cpcontacts.secured-wellsconnect01.duckdns.org Open in urlscan Pro
68.183.147.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cpcontacts.secured-wellsconnect01.duckdns.org/
Submission: On September 07 via automatic, source certstream-suspicious (September 7th 2020, 7:41:35 pm UTC)

Summary HTTP 149 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 38 domains to perform 149 HTTP transactions. The main IP is 68.183.147.206, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is cpcontacts.secured-wellsconnect01.duckdns.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 7th 2020. Valid for: 3 months.

This is the only time cpcontacts.secured-wellsconnect01.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	68.183.147.206 68.183.147.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.193.9.51 34.193.9.51	14618 (AMAZON-AES) (AMAZON-AES)
31	2a04:4e42:1b:... 2a04:4e42:1b::268	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.216.216.242 3.216.216.242	14618 (AMAZON-AES) (AMAZON-AES)
6	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	34.192.56.227 34.192.56.227	14618 (AMAZON-AES) (AMAZON-AES)
1 7	35.185.69.233 35.185.69.233	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
3	35.165.191.202 35.165.191.202	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
5	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
7 14	176.34.132.203 176.34.132.203	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.201.87 143.204.201.87	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2 2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2	52.7.90.251 52.7.90.251	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
3	143.204.201.33 143.204.201.33	16509 (AMAZON-02) (AMAZON-02)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.201.5 143.204.201.5	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.201.75 143.204.201.75	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:ee00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:e400:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.195.28.127 18.195.28.127	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:303... 2606:4700:3036::ac43:8404	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	3.216.5.142 3.216.5.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3032::ac43:b1d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
149	46

10 68.183.147.206 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: upestuass.com

cpcontacts.secured-wellsconnect01.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.upestuass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.9.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-9-51.compute-1.amazonaws.com

obscure-escarpment-2240.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a04:4e42:1b::268 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.216.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-216-242.compute-1.amazonaws.com

www.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn-stamped-io.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.56.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-56-227.compute-1.amazonaws.com

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.185.69.233 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 233.69.185.35.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.165.191.202 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-191-202.us-west-2.compute.amazonaws.com

stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 176.34.132.203 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

shopify.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-87.fra53.r.cloudfront.net

cdn.getcarro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom) 2 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.90.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-90-251.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.201.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-33.fra53.r.cloudfront.net

sdk.vyrl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

joyfulmoose.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-5.fra53.r.cloudfront.net

cdn-bacon.getcarro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.75 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-75.fra53.r.cloudfront.net

api.vyrl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ee00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:e400:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.28.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-28-127.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8404 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

privymktg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.5.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-5-142.compute-1.amazonaws.com

bacon.getcarro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b1d1 (United States)

ASN13335 (CLOUDFLARENET, US)

members.shoptimized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	shopify.com 1 redirects cdn.shopify.com pay.shopify.com	742 KB
16	prfct.co 7 redirects pixel-geo.prfct.co pixel.prfct.co	7 KB
10	facebook.com www.facebook.com	1 KB
9	duckdns.org 1 redirects cpcontacts.secured-wellsconnect01.duckdns.org	41 KB
7	stamped.io cdn1.stamped.io stamped.io	65 KB
6	facebook.net connect.facebook.net	495 KB
6	gstatic.com fonts.gstatic.com	76 KB
6	zdassets.com static.zdassets.com ekr.zdassets.com	472 KB
5	privy.com shopify.privy.com events.privy.com api.privy.com assets.privy.com	262 KB
5	pinterest.com ct.pinterest.com	1 KB
5	google-analytics.com www.google-analytics.com google-analytics.com	19 KB
5	shopifysvc.com monorail-edge.shopifysvc.com	2 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	36 KB
4	vyrl.co sdk.vyrl.co api.vyrl.co	30 KB
4	adnxs.com 1 redirects secure.adnxs.com	4 KB
4	getcarro.com cdn.getcarro.com cdn-bacon.getcarro.com bacon.getcarro.com	17 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	perfectaudience.com tag.perfectaudience.com	12 KB
3	cloudflare.com cdnjs.cloudflare.com	10 KB
2	privymktg.com 2 redirects privymktg.com	901 B
2	sharethis.com platform-api.sharethis.com l.sharethis.com	31 KB
2	zendesk.com joyfulmoose.zendesk.com	1 KB
2	openx.net 1 redirects us-u.openx.net	471 B
2	yahoo.com 2 redirects ads.yahoo.com	702 B
2	googleadservices.com www.googleadservices.com	13 KB
2	pinimg.com s.pinimg.com	18 KB
2	azureedge.net cdn-stamped-io.azureedge.net	38 KB
2	klaviyo.com www.klaviyo.com a.klaviyo.com	10 KB
1	shoptimized.net members.shoptimized.net	694 B
1	consensu.org c.sharethis.mgr.consensu.org
1	rubiconproject.com pixel.rubiconproject.com	765 B
1	twitter.com analytics.twitter.com	573 B
1	upestuass.com www.upestuass.com	2 KB
1	google.de www.google.de	107 B
1	google.com 1 redirects www.google.com	557 B
1	shop.app shop.app	820 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	herokuapp.com obscure-escarpment-2240.herokuapp.com	5 KB
149	38

	Domain	Requested by
31	cdn.shopify.com	cpcontacts.secured-wellsconnect01.duckdns.org cdn.shopify.com
14	pixel-geo.prfct.co	7 redirects cpcontacts.secured-wellsconnect01.duckdns.org tag.perfectaudience.com
10	www.facebook.com	cpcontacts.secured-wellsconnect01.duckdns.org connect.facebook.net tag.perfectaudience.com
9	cpcontacts.secured-wellsconnect01.duckdns.org	1 redirects cdn.shopify.com www.upestuass.com cpcontacts.secured-wellsconnect01.duckdns.org
6	connect.facebook.net	cdn.shopify.com connect.facebook.net
6	fonts.gstatic.com	fonts.googleapis.com
5	ct.pinterest.com	cdn.shopify.com cpcontacts.secured-wellsconnect01.duckdns.org
5	monorail-edge.shopifysvc.com	cdn.shopify.com
5	static.zdassets.com	cpcontacts.secured-wellsconnect01.duckdns.org static.zdassets.com
4	secure.adnxs.com	1 redirects tag.perfectaudience.com
4	cdn1.stamped.io	cdn-stamped-io.azureedge.net cpcontacts.secured-wellsconnect01.duckdns.org cdn1.stamped.io
4	fonts.googleapis.com	cpcontacts.secured-wellsconnect01.duckdns.org cdn.shopify.com
3	sdk.vyrl.co	cdn.getcarro.com sdk.vyrl.co
3	stamped.io	cdn.shopify.com
3	tag.perfectaudience.com	cpcontacts.secured-wellsconnect01.duckdns.org
3	www.google-analytics.com	cdn.shopify.com cpcontacts.secured-wellsconnect01.duckdns.org
3	cdnjs.cloudflare.com	cpcontacts.secured-wellsconnect01.duckdns.org www.klaviyo.com
2	google-analytics.com
2	privymktg.com	2 redirects
2	events.privy.com	cdn.shopify.com
2	cdn-bacon.getcarro.com	sdk.vyrl.co cdn-bacon.getcarro.com
2	joyfulmoose.zendesk.com	cdn.shopify.com static.zdassets.com
2	us-u.openx.net	1 redirects
2	pixel.prfct.co
2	ads.yahoo.com	2 redirects
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	s.pinimg.com	cdn.shopify.com s.pinimg.com
2	cdn-stamped-io.azureedge.net	cpcontacts.secured-wellsconnect01.duckdns.org
1	members.shoptimized.net	cdn.shopify.com
1	bacon.getcarro.com	cdn.shopify.com
1	ajax.googleapis.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	assets.privy.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	l.sharethis.com	cdn.shopify.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	platform-api.sharethis.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	api.vyrl.co	cdn.shopify.com
1	api.privy.com	cdn.shopify.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com
1	analytics.twitter.com
1	cdn.getcarro.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	shopify.privy.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	www.upestuass.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	www.google.de	cpcontacts.secured-wellsconnect01.duckdns.org
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	cdn.shopify.com
1	shop.app	cpcontacts.secured-wellsconnect01.duckdns.org
1	pay.shopify.com	1 redirects
1	ekr.zdassets.com	cdn.shopify.com
1	www.googletagmanager.com	cdn.shopify.com
1	a.klaviyo.com	www.klaviyo.com
1	www.klaviyo.com	cpcontacts.secured-wellsconnect01.duckdns.org
1	obscure-escarpment-2240.herokuapp.com	cpcontacts.secured-wellsconnect01.duckdns.org
149	54

This site contains links to these domains. Also see Links.

Domain
joyfulmoose.etsy.com
www.amazon.com
affiliates.www.upestuass.com
www.facebook.com
www.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
cpcontacts.secured-wellsconnect01.duckdns.org Let's Encrypt Authority X3	`2020-09-07` - `2020-12-06`	3 months	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2020-06-15` - `2021-07-07`	a year	crt.sh
shopify.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-10` - `2021-04-18`	10 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
klaviyo.com Amazon	`2020-08-09` - `2021-09-08`	a year	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
*.azureedge.net Microsoft IT TLS CA 4	`2020-06-25` - `2022-06-25`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
a.klaviyo.com Amazon	`2019-10-21` - `2020-11-21`	a year	crt.sh
monorail-edge.shopifysvc.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
b2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-03` - `2021-08-15`	a year	crt.sh
shop.app Let's Encrypt Authority X3	`2020-08-22` - `2020-11-20`	3 months	crt.sh
cdn1.stamped.io DigiCert SHA2 Secure Server CA	`2020-07-27` - `2021-07-27`	a year	crt.sh
Stamped.io Sectigo RSA Domain Validation Secure Server CA	`2020-05-19` - `2022-08-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
www.upestuass.com Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
*.getcarro.com Amazon	`2020-02-22` - `2021-03-22`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.vyrl.co Amazon	`2019-09-27` - `2020-10-27`	a year	crt.sh
joyfulmoose.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Frame ID: 64AF61D2EEEDC13773552AD6379FA03C
Requests: 139 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3216a3c421456c%26domain%3Dcpcontacts.secured-wellsconnect01.duckdns.org%26origin%3Dhttps%253A%252F%252Fcpcontacts.secured-wellsconnect01.duckdns.org%252Ff3090250525fa7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fjoyfulmoose&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small
Frame ID: 0B731D68537AF074602ABFE2123FA0A3
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.8d2c9052edfb1b77cfbe.js
Frame ID: 84EE233A9813AD3A32F8244DF990563B
Requests: 5 HTTP requests in this frame

Frame: https://cdn-bacon.getcarro.com/deviceStorage.html?https://cpcontacts.secured-wellsconnect01.duckdns.org
Frame ID: D82DFEB0709368CEA56B0AACF77E5424
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 850D73E54E6DBB5900EB0AA24C0AF02E
Requests: 1 HTTP requests in this frame

Frame: https://sdk.vyrl.co/checkToken.html?localOrigin=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org
Frame ID: CF667B17B513A5BE35D080B446C98817
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

html /<link[^>]+=['"]\/\/cdn\.shopify\.com/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

149
Requests

99 %
HTTPS

53 %
IPv6

38
Domains

54
Subdomains

46
IPs

7
Countries

2444 kB
Transfer

8933 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://joyfulmoose.etsy.com/
Title: Our Etsy Shop

Search URL Search Domain Scan URL

URL: https://www.amazon.com/handmade/joyfulmoose
Title: Our Amazon Shop

Search URL Search Domain Scan URL

URL: http://affiliates.www.upestuass.com/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://www.facebook.com/joyfulmoose

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/joyfulmoose

Search URL Search Domain Scan URL

URL: https://www.instagram.com/joyfulmooseshop/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://pay.shopify.com/session?v=1 HTTP 302
https://shop.app/pay/session

