dc1090793b292bfef48c3889cc1efedac1a59140a04230f225da4ca
075bce2c9c7f41d7ff52853c0b446ccf1ecbba04761d55ede18f814c20196765
07d63c63474652bf552370826d756bfca0e8d9e7dfef5af3b315ec443f44f31a
09aa679195b949d31b410f5369a92776c6c56893b2c70f4d4b44668e5026b8b4
0d5936f1b1994f007a6c020fcaeaef76d9ebf789854376bbd36f3fef76cd1d34
0d64d900e26d1b95e4fadfa52afe9ec2da52d145232458a429a1a6d3a9759f23
1168e2fe07cbd674438975a9a994e09bf6f998ac0e485f3fc2800ed5735c09ab
11fcb41c5b010e72307a66a3b97dbfecf210f0a21d4202e2c47e176b5f399d61
160bbc9c30d6e89f270c572f0a942cba4b3c2c6d4e9db5140bab9bc7bb5f7929
1874270c59692603443b8ac5dcbd323754db609031f7787932626e216df518ef
189329d38a4398510b9706d1de97b0a99cf92fe3fe8657bf6f3dbce0173e4d8a
195bd290753fb0415a6e3927054f5c65790768fca157380e44cb1c6e20aa0b2f
19a1d76d60c9475920dddbb52136644e97addff18a96fe2beefac6953954a4d1
1a3ae10958b9db2861260d96ffe705cd09700b58361f2434aab9f67f62da25df
1c6e023636dc648d0fe2c8f7bed5c1fd6c46cc421bbec9db4d1ae92c3337f674
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
32720653d5ef94a8d3e880204d20a355ed277397b439f205cd27f8ad3f330575
33172918d37650a750239f1b07b5aefe1202927b2f3a45e4bf20b0e2a4cd20c3
34a3abbdf4c5eb0154aaa8f0360f08d711fd07325167c78c9056b91dcc2ad752
35eff9a4c11b71c6a22de793f01a81d40a0b032892d92fabdbb2b192c98ca760
381e30e30a05b391cd7a5ab36bb086d3c5a8875f62684033cb37289d833c77dc
393581897d7e8a2e01557d9aa3b702b1ece83cd3fb25ff145452e2ce23e4572d
39c7bb1919e6d2d93d8af1c8523042595e9ab953e8351346554b95ec8f6da642
3c3b4a51d92abd818863b284c049c90493dbd6e43b25c0fd3af201f2eb63f6d2
3c570e6ee6e4229e0188bfdaf86b23fca64c85f6415faaa2b70df4d1e8e449df
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444e760caac060a0ad8efd43ebce871464603e8fe854311f8989cda3c2a08679
45033fcbc26062ba5295f72d13c203abeef97ec69598ff658684908a831a741d
560c1f66f6dd073130ee5bdb3315df177b6f2127cf6a9227286faf4e4e2806c9
572f0b4fb134d4a16a01b562c66f7404eb2215f8af6846701329592337b9caa6
5a4862c2e56568021b5eba81a96fc8df79b5a2a212b8e0b9b58a5bbdff61f69d
5a941af092992667022afaad09f63017ede9a1ff9ba5f98c81c1593d14cfcde6
5c7764e0e71644d4194126e2f01bb651e8698682763b4e89432560bb5ca48e1a
63bdb465c87abd21d5c600f1ab79d964237ded875b5f03c038228e9098bde011
68a5b4cf3ecf02f11c415a88139af056046220ecb335378fc750b91e59fec7e6
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
81238941af336f8eb3b505d08fade8c9511d9a8047ef127632a237fb5fb05a88
83995248233341589d4f6d99f20d992584e26d5b2c5e66fbb4f995cbb50981e5
84c99f274a6d16588e992e81f3f0a06263f6bde3fdb0785ebe303631d7fb3cf0
857475957a508b6c33ddc9ef04cf3131fc5e24cc06efd5e93697074b6695ec87
87f4095cf39c7afc6ba2c29a618c836ef9a776a128e49f054eeb69af1bcc291b
8897300fe697970474eb1705824c495be01adc7357f9207644d8ddf5a391d2fe
8e7d1b041c75c1356235e6a0079c1800f2eb5af838b01a6311b3e45f6039762a
8f47e608e1bf12ae2431d8832bea09b4a5da468be14d4f54fa3f1a33c74e339c
9136238f4b9e30c4c69fdf41abf764aa767e5be824d4db5374c0d39b6b2381eb