Request Chain 70

https://pixel-geo.prfct.co/tagjs?a_id=125346&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=125346&source=js_tag

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DNapkin%20Holders%20%E2%80%93%20Joyful%20Moose&frm=0&url=https://cpcontacts.secured-wellsconnect01.duckdns.org/&tiba=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=34xWX630ILnL7_UP3MS86As&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DNapkin%20Holders%20%E2%80%93%20Joyful%20Moose&frm=0&url=https://cpcontacts.secured-wellsconnect01.duckdns.org/&tiba=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=34xWX630ILnL7_UP3MS86As&random=1642648589&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DNapkin%20Holders%20%E2%80%93%20Joyful%20Moose&frm=0&url=https://cpcontacts.secured-wellsconnect01.duckdns.org/&tiba=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=34xWX630ILnL7_UP3MS86As&random=1642648589&resp=GooglemKTybQhCsO&ipr=y

Request Chain 85

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_edJ3kWg7unud6eObl

Request Chain 86

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_edJ3kWg7unud6eObl&sigv=1&esig=2~1fa2503db9fb06bd3ac014f8f068ee309cb60371 HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl

Request Chain 87

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_edJ3kWg7unud6eObl HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_edJ3kWg7unud6eObl

Request Chain 88

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_edJ3kWg7unud6eObl

Request Chain 89

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZWRKM2tXZzd1bnVkNmVPYmw HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 92

https://secure.adnxs.com/seg?t=2&add=23589816 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23589816

Request Chain 125

https://privymktg.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&tid=UA-20331028-1&t=pageview&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=6047284579685064 HTTP 302
https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&tid=UA-20331028-1&t=pageview&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=6047284579685064

Request Chain 128

https://privymktg.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&cd2=446218&cd5=signup&cd6=widget&tid=UA-20331028-1&t=event&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ni=true&ea=viewed-tab&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=1333317475152649 HTTP 302
https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&cd2=446218&cd5=signup&cd6=widget&tid=UA-20331028-1&t=event&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ni=true&ea=viewed-tab&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=1333317475152649

Request Chain 135

https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/x?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&ld_fp=445006243&ld_t=01565117-13bb-4fd3-f89a-2a1c8c2f073c&ts=1599507680840 HTTP 302
https://cpcontacts.secured-wellsconnect01.duckdns.org/x?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&ld_fp=445006243

Request Chain 143

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_edJ3kWg7unud6eObl&sigv=1&esig=2~1fa2503db9fb06bd3ac014f8f068ee309cb60371 HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl

149 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
cpcontacts.secured-wellsconnect01.duckdns.org/ 126 KB
28 KB 600ms
213ms Document
text/html 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

5c9eb5c4cd764ac941deba666ab71c72e51f02e841d7b29f8f6f1a689f7a6f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: cpcontacts.secured-wellsconnect01.duckdns.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Sep 2020 19:37:37 GMT
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Server: nginx
Set-Cookie: _landing_page=%2Fcollections%2Fnapkin-holders; Expires=Mon, 21-Sep-20 19:37:36 GMT; Domain=www.upestuass.com; Path=/; HttpOnly
Vary: Accept
X-Alternate-Cache-Key: cacheable:b5afe678f8c755957701526cf8aae620
X-Cache: hit, server
X-Content-Type-Options: nosniff
X-Dc: gcp-us-east1,gke
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: d49f3d81-4f75-47b7-bdd6-260eca134fe7
X-Shardid: 60
X-Shopid: 13493231
X-Shopify-Stage: production
X-Sorting-Hat-Podid: 60
X-Sorting-Hat-Shopid: 13493231
X-Storefront-Renderer-Rendered: 1
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

GET
H/1.1 200
OK bcpo-front.css
obscure-escarpment-2240.herokuapp.com/stylesheets/ 23 KB
5 KB 488ms
125ms Stylesheet
text/css 34.193.9.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obscure-escarpment-2240.herokuapp.com/stylesheets/bcpo-front.css
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.9.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-9-51.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 58492c9e47b0e5f135ef89c4a05495fd6166776e82bbc89bca59179f766027bf

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:18 GMT
Content-Encoding: gzip
Etag: W/"5d0a-17469185f18"
Last-Modified: Mon, 07 Sep 2020 15:03:59 GMT
Server: Cowboy
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 jquery.min.js Show response
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 336 KB
106 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/jquery.min.js?v=13378561539765400360

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

db5ca408b0a0f7192f70699d7aab80dd90b2f24b9ad9050504ad14b243d8e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-49,segment4-12780,revision-f2cfcbf73b00e38804ab90456e2f298184611955,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-jquery-min-js,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 108152
x-xss-protection: 1; mode=block
x-request-id: f3b0afa1c586119ff5ad60f1107f8571f171807cc47fc3b755545e10d5cfe229
x-served-by: cache-lga21982-LGA, cache-hhn4041-HHN
last-modified: Wed, 11 Dec 2019 12:14:32 GMT
server: cache-hhn4041-HHN
x-timer: S1599507678.381259,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 22 Aug 2021 12:56:50 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/jquery.min.js>; rel="canonical"
x-cache-hits: 1, 13

GET
H2 200 app.js Show response
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 971 KB
245 KB 13ms
11ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/app.js?v=560036717691999458

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

ee665d0b545431913b963b0ac3d2ed18b936f6c6ba0e55c111efe8e7763a0c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-206,segment4-52822,revision-8445176788fdfde6e33e1f125fa38594914e9dd2,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-app-js,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 250249
x-xss-protection: 1; mode=block
x-request-id: b9b1c5e724177954836b00979d272eaecebca9140a638b7541473ddec8648dcf
x-served-by: cache-lga21943-LGA, cache-hhn4041-HHN
last-modified: Tue, 17 Dec 2019 16:46:01 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.937076,VS0,VE2
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 09 Aug 2021 17:31:23 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/app.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 css
fonts.googleapis.com/ 3 KB
597 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae4a8ab23dfa787bbcbc478d7dce500c81f03e54ba9b1584fb462a64cf14da3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 19:41:18 GMT
server: ESF
date: Mon, 07 Sep 2020 19:41:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Sep 2020 19:41:18 GMT

GET
H2 200 5f5436f8835ef.concat.min.css
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 688 KB
119 KB 12ms
11ms Stylesheet
text/css 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/5f5436f8835ef.concat.min.css?v=12527381191837174294

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

26da681710f792eca20ac7b81bd3efb7c11ad6cd9acbed9d53e0d308c7afed36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-text/css,source-ShopAssetsBackend,segment2-44,segment4-11517,revision-59b5cbe8d8543f9b59d2e92e97c69af2beb38082,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-5f5436f8835ef-concat-min-css,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 121667
x-xss-protection: 1; mode=block
x-request-id: 433fc0daaa20d4d9da8a8ae7bbe0f27a11dcc1719ad8016395d0e7211c472024
x-served-by: cache-lga21983-LGA, cache-hhn4041-HHN
last-modified: Sun, 06 Sep 2020 01:10:18 GMT
server: cache-hhn4041-HHN
x-timer: S1599507678.381107,VS0,VE2
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Mon, 06 Sep 2021 01:37:01 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/5f5436f8835ef.concat.min.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b.js Show response
cdn.shopify.com/s/assets/storefront/ 9 KB
4 KB 10ms
7ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/assets/storefront/load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4035-HHN /

Resource Hash

ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-202,segment4-51758,revision-382e715c5b9fe5619ea8ffcbc9f3d2c18ce18cb0,cdn-shopify-com-s-assets-storefront-load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b-js
status: 200
x-cache: HIT, HIT
content-length: 3060
x-xss-protection: 1; mode=block
x-request-id: 55fbcf594d8d91349ad3eb0f93247bf17a36515c8a5043ac385bbc465aad0089
x-served-by: cache-lga21942-LGA, cache-hhn4035-HHN
last-modified: Wed, 19 Aug 2020 16:00:15 GMT
server: cache-hhn4035-HHN
x-timer: S1599507679.936707,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 25 Aug 2021 13:58:47 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/storefront/load_feature-ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b.js>; rel="canonical"
x-cache-hits: 1, 723121

GET
H2 200 storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js Show response
cdn.shopify.com/s/assets/shopify_pay/ 31 KB
11 KB 11ms
9ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/assets/shopify_pay/storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js?v=20190107

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4035-HHN /

Resource Hash

21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-url: /s/assets/shopify_pay/storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js?v=20190107
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-115,segment4-29613,revision-d192b777d6138201b7511ce61c2702224ab68c2e,cdn-shopify-com-s-assets-shopify_pay-storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad-js
status: 200
x-cache: HIT, HIT
content-length: 11082
x-xss-protection: 1; mode=block
x-request-id: a8e38220512959fc21346adb5c4ad929c361c38b8daebcdc291007db98c39e7c
x-served-by: cache-lga21963-LGA, cache-hhn4035-HHN
last-modified: Tue, 12 May 2020 18:33:42 GMT
server: cache-hhn4035-HHN
x-timer: S1599507679.937120,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/shopify_pay/storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js>; rel="canonical"
x-cache-hits: 745932, 509841

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/s/assets/storefront/ 37 KB
13 KB 10ms
8ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4035-HHN /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-url: /s/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-246,segment4-63090,revision-d192b777d6138201b7511ce61c2702224ab68c2e,cdn-shopify-com-s-assets-storefront-features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae-js
status: 200
x-cache: HIT, HIT
content-length: 12815
x-xss-protection: 1; mode=block
x-request-id: a5770f96736037ed151c0785402d2ae78444ca523242bbf32e2d65ed4e6254d5
x-served-by: cache-lga21981-LGA, cache-hhn4035-HHN
last-modified: Tue, 12 May 2020 18:33:42 GMT
server: cache-hhn4035-HHN
x-timer: S1599507679.936646,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 418285, 1239734

GET
H2 200 bold-upsell.css
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 19 KB
4 KB 8ms
7ms Stylesheet
text/css 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/bold-upsell.css?v=7243191231560877619

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

748ccc4b37109bc4a06abcfc9d27c3734b75f4f9b5cd73ddc2e5cb1207c97a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-text/css,source-GcsShopAssetsBackend,segment2-53,segment4-13662,revision-371e8cfd92214eab616f28ab3b803d5ead1ef11a,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-bold-upsell-css,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 3959
x-xss-protection: 1; mode=block
x-request-id: 80a62fe28006d7e2c2b598b2ebd1443d691e807b546426f0b6510f2b070a0abf
x-served-by: cache-lga21978-LGA, cache-hhn4041-HHN
last-modified: Tue, 17 Dec 2019 16:45:38 GMT
server: cache-hhn4041-HHN
x-timer: S1599507678.381066,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 30 Jun 2021 18:00:00 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/bold-upsell.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 404 bold-upsell-custom.css
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 0
0 150ms
149ms Stylesheet
text/html 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/bold-upsell-custom.css?5654
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 shopify_common-8ea6ac3faf357236a97f5de749df4da6e8436ca107bc3a4ee805cbf08bc47392.js Show response
cdn.shopify.com/s/assets/themes_support/ 2 KB
1 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/assets/themes_support/shopify_common-8ea6ac3faf357236a97f5de749df4da6e8436ca107bc3a4ee805cbf08bc47392.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

8ea6ac3faf357236a97f5de749df4da6e8436ca107bc3a4ee805cbf08bc47392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-GcsShopAssetsBackend,segment2-50,segment4-12990,revision-371e8cfd92214eab616f28ab3b803d5ead1ef11a,cdn-shopify-com-s-assets-themes_support-shopify_common-8ea6ac3faf357236a97f5de749df4da6e8436ca107bc3a4ee805cbf08bc47392-js
status: 200
x-cache: HIT, HIT
content-length: 765
x-xss-protection: 1; mode=block
x-request-id: 45aef0878ed8897fb97071ae93ee867e344b510dfe72ea98d7d5c2cee3e99609
x-served-by: cache-lga21941-LGA, cache-hhn4041-HHN
last-modified: Thu, 11 Jun 2020 17:26:45 GMT
server: cache-hhn4041-HHN
x-timer: S1599507678.381237,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 30 Jun 2021 17:27:12 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/themes_support/shopify_common-8ea6ac3faf357236a97f5de749df4da6e8436ca107bc3a4ee805cbf08bc47392.js>; rel="canonical"
x-cache-hits: 32390, 38346

GET
H2 200 jquery.redcountdown.js Show response
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 16 KB
3 KB 12ms
9ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/jquery.redcountdown.js?v=7782233843315073318

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

e9e29bf173dba58b06458353c4bdd5db0957ddf0135f90df413272f518b0f69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-GcsShopAssetsBackend,segment2-211,segment4-54019,revision-0e39eb8df6950381f176b615821502f05bd72e4a,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-jquery-redcountdown-js,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 2507
x-xss-protection: 1; mode=block
x-request-id: ff45ca52b23d7dd1d22924f5f42ffa60ab1c0b05700328421a07af2fd75cfc5b
x-served-by: cache-lga21963-LGA, cache-hhn4041-HHN
last-modified: Wed, 11 Dec 2019 12:14:34 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.937096,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 11 Jul 2021 22:53:45 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/jquery.redcountdown.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 jquery.knob.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jQuery-Knob/1.2.13/ 11 KB
4 KB 32ms
30ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jQuery-Knob/1.2.13/jquery.knob.min.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 419038
cf-ray: 5cf2e8115d141756-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 050baf5ed6000017563c974200000001
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
etag: W/"5eb03ebd-2a34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1599507678&lkg-ip=2a01:4f8:192:5414::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1599507678&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sat, 28 Aug 2021 19:41:18 GMT

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/ 731 B
987 B 30ms
28ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/jquery.ba-throttle-debounce.min.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 1206093
cf-ray: 5cf2e8115d161756-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 050baf5ed6000017563c975200000001
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: W/"5eb03ec2-2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1599507678&lkg-ip=2a01:4f8:192:5414::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1599507678&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sat, 28 Aug 2021 19:41:18 GMT

GET
H2 200 lazysizes.min.js Show response
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 7 KB
4 KB 10ms
6ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/lazysizes.min.js?v=8196175466988290678

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

12372b7b336ca0cfcb3d6680a396d593d0657df9a1037a7d40bdce6ee0ac015d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-GcsShopAssetsBackend,segment2-229,segment4-58777,revision-b8c100f65df266941ef4e9458260aff5ebd1c585,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-lazysizes-min-js,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 3169
x-xss-protection: 1; mode=block
x-request-id: 005b7d68423f17feb9356d2784d1a576ae62c2296d4ced9e3815870ebcea5c1d
x-served-by: cache-lga21956-LGA, cache-hhn4041-HHN
last-modified: Tue, 17 Dec 2019 16:47:21 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.950866,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 29 Jul 2021 17:45:15 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/lazysizes.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 checkout_icon.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 9 KB
10 KB 12ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/checkout_icon.png?v=9533927947838762377

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

1189468a47706c9897678be487d8a7889d5590fe6adc7d89e0e68169b903c87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-ShopAssetsBackend,segment2-204,segment4-52335,revision-10c9658ca7b3e139f1aff77fd59892660c6a4c2d,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-checkout-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 9315
x-xss-protection: 1; mode=block
x-request-id: a33b46d66d30e1bf0e8576f3bc8521af99cf24af3d2b8eaa654304962f52b599
x-served-by: cache-lga21951-LGA, cache-hhn4041-HHN
last-modified: Fri, 14 Aug 2020 20:08:56 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.951586,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 14 Aug 2021 20:08:56 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/checkout_icon.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 logo.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 6 KB
6 KB 12ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/logo.png?v=585285613081384969

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

804746a295cb794510313c5d0284cbbe8bdce702fe898ac94747e2e4ecbed34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-url: /s/files/1/1349/3231/t/23/assets/logo.png?v=585285613081384969
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-GcsShopAssetsBackend,segment2-116,segment4-29893,revision-c94539ae167442778e8bb25337a71481ce6f6de7,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-logo-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 5774
x-xss-protection: 1; mode=block
x-request-id: d951885dc9eb1593aed82ad34cdb988ed4a5079079d64c181edbbaf2135cb256
x-served-by: cache-lga21921-LGA, cache-hhn4041-HHN
last-modified: Fri, 05 Jun 2020 05:25:06 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.951567,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 05 Jun 2021 05:25:06 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/logo.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 mobile_logo.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 6 KB
6 KB 12ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/mobile_logo.png?v=585285613081384969

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

804746a295cb794510313c5d0284cbbe8bdce702fe898ac94747e2e4ecbed34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-GcsShopAssetsBackend,segment2-206,segment4-52817,revision-537187a0ced0bafca83d636825e8270bc6fd2d83,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-mobile_logo-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 5774
x-xss-protection: 1; mode=block
x-request-id: 2271874b8c1dbdc6f7545e1df546c8655be4fd1dc4c7a257a10d578ce733bf89
x-served-by: cache-lga21978-LGA, cache-hhn4041-HHN
last-modified: Thu, 23 Jul 2020 14:32:10 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.951555,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 23 Jul 2021 14:32:10 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/mobile_logo.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 bamboo-engraved-napkin-holder-personalized-wedding-gift-for-bride-groom-joyful-moose-free-shipping_655_300x.jpg
cdn.shopify.com/s/files/1/1349/3231/products/ 11 KB
12 KB 11ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/products/bamboo-engraved-napkin-holder-personalized-wedding-gift-for-bride-groom-joyful-moose-free-shipping_655_300x.jpg?v=1588026013

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

b5a61526edbf90d4ab36c1edf05f28b410839573fd3769510f66f83e1ba51ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-ShopAssetsBackend,segment2-239,segment4-61200,revision-10c9658ca7b3e139f1aff77fd59892660c6a4c2d,cdn-shopify-com-s-files-1-1349-3231-products-bamboo-engraved-napkin-holder-personalized-wedding-gift-for-bride-groom-joyful-moos,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 11740
x-xss-protection: 1; mode=block
x-request-id: dcb0c36da49cf8486d98e66f6240ff3d0ba11159f586d4ebb948ba894db365f7
x-served-by: cache-lga21926-LGA, cache-hhn4041-HHN
last-modified: Sun, 16 Aug 2020 15:59:54 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.951942,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 16 Aug 2021 15:59:53 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/products/bamboo-engraved-napkin-holder-personalized-wedding-gift-for-bride-groom-joyful-moose-free-shipping_655_300x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 transparent.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 163 B
567 B 9ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/transparent.png?v=16508383962216632665

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

d5cda935f8ed170bfd1ef82a8dc2cb69ec0a040ec7d6f9a1755cd6d619011920

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-GcsShopAssetsBackend,segment2-146,segment4-37561,revision-8e6a1d43b5102d5cf1516a0c4c0dcfee31143fad,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-transparent-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 163
x-xss-protection: 1; mode=block
x-request-id: a35fe3ad3a227762d8c35f6aa58470df38e62fd469047cebc9ab288d2e3ebb20
x-served-by: cache-lga21934-LGA, cache-hhn4041-HHN
last-modified: Mon, 03 Aug 2020 11:44:07 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.960288,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 03 Aug 2021 11:44:07 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/transparent.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H/1.1 200
OK klaviyo_subscribe.js Show response
www.klaviyo.com/media/js/public/ 21 KB
6 KB 481ms
119ms Script
application/javascript 3.216.216.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.216.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-216-242.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c98ad91fb505c5274ffd7c7f24fa62878c420db7778edb428ecb4d4e387df3ae

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 May 2020 22:13:08 GMT
Server: nginx
ETag: W/"5ecd9474-52d0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 5807
Expires: Tue, 08 Sep 2020 19:41:18 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 132ms
50ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=13ced741-945d-427c-a08b-949297a59bf3

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: C0CA8848DCD3CEAF
x-amz-id-2: xnbzxiI4FAXHXRkL5htU6Jj+cXP9o45eoXEvsFQ+Xr1gd+M/QMGy4OaiTqT+tF74rVjE5MhAALk=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 050baf5ef40000d90d4cb98200000001
cf-ray: 5cf2e8118ff7d90d-AMS

GET
H2 200 option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js Show response
cdn.shopify.com/s/assets/themes_support/ 9 KB
4 KB 10ms
8ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-url: /s/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-162,segment4-41678,revision-4d30131f1323257a0ce73743d3d6da546b354e39,cdn-shopify-com-s-assets-themes_support-option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f-js
status: 200
x-cache: HIT, HIT
content-length: 3087
x-xss-protection: 1; mode=block
x-request-id: 6af020e2d0c48c824b3fa8e15a3cc904991e2ab11824d98dd8b44b0553821769
x-served-by: cache-lga21970-LGA, cache-hhn4041-HHN
last-modified: Fri, 15 Feb 2019 06:09:14 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.963242,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js>; rel="canonical"
x-cache-hits: 77867, 228835

GET
H2 200 timber.js Show response
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 140 KB
29 KB 13ms
10ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/timber.js?v=17647071268663179147

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

6006b8610590c9482adddc97c1cd0bceb6ca273c86ffd8ce013aba6ced455871

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-79,segment4-20265,revision-8e9ae2ff61b05948be8d887005e11bee2d2641cb,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-timber-js,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 29389
x-xss-protection: 1; mode=block
x-request-id: 5d24c5dab4b64fefb4b3e8899f9588e1a411461989bca92819ec3a1f680ed271
x-served-by: cache-lga21923-LGA, cache-hhn4041-HHN
last-modified: Mon, 27 Apr 2020 21:57:21 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.937130,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 28 Aug 2021 00:48:10 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/timber.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 widget.min.js Show response
cdn-stamped-io.azureedge.net/files/ 81 KB
24 KB 54ms
18ms Script
text/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-stamped-io.azureedge.net/files/widget.min.js
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: edffc9384a84607d30be0cbfc7ccd89cf972829772a045b0c163d799a7fef5ae

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Sep 2020 19:41:18 GMT
content-encoding: br
x-azure-ref-originshield: 08B9WXwAAAADRQUFPI8IhSL20Q9CTP3fnTE9OMjFFREdFMDExMAAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
status: 200
x-ms-lease-status: unlocked
last-modified: Wed, 02 Sep 2020 18:13:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D84F6BF032C16F
x-azure-ref: 03oxWXwAAAACMU++iI1fRRKaGXqIqBY+hQlJVMzBFREdFMDQxMwAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 4b42ee88-201e-0047-7a0b-854a04000000
cache-control: max-age=604800
x-ms-version: 2009-09-19

GET
H2 200 trekkie.storefront.min.js Show response
cdn.shopify.com/s/javascripts/tricorder/ 63 KB
14 KB 9ms
8ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

7a52d0c5a8a7e8fc6ce9624e895b72e05e2f1d076cdea888064627109ca374b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-ShopAssetsBackend,segment2-149,segment4-38261,revision-52adf8d8e7a3579ade9bd3c08b076c19bb180ec4,cdn-shopify-com-s-javascripts-tricorder-trekkie-storefront-min-js
status: 200
x-cache: HIT, HIT
content-length: 14348
x-xss-protection: 1; mode=block
x-request-id: c1daa705a1c1a5a8fd1c21f229a65b866d86819e992ec9ae2d8c3319398b3ec9
x-served-by: cache-lga21968-LGA, cache-hhn4041-HHN
last-modified: Wed, 02 Sep 2020 18:28:28 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.963243,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 02 Sep 2020 19:25:44 GMT
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js>; rel="canonical"
x-cache-hits: 14, 1160