9145d8a75a159d1648a2d15fffbb4c6c18cadc00adc877f6435db17679841dbf
91605ffbe16631d72fc97e330320139217f26405d8abb7051ed272e8417c8f42
94cb829a2805467920e227d8336697d2bb68ab0e92ce79f2e9925fdbdda8140c
95bc43bc01db73672ea7291a27fb89ee5fb0278daf9c4230c9ce2a34b69a94a3
967223f8613b40f8a0894c1417181d93145ff7b6603cae45dc9bd80517674069
9d7367ddb7cdba777853fffe24361889ee31c561f3f7a79a779fb8a2800087f8
9ecd2d26c25cef7ea4e8fc2a558185ac215d3737f9183a28ecec229f8d186582
9ef455aeb6cf0f68e73c85dae42fa4ca553050980ef019d3646125d16eb89a89
a012e87a9a805de51fce391c277ed48b24f745160445148b9a8ddac6d4ec33ab
a66fde5a08c37eebac3ec43cf0e783e16c3760c2bbcd77a02b8a7dd229074e39
a68cd6c0987ce3cd0b88ccc6b3b9645cc5f87d7f637e1975fd223b56d5e5f920
a6d60496122616e537987cea169cbf7eab4f2c0f39cf6c3922d6c1095bb64c88
a7d379d31dd517198d442430c50220ff290cc36b50d76ad3864e2c41891146ea
a887335ccf6d96b49e7a87f2de61b7f13aca7f3be28b42bf1b194ae5d9b0a074
a9da0bf042628b640368cd7ea0904ef8dd09de199c6537d8a8c021c337cb7f81
b0f71b458351a833b79ea64ff3ec59810fc970c71e4a4c62d46bee82f7fc9e84
b173cf41f0e7b45d541a78adb1a05b55f308e9306683fd27f35f29832b6debeb
b190696df4c19c9238ce7c3e09129ffeaf203ea6ae64443d6f9edc6be6c32c61
b248eb0f90582cdd4b42948d84311191d89bc8126484d7f98508efd87ca118f4
b781700d09e384f8ab9e4a36c2da44dc7865ea1b23e523d9136e3c7c3d2de35e
b84440a19ab5b59dc6b66092026172ce5bd525902d3a4a28bc56e7e0fc2c477f
b853253679e6179a96019a0baba0093568a6063b2e8b71538a0818dc6c32bf39
b8db4dc18a1abfff8b3e80055b370e6a9ac3236ddc14990176b3342f4c24c96e
bd193f25416c4d4c0690650681e6a93e23bdb01509e8e8f23cd136304a7ed659
bd69929230259d8730cf784ea47e89b3d78745f8e8ce593a311fda537bcf8815
bea865f05a0025a09e18dd134420f36d2fc48b6cc97e9603cf5563b31f89fdfb
c3283f27f24f93583d1c2b935feee132883f09043a97a5ad6be9c68b0aa01008
c60f6b81dbd46b2cf6f90b54880be1f7a5d50eea75324e3ac7f20c88a0b3a83e
c6d93d328de2f54d8ffb3154ec3c5d2aa392522a7e3ff6e14e6433b88f920dc0
ca719182b8ac9eeb7bcc5c7661ec4c2cad45138384a632c572ac2b0613d40081
d41cd65a0c70ce2bb02a8e76e7c464aba610751304ac740534b28a7376dc88e7
db1df2a3942ce6e667f64eee2bb9f20ece8cd4ad895e35b984bae4ebf6259307
e007df7b3bd3f31dcf1fa00bb7ebb5e8195f1d52dd082aee8efaf61a3b4e7dd0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1602f8882a289721d4f17ec1d60d3fdd3316de37e7d79feb71819170a2d60
e5a8ee026b06bad55d81c3ef84efa2e2ff0c3e683ea13ec7e2d9beafb0b7070a
e857d4f439327c0d49a789e2a9c2b6885b5662a7983b788c65968b4285a01370
e8626ceccb87fecda787f19eb4b569aa72ac8621106d0a6faea4968d6399f50e
e89c29cd501a61e2daa603852e284a8716c7cb9bd55eb749ac35562a72564653
ee2aea7e201d86e2d800ea2c8e09d4ad11db4398f98b8c284caddcb232986ce6
ef621edf7ff201cde4fcbb794d9f2a224d70e3de8c8fd449cb5fe7e70eb0bb6d
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
f5c113a9d6fad4fa0c5cf3dd3af79ac4e9bafcb57e5dee3f783a97b321390f8d
f9a01b681e5c4a84420c3d3ccdd24b00c459dcd3d08de1f029cd5e85dc875470