GET
H2 200 shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js Show response
cdn.shopify.com/s/assets/ 7 KB
3 KB 9ms
7ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-GcsShopAssetsBackend,segment2-206,segment4-52832,revision-5da1a41c35d059c0c41a02a307a5ad1a2a3d0f25,cdn-shopify-com-s-assets-shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3-js
status: 200
x-cache: HIT, HIT
content-length: 2584
x-xss-protection: 1; mode=block
x-request-id: b33bd7d4ae20e2b4ee2464d657378150f3631812637b64edd95a81263d72383b
x-served-by: cache-lga21927-LGA, cache-hhn4041-HHN
last-modified: Tue, 09 Jun 2020 16:13:02 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.963230,VS0,VE0
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 10 Jun 2021 20:08:49 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js>; rel="canonical"
x-cache-hits: 1153843, 960050

GET
H2 404 bold-upsell-custom.css
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 0
0 7ms
7ms Stylesheet
text/html 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/bold-upsell-custom.css?5654
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 ico-select.svg
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 534 B
993 B 10ms
9ms Image
image/svg+xml 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ico-select.svg?v=8010346243918904133

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/5f5436f8835ef.concat.min.css?v=12527381191837174294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

68cd7e5003aead266041f0c707ad4060f32af6de2f13b08f43a561fedf8eaab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/5f5436f8835ef.concat.min.css?v=12527381191837174294
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/svg+xml,source-GcsShopAssetsBackend,segment2-58,segment4-14945,revision-371e8cfd92214eab616f28ab3b803d5ead1ef11a,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-ico-select-svg,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 381
x-xss-protection: 1; mode=block
x-request-id: 188ec943330667fbea70c99145995d992d2a04a1fa34fc05b2291fb23e644acf
x-served-by: cache-lga21923-LGA, cache-hhn4041-HHN
last-modified: Tue, 17 Dec 2019 16:45:50 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.963214,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 30 Jun 2021 18:00:00 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ico-select.svg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 qFdA35WCmI96Ajtm81kOcc7N4hoiiVI6.woff2
fonts.gstatic.com/s/overpass/v4/ 12 KB
12 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v4/qFdA35WCmI96Ajtm81kOcc7N4hoiiVI6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6f5c5aa383f2f8afa0bca5c44313e6f837a347cb6d53d827b684a88356693a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 14:58:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:52:54 GMT
server: sffe
age: 362562
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12208
x-xss-protection: 0
expires: Fri, 03 Sep 2021 14:58:36 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 75 KB
76 KB 8ms
7ms Font
application/octet-stream 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/fontawesome-webfont.woff2?v=3220704584577503426

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/5f5436f8835ef.concat.min.css?v=12527381191837174294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4035-HHN /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/5f5436f8835ef.concat.min.css?v=12527381191837174294
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/octet-stream,source-ShopAssetsBackend,segment2-114,segment4-29365,revision-f2cfcbf73b00e38804ab90456e2f298184611955,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-fontawesome-webfont-woff2,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 77160
x-xss-protection: 1; mode=block
x-request-id: 48fb47159a8c395b34bcaeaf553237a8ecd5b6497517284e2c987403c53502c3
x-served-by: cache-lga21928-LGA, cache-hhn4035-HHN
last-modified: Tue, 17 Dec 2019 16:45:04 GMT
server: cache-hhn4035-HHN
x-timer: S1599507679.962079,VS0,VE1
date: Mon, 07 Sep 2020 19:41:18 GMT
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sat, 21 Aug 2021 22:40:11 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/fontawesome-webfont.woff2>; rel="canonical"
x-cache-hits: 1, 1

GET
H3-Q050 200 qFdH35WCmI96Ajtm81GlU9vgwBcI.woff2
fonts.gstatic.com/s/overpass/v4/ 12 KB
12 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v4/qFdH35WCmI96Ajtm81GlU9vgwBcI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948885bd4309eb712603274e39eb265810a3c7f20b5507068491f12e566aa143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:17:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:52:51 GMT
server: sffe
age: 37455
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12396
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:17:03 GMT

GET
H3-Q050 200 qFdA35WCmI96Ajtm81l6d87N4hoiiVI6.woff2
fonts.gstatic.com/s/overpass/v4/ 11 KB
11 KB 28ms
16ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v4/qFdA35WCmI96Ajtm81l6d87N4hoiiVI6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5b1828c560a7e17f73366dfe057c1831b4c04b3ca9e8ec2dad8007906c968b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:13:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:53:33 GMT
server: sffe
age: 37658
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11600
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:13:40 GMT

GET
H3-Q050 200 qFdA35WCmI96Ajtm81keds7N4hoiiVI6.woff2
fonts.gstatic.com/s/overpass/v4/ 12 KB
12 KB 27ms
14ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v4/qFdA35WCmI96Ajtm81keds7N4hoiiVI6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99fbbc08541c4be73adba9fc260a51e5c10ad79570b31d494816d605160236c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://fonts.googleapis.com/css?family=Overpass:300,400,500,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:20:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:52:50 GMT
server: sffe
age: 37247
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12356
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:20:31 GMT

GET
H/1.1 200
OK klaviyo_subscribe.css
a.klaviyo.com/media/css/public/ 29 KB
4 KB 494ms
123ms Stylesheet
text/css 34.192.56.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.klaviyo.com/media/css/public/klaviyo_subscribe.css
Requested by: Host: www.klaviyo.com
URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.56.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-56-227.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca0201479be1440751db3dfbaa16f6ef4499e4d00ef2c4b0e350d169643ee098

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 May 2020 22:13:07 GMT
Server: nginx
ETag: W/"5ecd9473-73d6"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 3512
Expires: Tue, 08 Sep 2020 19:41:19 GMT

GET
H2 200 jquery.form.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.form/3.32/ 15 KB
6 KB 19ms
18ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.form/3.32/jquery.form.min.js

Requested by

Host: www.klaviyo.com
URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b137aac13ccdefc4116a827dffd01c0e919c1436c5b1d0f5ed9089859ae26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 392923
cf-ray: 5cf2e8126ff21756-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 050baf5f84000017563c984200000001
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: W/"5eb03ec2-3c6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1599507679&lkg-ip=2a01:4f8:192:5414::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1599507679&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sat, 28 Aug 2021 19:41:19 GMT

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
488 B 375ms
123ms Other
text/plain 35.185.69.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.185.69.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.69.185.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
x-dc: gke
status: 200
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 47e0e895-527f-4010-8530-4af1b492aebe

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/timber.js?v=17647071268663179147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df700ae5f7e1535b54ce817c3f69a94be9ac4d30b6bfed516db0a07d521adc1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GkfjtOerux0XnbSOmZzsfw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "07b42184689723f4a1c5ea9d342a2a04"
x-fb-debug: /Bfc6TqqtYjEsaNVHc0Mu7C8SJJUgs/Z1/tpKF6eszMH0UtK/uDGbPDn02MJhk//jdlKgbMY7DkP1NuzIWFIHA==
x-fb-trip-id: 664085054
x-fb-content-md5: 68ee9c8584a5d5336b4cbe7047861646
x-frame-options: DENY
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 07 Sep 2020 19:50:44 GMT

GET
H/1.1 200
OK cart.js Show response
cpcontacts.secured-wellsconnect01.duckdns.org/ 283 B
1 KB 247ms
247ms XHR
text/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/cart.js?_=1599507678877

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

a4d0cc2ba721c5df211e902766c0efb5144758a1500dd861004676de421fe92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:19 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
X-Permitted-Cross-Domain-Policies: none
X-Dc: gcp-us-east1,gke
Server: nginx
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 283
X-Xss-Protection: 1; mode=block
X-Sorting-Hat-Shopid: 13493231
X-Shardid: 60
X-Storefront-Renderer-Rendered: 1
X-Shopify-Stage: production
X-Frame-Options: DENY
X-Download-Options: noopen
Vary: Accept
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Language: en
X-Request-Id: 0abaee21-d49d-47ee-a12f-16854ce1055a
X-Shopid: 13493231
Content-Type: text/javascript; charset=utf-8
X-Sorting-Hat-Podid: 60
X-Cartjs-Updatedat: 0

GET
H2 200 ajax-load.gif
cdn.shopify.com/s/files/1/0251/0179/t/17/assets/ 723 B
1 KB 14ms
14ms Image
image/gif 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0251/0179/t/17/assets/ajax-load.gif?12730148446180618072

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

3d9c096b2c70edd42208923924a57417effac44ee62d7a8015b22ceab346b4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: proxied_with_processing
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/gif,source-ShopAssetsBackend,segment2-4,segment4-1225,revision-10c9658ca7b3e139f1aff77fd59892660c6a4c2d,cdn-shopify-com-s-files-1-0251-0179-t-17-assets-ajax-load-gif,shop-2510179
status: 200
x-cache: HIT, HIT
content-length: 723
x-xss-protection: 1; mode=block
x-request-id: e75c2e91d31a3aae1258ef60f788de74181200d55de67dde62bf15303ba401d5
x-served-by: cache-lga21940-LGA, cache-hhn4041-HHN
last-modified: Thu, 13 Aug 2020 07:19:51 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.164278,VS0,VE0
date: Mon, 07 Sep 2020 19:41:19 GMT
content-type: image/gif
access-control-allow-origin: *
expires: Fri, 13 Aug 2021 07:19:51 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0251/0179/t/17/assets/ajax-load.gif>; rel="canonical"
x-cache-hits: 21, 6

GET
H2 200 footer-image_150x.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 2 KB
3 KB 10ms
9ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/footer-image_150x.png?v=798542329222157929

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

73c5202cdf09134f5fcdcf157f5bdf59a404e0e553b15ac9d9b6ba873d68534d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-ShopAssetsBackend,segment2-245,segment4-62731,revision-52adf8d8e7a3579ade9bd3c08b076c19bb180ec4,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-footer-image-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 2522
x-xss-protection: 1; mode=block
x-request-id: b24a9c876755838918ce920dc04c981722822c1b0331df37ccf3767e6aadc4cd
x-served-by: cache-lga21931-LGA, cache-hhn4041-HHN
last-modified: Fri, 04 Sep 2020 00:43:04 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.168665,VS0,VE1
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 04 Sep 2021 00:43:04 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/footer-image_150x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 ff-checkout-single.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 6 KB
6 KB 10ms
10ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ff-checkout-single.png?v=3358023431013049537

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

678e453186950cf5770d8808f0bb8e0b294aab29f35ca2916ae2167778722165

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-ShopAssetsBackend,segment2-173,segment4-44403,revision-10c9658ca7b3e139f1aff77fd59892660c6a4c2d,cdn-shopify-com-s-files-1-1349-3231-t-23-assets-ff-checkout-single-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 6220
x-xss-protection: 1; mode=block
x-request-id: e784542f0bab5059bcd258dbe9374a550d4f10297af2f9c4ad2385ed50d2b31f
x-served-by: cache-lga21957-LGA, cache-hhn4041-HHN
last-modified: Fri, 14 Aug 2020 18:03:43 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.168646,VS0,VE1
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 14 Aug 2021 18:03:43 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ff-checkout-single.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: Dk0crzhXW40g3539GsvopKpfce4gI58PjmKumV7KZX9Lby5OyJ5yGFhl5qqDarsF5u4gRiQlgZUmXLBdnLesVA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 1539
date: Mon, 07 Sep 2020 19:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 07 Sep 2020 21:15:40 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 40ms
12ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: edb66434567b603679a9fd45786ff3b3b2bf3903d0da2e1c5af626688540bcc4

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "16423308d2b448e51a13f749cab3576e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1018645730

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e84f1623f9c6186ec1665f83a9d8a5cd8e4e5b310a4996c387eff1dbd88a4cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35602
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Sep 2020 19:41:19 GMT

GET
H2 200 13ced741-945d-427c-a08b-949297a59bf3 Show response
ekr.zdassets.com/compose/ 547 B
779 B 854ms
780ms XHR
application/json 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/13ced741-945d-427c-a08b-949297a59bf3

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2752ca9b40225cc4fdf4fb71ac843c41b4856ee3796058f6ea202148608cfce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 050baf602f0000c82bd825d200000001
x-request-id: 65873314-c14b-4464-b71e-9adc274edc20
x-runtime: 0.002549
server: cloudflare
etag: W/"2752ca9b40225cc4fdf4fb71ac843c41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 5cf2e8137dcec82b-AMS

GET
H2 200 5f4fe3c95f060addb200006c.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 325ms
264ms Script
text/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f4fe3c95f060addb200006c.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

786824d31e703c236e2196f1f71e07a7189b520514efc52bbfdbf70a9716e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-length: 4105
x-served-by: cache-hhn4041-HHN
server: Cowboy
x-timer: S1599507679.265442,VS0,VE240
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 vegur, 1.1 varnish
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

session Show response
shop.app/pay/
Redirect Chain

https://pay.shopify.com/session?v=1
https://shop.app/pay/session

18 B
820 B

389ms
142ms

Fetch
application/json

35.185.69.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.185.69.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.69.185.35.bc.googleusercontent.com

Software

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
x-dc: gke
p3p: CP="Not used"
status: 200
access-control-allow-methods: GET, OPTIONS
server-timing: processing;dur=4, socket_queue;dur=1.435, edge;dur=2.034, util;dur=0.0
x-request-id: daf81ed374cbc9034ce386a58b59330c
x-runtime: 0.003240
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
access-control-max-age: 7200
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: null
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

Redirect headers

date: Mon, 07 Sep 2020 19:41:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gke
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
p3p: CP="Not used"
status: 302
access-control-max-age: 7200
server-timing: processing;dur=4, socket_queue;dur=1.729, edge;dur=1.037, util;dur=0.1
x-request-id: c43dea8e83ca1279c69a0763807f44ef
x-runtime: 0.003654
x-frame-options: DENY
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=utf-8
location: https://shop.app/pay/session
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.us.shopifycs.com/dist/card_fields.js; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://autocomplete-service.shopifycloud.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://*.shopifycs.com https://checkout.us.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 99 KB
31 KB 9ms
8ms Script
application/javascript 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

a450159efc5350f21b16796672c9bb13b7b5f2bf2df2b2ee14d10df8144ae725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-96,segment4-24675,revision-52adf8d8e7a3579ade9bd3c08b076c19bb180ec4,cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
status: 200
x-cache: HIT, HIT
content-length: 31008
x-xss-protection: 1; mode=block
x-request-id: 7b2b2944505688e5c16a634e40d82474f50e52ffab7d806aae23bda43bd7fd20
x-served-by: cache-lga21966-LGA, cache-hhn4041-HHN
last-modified: Wed, 02 Sep 2020 22:49:17 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.373026,VS0,VE0
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 02 Sep 2021 22:50:34 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 3, 239881

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
487 B 135ms
123ms Other
text/plain 35.185.69.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.185.69.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.69.185.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
x-dc: gke
status: 200
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: acd08a1b-45c0-4178-b07f-7d4c518fe261

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
487 B 132ms
124ms Other
text/plain 35.185.69.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.185.69.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.69.185.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
x-dc: gke
status: 200
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 6335a413-9c41-4db8-9bf6-4a1a435f7174

GET
H2 200 widget.min.css
cdn1.stamped.io/files/ 108 KB
17 KB 48ms
16ms Stylesheet
text/css 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.css
Requested by: Host: cdn-stamped-io.azureedge.net
URL: https://cdn-stamped-io.azureedge.net/files/widget.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b129ccf4def3c2124b8e173b148de8a100050491db5665f25c5bf0a8fed83d3f

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Sep 2020 19:41:18 GMT
content-encoding: br
x-azure-ref-originshield: 0toxUXwAAAAB6SeS7VFlmSbMs0FUpQLVYTE9OMjFFREdFMDEwOQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
status: 200
x-ms-lease-status: unlocked
last-modified: Tue, 25 Aug 2020 06:39:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D848C198F9E077
x-azure-ref: 034xWXwAAAABo+2dCF/8UQ7B9/6dq0oaqQlJVMzBFREdFMDQwOQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4b84fa5e-e01e-00d9-7829-823343000000
cache-control: max-age=604800
x-ms-version: 2009-09-19

GET
H2 200 getappkey Show response
stamped.io/api/ 85 B
353 B 1046ms
652ms XHR
application/json 35.165.191.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/getappkey?shopShopifyDomain=caribou-creek-cases.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.165.191.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-191-202.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc65116d7f14185237cb32aef9ee2d2917b3da2c4a6c1359f70fd6a4996b5114

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-stackifyid: V1|83118e66-1a39-4aca-a546-327430c16878|C59064|CD1|
stamped: S2
content-length: 85
expires: -1

GET
H2 200 Screen_Shot_2019-03-14_at_2.16.39_PM.png
cdn.shopify.com/s/files/1/1349/3231/files/ 15 KB
15 KB 9ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.16.39_PM.png?v=1552598218

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

c0a26ababbe1ae4e930cffeb8fd53219253edbd8afb5c075ecdc3f045869c194

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-ShopAssetsBackend,segment2-142,segment4-36559,revision-52adf8d8e7a3579ade9bd3c08b076c19bb180ec4,cdn-shopify-com-s-files-1-1349-3231-files-Screen_Shot_2019-03-14_at_2-16-39_PM-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 15292
x-xss-protection: 1; mode=block
x-request-id: e520714ea4f0b686ff73c239dffc3b81eb642e560c560d58378715788edf982e
x-served-by: cache-lga21958-LGA, cache-hhn4041-HHN
last-modified: Wed, 02 Sep 2020 21:42:47 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.385314,VS0,VE1
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Sep 2021 21:42:47 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.16.39_PM.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Screen_Shot_2019-03-14_at_2.19.28_PM.png
cdn.shopify.com/s/files/1/1349/3231/files/ 3 KB
3 KB 9ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.19.28_PM.png?v=1552598387

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

4c400f846bb92a4322b3ce6856e7bfe63c3e0dd9a067a60865d0547e71b2e7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-url: /s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.19.28_PM.png?v=1552598387
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-GcsShopAssetsBackend,segment2-113,segment4-28963,revision-aab7d85eb5e1b9b9ae3e35ab95125a94948e21b2,cdn-shopify-com-s-files-1-1349-3231-files-Screen_Shot_2019-03-14_at_2-19-28_PM-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 2626
x-xss-protection: 1; mode=block
x-request-id: 3d44c9306fa29ba9a7c4cfc35b26560b0399b05f04886500d673ac5a1489a83d
x-served-by: cache-lga21980-LGA, cache-hhn4041-HHN
last-modified: Wed, 06 May 2020 13:30:22 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.385301,VS0,VE1
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 06 May 2021 13:30:22 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.19.28_PM.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Screen_Shot_2019-03-14_at_2.17.28_PM.png
cdn.shopify.com/s/files/1/1349/3231/files/ 6 KB
6 KB 8ms
8ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.17.28_PM.png?v=1552598292

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

cc4a0c9052d089efd3e3067e0241e5c28d913395db859b5032121a01453f189b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-ShopAssetsBackend,segment2-13,segment4-3385,revision-d2374ff1e0de38007c48edced16ee39dc41a664e,cdn-shopify-com-s-files-1-1349-3231-files-Screen_Shot_2019-03-14_at_2-17-28_PM-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 5650
x-xss-protection: 1; mode=block
x-request-id: 3b6b53ea729a5466a4eb194fa4530e592f1073a5be28415446441df8d3fe02a4
x-served-by: cache-lga21942-LGA, cache-hhn4041-HHN
last-modified: Wed, 05 Aug 2020 08:21:49 GMT
server: cache-hhn4041-HHN
x-timer: S1599507679.385289,VS0,VE1
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 05 Aug 2021 08:21:49 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.17.28_PM.png>; rel="canonical"
x-cache-hits: 1, 1

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
487 B 135ms
134ms Other
text/plain 35.185.69.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.07.13.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.185.69.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.69.185.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
x-dc: gke
status: 200
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 27a77e9a-5d52-43c6-85bd-cc95add30e49

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 201 KB
61 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c070958ab1ee6ede8d84c1f09cf36ef916e5c20467eb2e7b01703a4f8fe7a577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jwkXNKdiCJrp+IMvA8q13A==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62323
etag: "b9bbf9f41e36f1a00e7b41d88af5d66e"
x-fb-debug: UMJfDmm3X229viLwzAXZsxjOwl4UnmXc9bRZ/VyCKMKjvgUPDcSFFejbqTXHZBtU/r8UettjR5+KQt58sX4GYQ==
x-fb-trip-id: 2011651281
x-fb-content-md5: 7f1009c624d29102e91bfffb5e1e2b62
x-frame-options: DENY
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 07 Sep 2021 19:01:00 GMT

GET
H2 200 main.2424edb5.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 13ms
13ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2424edb5.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 87ba34a2dac0d833ec28f5da1f52fa5a2b8279152500e1b825e241e4a64ea488

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "f387c9c6b7338963d43f8909d77d8840"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 16965
access-control-expose-headers: X-CDN

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
104 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-2796955-11&cid=1640453600.1599507679&jid=1527625564&gjid=1051793336&_gid=1279515548.1599507679&_u=IGBAgEABBAAAAE~&z=1287031889

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Sep 2020 19:41:19 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
393 B 27ms
13ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=970775848&t=pageview&_s=1&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&ul=en-us&de=UTF-8&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABB~&jid=1527625564&gjid=1051793336&cid=1640453600.1599507679&tid=UA-2796955-11&_gid=1279515548.1599507679&did=BwiEti&z=1120087959

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 14:01:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2353214
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 27ms
13ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=970775848&t=pageview&_s=2&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAAAAE~&jid=&gjid=&cid=1640453600.1599507679&tid=UA-2796955-11&_gid=1279515548.1599507679&did=BwiEti&z=1757568237

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Aug 2020 14:01:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2353214
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1730599707199159 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 89ms
88ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1730599707199159?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b78c528e123dfb9a71673a20bd0b61014b69234e46c5c776f7e30bbb1f6e96c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: N2FrL6Sewd40j8JL6DSw3oaezUowrsHHGR+hW8Ka4cKWvVWNl85+AKbbDa+oCD+xG6VuPsICDdw8h9pDQwdGiA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 36ms
36ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1018645730

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

2d25f06ba5a1e228262948c457155e24a1d91bfb5dad460bd1dcfe2106011f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11315
x-xss-protection: 0
server: cafe
etag: 17904044164015545428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Sep 2020 19:41:19 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 38 B
455 B 122ms
53ms XHR
application/json 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2620503904562&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1599507679489
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pin-unauth: dWlkPU9UY3lNV1V6WTJNdFkySTFaQzAwTmpjeExUbGlOV0V0WldZeU5UTTRZakV3WmpjeSZycD1abUZzYzJV
date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-cdn: fastly
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-pinterest-rid: 0180710258192701
x-envoy-upstream-service-time: 2
content-length: 64
pragma: no-cache

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
85 B 126ms
59ms Image
image/gif 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2620503904562&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222424edb5%22%7D&cb=1599507679490
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
x-cdn: fastly
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 6
x-pinterest-rid: 6765802618418947
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
345 B 125ms
58ms Image
image/gif 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2620503904562&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222424edb5%22%7D&cb=1599507679490
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
x-cdn: fastly
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 9
x-pinterest-rid: 3872465540075754
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
355 B 124ms
57ms Image
image/gif 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=ViewCategory&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2620503904562&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222424edb5%22%7D&cb=1599507679490
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
x-cdn: fastly
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 7
x-pinterest-rid: 6617613965915661
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/1018645730/ 2 KB
2 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1018645730/?random=1599507679507&cv=9&fst=1599507679507&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DNapkin%20Holders%20%E2%80%93%20Joyful%20Moose&frm=0&url=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&tiba=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ea3215eacab4eeefa8c38ab223eb312d31c1a2f5c7af20b701f34266e54d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1175
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=125346&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=125346&source=js_tag

125 B
454 B

44ms
44ms

Script
text/javascript

176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=125346&source=js_tag
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5c290d245c56448f522fe02a3c3896ac06e37069930b48328938f71c57207256

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=125346&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

/
www.google.de/pagead/1p-conversion/1018645730/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_...
https://www.google.de/pagead/1p-conversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...

42 B
107 B

24ms
23ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DNapkin%20Holders%20%E2%80%93%20Joyful%20Moose&frm=0&url=https://cpcontacts.secured-wellsconnect01.duckdns.org/&tiba=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=34xWX630ILnL7_UP3MS86As&random=1642648589&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1018645730/?random=122470402&cv=9&fst=*&num=1&label=DAVHCMzDjpABEOKZ3eUD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8q1&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DNapkin%20Holders%20%E2%80%93%20Joyful%20Moose&frm=0&url=https://cpcontacts.secured-wellsconnect01.duckdns.org/&tiba=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=34xWX630ILnL7_UP3MS86As&random=1642648589&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 611440189544997 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 91ms
90ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/611440189544997?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2eaa1db5989ca675c631571c30a198b4eb7abf23b19d27066fa7aa0d2138d978

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: aAbqXRvENpZVB0Tw+60uB3EkQ5D41YYuNwuH4T4VvyVn+ip3suK6AwSjtQ4ib9BnmfMiH1seRdkDsH1v4NRLHA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 07 Sep 2020 19:41:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1730599707199159&ev=PageView&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&rl=&if=false&ts=1599507679566&sw=1600&sh=1200&v=2.9.24&r=stable&a=plshopify1.2&ec=0&o=30&fbp=fb.2.1599507679564.1359340591&it=1599507679437&coo=false&rqm=GET

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:19 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
179 B 122ms
54ms XHR
text/plain 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
x-cdn: fastly
status: 204
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 9314103963744806
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=611440189544997&ev=PageView&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&rl=&if=false&ts=1599507679690&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.2.1599507679564.1359340591&it=1599507679437&coo=false&rqm=GET

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:19 GMT

GET
H2 200 shopify.v2.min.js Show response
cdn-stamped-io.azureedge.net/files/ 45 KB
14 KB 18ms
16ms Script
text/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-stamped-io.azureedge.net/files/shopify.v2.min.js?shop=caribou-creek-cases.myshopify.com
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b291007c00998a699e9a4a06528199c6864d9772abea1007db203b0e7a082ff1

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: br
last-modified: Fri, 05 Oct 2018 19:53:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
status: 200
etag: 0x8D62AFC2F4A1701
x-azure-ref: 034xWXwAAAAATZX+VaaRfSav0X+2IekqRQlJVMzBFREdFMDQxMwAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 2e7ad0f7-d01e-003f-4cff-8422b3000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0/DVWXwAAAABnWkcrm5oVS5aWOEBLxVHXTE9OMjFFREdFMTUxNQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=

GET
H2 200 shopify.v2.min.js Show response
cdn1.stamped.io/files/ 45 KB
14 KB 19ms
17ms Script
text/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/shopify.v2.min.js?shop=caribou-creek-cases.myshopify.com
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b291007c00998a699e9a4a06528199c6864d9772abea1007db203b0e7a082ff1

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: br
last-modified: Fri, 05 Oct 2018 19:53:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
status: 200
etag: 0x8D62AFC2F4A1701
x-azure-ref: 034xWXwAAAAD1ElrqyW30QYb/2GA+zBe4QlJVMzBFREdFMDQwOQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 57b0841b-901e-001a-5fd4-83ba00000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0AzdWXwAAAABVyOdgEmpSQ78BEUtNIinETE9OMjFFREdFMDIwNwAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 81 KB
24 KB 19ms
17ms Script
text/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js?shop=caribou-creek-cases.myshopify.com
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: edffc9384a84607d30be0cbfc7ccd89cf972829772a045b0c163d799a7fef5ae

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: br
x-azure-ref-originshield: 0139WXwAAAAD6e3ro156yToKrPk72XnHsTE9OMjFFREdFMTUwNgAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
status: 200
x-ms-lease-status: unlocked
last-modified: Wed, 02 Sep 2020 18:13:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D84F6BF032C16F
x-azure-ref: 034xWXwAAAABs1psuxfqoRJMCS24/QVwqQlJVMzBFREdFMDQwOQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: ccc9fe4f-301e-0113-6a3a-85e6db000000
cache-control: max-age=604800
x-ms-version: 2009-09-19

GET
H/1.1 200
OK shopify.js Show response
www.upestuass.com/a/ldc/ 1017 B
2 KB 777ms
347ms Script
application/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upestuass.com/a/ldc/shopify.js?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&shop=caribou-creek-cases.myshopify.com

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

73a385181ac28b7e998a0ceb725f809ddab3800a2496b01f92bb541d693f7942

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:20 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
Server: nginx
X-Dc: gcp-us-east1,gcp-us-east1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Type: application/javascript;charset=utf-8
Cache-Control: public, max-age=86400
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1017
Expires: Tue, 08 Sep 2020 19:41:20 GMT

GET
H2 200 widget.js Show response
shopify.privy.com/ 912 KB
236 KB 627ms
583ms Script
text/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopify.privy.com/widget.js?shop=caribou-creek-cases.myshopify.com

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4714a7dac912c6a9e874bea82aeba18839e16abedaceefc378240273b570fa3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-origin: *
status: 200
content-encoding: br
cf-request-id: 050baf623e00001f55cebdd200000001
x-request-id: eb5c769b-ce0e-44e8-90a6-e996496208bd
server: cloudflare
etag: W/"4714a7dac912c6a9e874bea82aeba188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
via: 1.1 vegur
cache-control: private, max-age=3600
cf-ray: 5cf2e816cb021f55-FRA

GET
H2 200 050820094100.js Show response
cdn.getcarro.com/script-tags/all/ 646 B
999 B 116ms
33ms Script
application/javascript 143.204.201.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getcarro.com/script-tags/all/050820094100.js?shop=caribou-creek-cases.myshopify.com
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-87.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36d7d8275114d89a92b2cde5ad42bc70cb7b054c8e8e9c4906eced96c44b6893

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 07 Sep 2020 01:03:22 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 13 Aug 2020 00:56:15 GMT
server: AmazonS3
age: 67078
etag: "ba2c9a5ec118d90952f75d4ea20962ba"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 646
x-amz-cf-id: j78KMsfKL43_-wvVJQvdkCtK-fxhOFf7qzyhr2PngCG4-FjFNpdwRg==

GET
H2 200 5f4fe3c9dc0a2e12d8000075.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 232ms
231ms Script
text/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f4fe3c9dc0a2e12d8000075.js?shop=caribou-creek-cases.myshopify.com

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

b7b2477e7876212e56481e625c1562bedbd0e3e2e674854cc91b9396afa3ff1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-length: 4096
x-served-by: cache-hhn4041-HHN
server: Cowboy
x-timer: S1599507680.778478,VS0,VE206
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 vegur, 1.1 varnish
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 5f4fe3c95f060addb200006c.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 1485ms
1484ms Script
text/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f4fe3c95f060addb200006c.js?shop=caribou-creek-cases.myshopify.com

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

786824d31e703c236e2196f1f71e07a7189b520514efc52bbfdbf70a9716e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-length: 4105
x-served-by: cache-hhn4041-HHN
server: Cowboy
x-timer: S1599507680.778433,VS0,VE1461
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 vegur, 1.1 varnish
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 like.php
www.facebook.com/v2.12/plugins/ Frame 0B73 0
0 78ms
77ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3216a3c421456c%26domain%3Dcpcontacts.secured-wellsconnect01.duckdns.org%26origin%3Dhttps%253A%252F%252Fcpcontacts.secured-wellsconnect01.duckdns.org%252Ff3090250525fa7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fjoyfulmoose&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3216a3c421456c%26domain%3Dcpcontacts.secured-wellsconnect01.duckdns.org%26origin%3Dhttps%253A%252F%252Fcpcontacts.secured-wellsconnect01.duckdns.org%252Ff3090250525fa7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fjoyfulmoose&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0KZZGAenNKAGCZh1C..BfVozf...1.0.BfVozf.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: CHRJcedvXTDMmB9xAuLjVDJX0JcBcHwVYflEA8gMSAe7cbXnd+i2VC9g2n7PHiu8jS7FJbY4LAppAvSUUUUeyQ==
date: Mon, 07 Sep 2020 19:41:19 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_edJ3kWg7unud6eObl

43 B
573 B

233ms
155ms

Image
image/gif

104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_edJ3kWg7unud6eObl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Mon, 07 Sep 2020 19:41:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 27a42c276d094591c7230599ceab8b61
x-transaction: 00bf9c710091cbd1
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_edJ3kWg7unud6eObl
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_edJ3kWg7unud6eObl&sigv=1&esig=2~1fa2503db9fb06bd3ac014f8f068ee309cb60371
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl

43 B
460 B

503ms
122ms

Image
image/gif

52.7.90.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-90-251.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Mon, 07 Sep 2020 19:41:19 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_edJ3kWg7unud6eObl
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_edJ3kWg7unud6eObl

43 B
180 B

34ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_edJ3kWg7unud6eObl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:20 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 19:41:19 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_edJ3kWg7unud6eObl
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_edJ3kWg7unud6eObl

42 B
765 B

101ms
24ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_edJ3kWg7unud6eObl
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_edJ3kWg7unud6eObl
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZWRKM2tXZzd1bnVkNmVPYmw
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

49ms
49ms

Image
image/gif

176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:19 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 324ms
229ms Image
image/gif 176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=23589816&source=js_tag&a_id=125346
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tr
www.facebook.com/ 44 B
100 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=611440189544997&ev=ViewContent&cd[rtb_id]=23589816&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:19 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=23589816
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23589816

43 B
1 KB

39ms
39ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23589816

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Sep 2020 19:41:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: a324fe23-645f-49fe-bd54-1e97bfb7113a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Sep 2020 19:41:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid: f34a3ba7-3a6d-45de-b4c1-119b5279c0c1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23589816
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
487 B 149ms
148ms Other
text/plain 35.185.69.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.185.69.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.69.185.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Sep 2020 19:41:19 GMT
x-dc: gke
status: 200
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 81192a53-f170-4285-8bbf-dda056b0a5be

GET
H2 200 loader-v2.js Show response
sdk.vyrl.co/ 15 KB
6 KB 124ms
43ms Script
application/javascript 143.204.201.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.vyrl.co/loader-v2.js
Requested by: Host: cdn.getcarro.com
URL: https://cdn.getcarro.com/script-tags/all/050820094100.js?shop=caribou-creek-cases.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1cc72d77385d4404619101c898d1edb48c3456f4a5b602c94b7f4aaf541055b

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 18:50:30 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 25 Aug 2020 20:34:21 GMT
server: AmazonS3
etag: W/"9d2752a6b51ab35570a1ae4d5396c63e"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: p2_8mJ.i_CmJTooqmFpLni.FaM9J2yqH
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: KNt5JmKqowpfL2GaWg-CyNIf9gA5e1TlzcTyB_5s52W6Gk1fQeZ-fw==

GET
H2 200 798509530964003 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 90ms
87ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/798509530964003?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44fed74aca3ad29dee0e05406be99293618d140cb57ee2b2ef54602959fc7a5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eOTUHWOrpjRpyv18QHDWRiymvvvav6l2ZdGMxmDrJT1/nLnBSt4uWt0oNi/SYz0BHG/IKigprute6GxgIhNg1w==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 07 Sep 2020 19:41:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tagjs Show response
pixel-geo.prfct.co/ 59 B
387 B 47ms
45ms Script
text/javascript 176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?a_id=125347&source=js_tag
Requested by: Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/5f4fe3c9dc0a2e12d8000075.js?shop=caribou-creek-cases.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5cb89d417e6560940658e9b2c5179c91a8684210cb3bd0be79a99342ec0a54eb

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 59
Content-Type: text/javascript

GET
H2 200 preload.8d2c9052edfb1b77cfbe.js Show response
static.zdassets.com/web_widget/latest/ Frame 84EE 55 KB
16 KB 53ms
52ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.8d2c9052edfb1b77cfbe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=13ced741-945d-427c-a08b-949297a59bf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0bc41c352f9bb55c1cad549f89500e4e1e30f983be3408960f65f83c917c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 331688
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 2C94425E10B81681
x-amz-id-2: LodMzxqCQTCP7mVuH57sroOFqtNM1md8IE0WNrtACpjDhGwjnvMCLLn53GBo7f5lAduIfr3ruj4=
last-modified: Thu, 03 Sep 2020 00:33:57 GMT
server: cloudflare
etag: W/"0e883b9c5fa7fead653c1f421cfa81c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: cBXReoBC1pynwh_QaCVoAsLwh5uq_Q2x
cf-request-id: 050baf63460000d90d4c816200000001
cf-ray: 5cf2e8187e33d90d-AMS
expires: Fri, 03 Sep 2021 00:33:56 GMT

GET
H2 200 vendors~web_widget.b829c8068938a6bf5326.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 84EE 1 MB
279 KB 50ms
49ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.b829c8068938a6bf5326.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=13ced741-945d-427c-a08b-949297a59bf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ca87d25bf16d34cf68c4f1a47d727109bb04b3ad710a8688b8846c5c66db37

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 83
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: A335F17D646688F8
x-amz-id-2: c324P7JHpJSgfVhdiG3y//+lp/T1ee8qEuVx7J8Twdj3JI4Dik941twjX+K+h9gami1MPjE5KVE=
last-modified: Thu, 03 Sep 2020 03:27:38 GMT
server: cloudflare
etag: W/"3c5775f2876750bb40a60a9204e75c83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: fkDLqOfyEBDhFMcmzoAKDVGm_oOV3pj_
cf-request-id: 050baf63460000d90d4c817200000001
cf-ray: 5cf2e8187e34d90d-AMS
expires: Fri, 03 Sep 2021 03:27:37 GMT

GET
H2 200 web_widget.8dabc492b98d6ae23488.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 84EE 850 KB
164 KB 83ms
82ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.8dabc492b98d6ae23488.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=13ced741-945d-427c-a08b-949297a59bf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888a4896e62b4c66cf947306f818840639326efaa3a36d6eac80a280d2eb30e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 20142
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: FYAV4P5HAXFZ6H8W
x-amz-id-2: byuu8izKpNcP41DG1DAv6DCk2U2oroynBVS2gwkhcQS8bxoOvtU25vlFFHDR/CfpQmxsL7DhR24=
last-modified: Thu, 03 Sep 2020 00:34:01 GMT
server: cloudflare
etag: W/"4138fa2fa7c9e32a72f297a564f6f7d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wqMV_pZGZ04FVT9jTQeFLyb2FKVeSLR7
cf-request-id: 050baf63460000d90d4c818200000001
cf-ray: 5cf2e8187e35d90d-AMS
expires: Fri, 03 Sep 2021 00:34:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 129ms
129ms Image
image/gif 176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=23589817&source=js_tag&a_id=125347
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tr
www.facebook.com/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=798509530964003&ev=ViewContent&cd[rtb_id]=23589817&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 37ms
36ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?t=2&add=23589817

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Sep 2020 19:41:20 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid: bfa5bb4d-79ae-44d4-aa1a-29af4ff97052
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=798509530964003&ev=PageView&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&rl=&if=false&ts=1599507680120&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.2.1599507679564.1359340591&it=1599507679437&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1730599707199159&ev=Microdata&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&rl=&if=false&ts=1599507680121&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Napkin%20Holders%20%E2%80%93%20Joyful%20Moose%5Cn%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Napkin%20Holders%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.upestuass.com%2Fcollections%2Fnapkin-holders%22%2C%22og%3Asite_name%22%3A%22Joyful%20Moose%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&a=plshopify1.2&ec=1&o=30&fbp=fb.2.1599507679564.1359340591&it=1599507679437&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H2 200 config Show response
joyfulmoose.zendesk.com/embeddable/ 346 B
915 B 642ms
554ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joyfulmoose.zendesk.com/embeddable/config

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f492db4ff1b782c756e97baa48b186a24556157920290169db4332821a3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Origin, Accept-Encoding
cf-request-id: 050baf63eb0000fa60c1385200000001
x-request-id: 5cf2e8197d5cfa60-AMS
x-runtime: 0.001527
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-754bd4f89-7r82m
cf-ray: 5cf2e8197d5cfa60-AMS

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=611440189544997&ev=Microdata&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&rl=&if=false&ts=1599507680213&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Napkin%20Holders%20%E2%80%93%20Joyful%20Moose%5Cn%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Napkin%20Holders%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.upestuass.com%2Fcollections%2Fnapkin-holders%22%2C%22og%3Asite_name%22%3A%22Joyful%20Moose%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.2.1599507679564.1359340591&it=1599507679437&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H2 200 bacon.js Show response
cdn-bacon.getcarro.com/ 49 KB
16 KB 120ms
36ms Script
application/javascript 143.204.201.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bacon.getcarro.com/bacon.js?15995077
Requested by: Host: sdk.vyrl.co
URL: https://sdk.vyrl.co/loader-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef61695dc3f58468c40db4492defbcd70b2435e6e5a6e31096cd117a54ab0b4a

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 07 Sep 2020 19:15:05 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 01:38:02 GMT
server: AmazonS3
age: 1576
etag: W/"81e827d2c8520ca22a252c16ff5bd0e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: S1f2_GzKKT_diryoEH5WZ9_d404I-UZQdzJxXGy7n7RGROOozlhVOg==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)

GET
H2 200 carro.min.js Show response
sdk.vyrl.co/ 73 KB
24 KB 41ms
40ms Script
application/javascript 143.204.201.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.vyrl.co/carro.min.js?ver=1.28.0
Requested by: Host: sdk.vyrl.co
URL: https://sdk.vyrl.co/loader-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f56466ab035a1ee8a5e42cd783af49557f6a313e5c042ffe03cc64a9d40c469d

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GRkSKbh1PA0FVJhzJPPHwG_grWBtQ.3I
content-encoding: gzip
etag: "4fa9da4e88b359192689a8494cc25282"
age: 6534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 25 Aug 2020 20:34:20 GMT
server: AmazonS3
date: Mon, 07 Sep 2020 17:52:27 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: sjcCePKKm-Tls-_5fzJwBI2MQxJFuYzG1oF8T8guDIqq17XhHpiHxg==

GET
H/1.1 200
OK cart.js Show response
cpcontacts.secured-wellsconnect01.duckdns.org/ 283 B
1 KB 115ms
114ms XHR
text/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

e9971e2ef2b448f683f1338f14225524d9a359f481d080c48afd93c59a5c7001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:37:42 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
X-Permitted-Cross-Domain-Policies: none
X-Dc: gcp-us-east1,gke
Server: nginx
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 283
X-Xss-Protection: 1; mode=block
X-Sorting-Hat-Shopid: 13493231
X-Shardid: 60
X-Storefront-Renderer-Rendered: 1
X-Shopify-Stage: production
X-Frame-Options: DENY
X-Download-Options: noopen
Vary: Accept
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Language: en
X-Request-Id: 53ef4248-76cd-4e80-a57b-dfcd296d1092
X-Shopid: 13493231
Content-Type: text/javascript; charset=utf-8
X-Sorting-Hat-Podid: 60
X-Cartjs-Updatedat: 0

POST
H2 200 collect Show response
events.privy.com/v2/ 35 B
300 B 544ms
524ms XHR
application/json 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f8185fe7fc82ef10bec7ed319b60080330179cdb4af5c78d614a2081d044a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
status: 200
content-length: 35
cf-request-id: 050baf64fc0000979650318200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cf2e81b2b809796-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cart.js Show response
cpcontacts.secured-wellsconnect01.duckdns.org/ 283 B
1 KB 218ms
114ms XHR
text/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

e9971e2ef2b448f683f1338f14225524d9a359f481d080c48afd93c59a5c7001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:37:42 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
X-Permitted-Cross-Domain-Policies: none
X-Dc: gcp-us-east1,gke
Server: nginx
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 283
X-Xss-Protection: 1; mode=block
X-Sorting-Hat-Shopid: 13493231
X-Shardid: 60
X-Storefront-Renderer-Rendered: 1
X-Shopify-Stage: production
X-Frame-Options: DENY
X-Download-Options: noopen
Vary: Accept
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Language: en
X-Request-Id: 53ef4248-76cd-4e80-a57b-dfcd296d1092
X-Shopid: 13493231
Content-Type: text/javascript; charset=utf-8
X-Sorting-Hat-Podid: 60
X-Cartjs-Updatedat: 0

OPTIONS
H2 200 badges
stamped.io/api/widget/ Frame 0
0 484ms
484ms Other 35.165.191.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/badges
Protocol: H2
Server: 35.165.191.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-191-202.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 07 Sep 2020 19:41:20 GMT
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-stackifyid: V1|2a2128bb-13cf-4a1e-b1c5-9dc2d26b67a7|C59064|CD1|
access-control-allow-origin: *
access-control-allow-headers: content-type
access-control-max-age: 7300
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
1 KB 36ms
21ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/jquery.min.js?v=13378561539765400360

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fa2ca16421cdd1e6c331551a68537c0b5c6b3ab6a03ab8ff4aaacc54b9c9ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 17:53:23 GMT
server: ESF
date: Mon, 07 Sep 2020 19:41:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Sep 2020 19:41:20 GMT

POST
H2 200 badges Show response
stamped.io/api/widget/ 1 KB
661 B 218ms
218ms XHR
application/json 35.165.191.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/badges
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.165.191.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-191-202.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 991bed67a80819844fba2a07d0691077321a2137b35fb91020db88918ec81ad6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 19:41:21 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-stackifyid: V1|dba4a6c5-a3d8-4fd1-903f-2388c384778f|C59064|CD1|
stamped: S2
content-length: 375
expires: -1

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/F23532DEC414385D5D5F6242/ 10 KB
3 KB 187ms
180ms XHR
application/json 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/F23532DEC414385D5D5F6242/campaigns.json?s=j&l=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&facebook_api_key=&user_uuid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&fence=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c642780159940abc69a10c34acb91f27c0036c6b651464dfc21ae80ad9db82fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ipcountry: DE
date: Mon, 07 Sep 2020 19:41:20 GMT
x-ippostalcode
cf-cache-status: DYNAMIC
access-control-allow-origin: *
status: 200
content-encoding: br
access-control-request-method: *
x-request-id: 7b16c739-81b8-4e08-8968-f6114e331be6
server: cloudflare
etag: W/"c642780159940abc69a10c34acb91f27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
via: 1.1 vegur
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: DE_
cf-request-id: 050baf65070000979650319200000001
cf-ray: 5cf2e81b3b939796-FRA

GET
H2 200 recommendedCollections Show response
api.vyrl.co/v1/ 0
420 B 653ms
565ms XHR
application/json 143.204.201.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vyrl.co/v1/recommendedCollections?sourceId=caribou-creek-cases.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-75.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 65db4934-340e-42bb-98c5-2b0f84de25e0
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-Collections-Available
x-amzn-trace-id: Root=1-5f568ce1-b420a98cb554293d131e2c35;Sampled=0
x-collections-available: false
x-amz-apigw-id: SgrzLG88vHcF9gQ=
content-length: 0
x-amz-cf-id: BTCu4f1n6XNXfYAm5xjNpXa7t5J-b-ZQNt9CVfMFM8ocgU_ZKXnl_Q==

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 97 KB
31 KB 26ms
10ms Script
text/javascript 2600:9000:214f:ee00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ee00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 06350a540f1e817bd86514b117be82a3b49b6c980c2cac2ed4efbf2cfdfdcfa7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:32:43 GMT
content-encoding: gzip
age: 517
etag: W/"185ff-hvysoCYXyX41Zj5qmYWtJmKEfD8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 6XZhgRqdkyyFbbsUJ59AaEEjwHkPLN5bOFtenLgOGXU5JGgekDo1YQ==
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)

GET
H2 200 deviceStorage.html
cdn-bacon.getcarro.com/ Frame D82D 0
0 697ms
697ms Document
text/html 143.204.201.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-bacon.getcarro.com/deviceStorage.html?https://cpcontacts.secured-wellsconnect01.duckdns.org
Requested by: Host: cdn-bacon.getcarro.com
URL: https://cdn-bacon.getcarro.com/bacon.js?15995077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-5.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-bacon.getcarro.com
:scheme: https
:path: /deviceStorage.html?https://cpcontacts.secured-wellsconnect01.duckdns.org
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Response headers

status: 200
content-type: text/html
date: Mon, 07 Sep 2020 19:41:22 GMT
last-modified: Sat, 15 Aug 2020 01:38:02 GMT
etag: W/"83b7c563dcd895dd9a0407267140d3ec"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: z8Pbj5E98oUcW-J7s1CBF44eN1nTr7K1vOuj-CHGIGNHnUpGoNXNcQ==

GET
H/1.1 200
OK leaddyno.min.js Show response
cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/static/ 19 KB
7 KB 274ms
115ms Script
application/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/static/leaddyno.min.js
Requested by: Host: www.upestuass.com
URL: https://www.upestuass.com/a/ldc/shopify.js?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&shop=caribou-creek-cases.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: upestuass.com
Software: nginx /
Resource Hash: 9b1f88d2c06b920acb6b4621e867a356b74f2e2fa72b8d7077c68b2534ffe8f3

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:37:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 01:41:52 GMT
Server: nginx
X-Dc: gcp-us-east1,gcp-us-east1
Etag: W/"5f4da6e0-4c00"
Vary: Accept-Encoding
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Type: application/javascript
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control: public
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
Transfer-Encoding: chunked
Expires: Tue, 08 Sep 2020 07:37:41 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 850D 0
0 32ms
7ms Document
text/html 2600:9000:214f:e400:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e400:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Response headers

status: 200
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 05:25:30 GMT
cache-control: max-age=3600, public
date: Mon, 07 Sep 2020 19:09:50 GMT
etag: W/"83a-174293a7110"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: LDRu67dK-CItQJDw0dsvNsPia7R175VUCQMUhbnNtQvmR1Fezj4nFQ==
age: 1890

POST
H2 200 collect Show response
events.privy.com/v2/ 35 B
120 B 511ms
511ms XHR
application/json 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f8185fe7fc82ef10bec7ed319b60080330179cdb4af5c78d614a2081d044a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
status: 200
content-length: 35
cf-request-id: 050baf6555000097965031b200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cf2e81bbc2a9796-FRA
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
367 B 97ms
24ms XHR
text/plain 18.195.28.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=cpcontacts.secured-wellsconnect01.duckdns.org&location=%2F&product=privy-share-buttons&url=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&cms=unknown&publisher=anonymous&sop=true&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&version=st_sop.js&lang=en
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.28.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-28-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:20 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=798509530964003&ev=Microdata&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&rl=&if=false&ts=1599507680621&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Napkin%20Holders%20%E2%80%93%20Joyful%20Moose%5Cn%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Napkin%20Holders%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.upestuass.com%2Fcollections%2Fnapkin-holders%22%2C%22og%3Asite_name%22%3A%22Joyful%20Moose%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.2.1599507679564.1359340591&it=1599507679437&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H2 200 widget-269d434f93bca34391ade659db7090453e7a682121cc1212442b49ce122a1b18.css
assets.privy.com/assets/ 244 KB
23 KB 34ms
23ms Stylesheet
text/css 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-269d434f93bca34391ade659db7090453e7a682121cc1212442b49ce122a1b18.css

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6589061a874aeaf860458b68da964fe09a1300ccb859332860f071c374406c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
via: 1.1 vegur, 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
cf-cache-status: HIT
age: 6238
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 050baf65cd00001f55ce863200000001
last-modified: Wed, 12 Aug 2020 18:09:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=1382400
x-amz-cf-pop: FRA53-C1
cf-ray: 5cf2e81c7aaa1f55-FRA
x-amz-cf-id: kEB5rwhD95HovLabaCpAWCCgXdmfGphDDYaQLG6xWh6utVpbfPWTuA==

GET
H2

200

collect
google-analytics.com/
Redirect Chain

https://privymktg.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&tid=UA-20331028-1&t=pageview&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&e...
https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&tid=UA-20331028-1&t=pageview&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5...

35 B
405 B

26ms
5ms

Image
image/gif

2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&tid=UA-20331028-1&t=pageview&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=6047284579685064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 09:18:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37394
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 19:41:20 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&tid=UA-20331028-1&t=pageview&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=6047284579685064
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5cf2e81c8a83dfe3-FRA
cf-request-id: 050baf65d70000dfe37a1f8200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
537 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400italic,700

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27cedca55e7af115fd53d8f2a061ddb5f3cf322e897ea360f6c4e109f295063a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 19:35:24 GMT
server: ESF
date: Mon, 07 Sep 2020 19:41:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
718 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,700%7CBitter:300,400

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a395381c7ff15598a25f122b1746feeafdb8d68e378c55963e44f4888e587ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 19:41:20 GMT
server: ESF
date: Mon, 07 Sep 2020 19:41:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Sep 2020 19:41:20 GMT

GET
H2

200

collect
google-analytics.com/
Redirect Chain

https://privymktg.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&cd2=446218&cd5=signup&cd6=widget&tid=UA-20331028-1&t=event&ci=F23532DEC414385D5D5F6242&cm=web...
https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&cd2=446218&cd5=signup&cd6=widget&tid=UA-20331028-1&t=event&ci=F23532DEC414385D5D5F6242...

35 B
90 B

7ms
6ms

Image
image/gif

2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&cd2=446218&cd5=signup&cd6=widget&tid=UA-20331028-1&t=event&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ni=true&ea=viewed-tab&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=1333317475152649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 09:18:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37394
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 19:41:20 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://google-analytics.com/collect?v=1&cid=fc26ada5-22fc-44a2-abbd-1d920245bcb1&cd1=F23532DEC414385D5D5F6242&cd2=446218&cd5=signup&cd6=widget&tid=UA-20331028-1&t=event&ci=F23532DEC414385D5D5F6242&cm=web&cn=F23532DEC414385D5D5F6242&ni=true&ea=viewed-tab&ec=widget&dl=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&dt=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&ul=en-US&z=1333317475152649
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5cf2e81caad5dfe3-FRA
cf-request-id: 050baf65ed0000dfe37a1fb200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700%7CBitter:300,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,500,700%7CBitter:300,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
age: 38107
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:06:13 GMT

GET
H2 200 en-us-json.cc8e73e5fe307bb27426.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 84EE 25 KB
5 KB 48ms
48ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.cc8e73e5fe307bb27426.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.8d2c9052edfb1b77cfbe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4115036
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: AEFE79F66C7EBC1F
x-amz-id-2: zpwv65XFe49wftw1PecBmuA4sM32FIZ0WF0xzhWGFJx4v8F7g4WWCsLyd/Cyco/YGs/dsfWFyM4=
last-modified: Wed, 22 Jul 2020 04:05:08 GMT
server: cloudflare
etag: W/"c94e458331968060067c4539f118fd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 5EVM6Ae5ZeloER_IP_K91Z5iUqcAli8n
cf-request-id: 050baf66380000d90d4c83b200000001
cf-ray: 5cf2e81d2f36d90d-AMS
expires: Thu, 22 Jul 2021 04:05:07 GMT

GET transparent.png
cdn.shopify.com/s/files/1/1349/3231/t/23/assets/ 0
0

GET
H2 200 Screen_Shot_2019-03-14_at_2.19.28_PM.png
cdn.shopify.com/s/files/1/1349/3231/files/ 3 KB
3 KB 8ms
7ms Image
image/webp 2a04:4e42:1b::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.19.28_PM.png?v=1552598387

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/lazysizes.min.js?v=8196175466988290678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-hhn4041-HHN /

Resource Hash

4c400f846bb92a4322b3ce6856e7bfe63c3e0dd9a067a60865d0547e71b2e7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-url: /s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.19.28_PM.png?v=1552598387
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
x-cdn: Fastly, http2
x-dc: gke
edge-cache-tag: mime-image/webp,source-GcsShopAssetsBackend,segment2-113,segment4-28963,revision-aab7d85eb5e1b9b9ae3e35ab95125a94948e21b2,cdn-shopify-com-s-files-1-1349-3231-files-Screen_Shot_2019-03-14_at_2-19-28_PM-png,shop-13493231
status: 200
x-cache: HIT, HIT
content-length: 2626
x-xss-protection: 1; mode=block
x-request-id: 3d44c9306fa29ba9a7c4cfc35b26560b0399b05f04886500d673ac5a1489a83d
x-served-by: cache-lga21980-LGA, cache-hhn4041-HHN
last-modified: Wed, 06 May 2020 13:30:22 GMT
server: cache-hhn4041-HHN
x-timer: S1599507681.832513,VS0,VE0
date: Mon, 07 Sep 2020 19:41:20 GMT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 06 May 2021 13:30:22 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1349/3231/files/Screen_Shot_2019-03-14_at_2.19.28_PM.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/static/leaddyno.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38247
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 09:03:53 GMT

GET
H/1.1 200
OK visit Show response
cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/ 46 B
705 B 352ms
351ms Script
application/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/visit?url=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&referrer=&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&js=true&ld_t=01565117-13bb-4fd3-f89a-2a1c8c2f073c&ld_ext=&ld_fp=445006243&channel=&key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&callback=__LDCB_1599507680839_993603

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/static/leaddyno.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

7f313c67027a63c4d31074e35a55b5e5f83b342cf18e350bedad283db376cefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:21 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
Server: nginx
X-Dc: gcp-us-east1,gcp-us-east1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 46

GET
H/1.1

404
Not Found

x
cpcontacts.secured-wellsconnect01.duckdns.org/
Redirect Chain

https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/x?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&ld_fp=445006243&ld_t=01565117-13bb-4fd3-f89a-2a1c8c2f073c&ts=1599507680840
https://cpcontacts.secured-wellsconnect01.duckdns.org/x?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&ld_fp=445006243

0
0

273ms
272ms

Script
text/html

68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/x?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&ld_fp=445006243

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=5c500cd9-d54f-4ece-9b99-da328ec89a1d

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dc: gcp-us-east1,gcp-us-east1
Server: nginx
Transfer-Encoding: chunked
X-Cache: hit, server
X-Alternate-Cache-Key: cacheable:620308029eb17fa6d268c0db284cdbdb
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-Xss-Protection: 1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=5c500cd9-d54f-4ece-9b99-da328ec89a1d
X-Sorting-Hat-Shopid: 13493231
X-Shopify-Generated-Cart-Token: 0ad6d0b045f25406140804ffaee3400d
X-Shardid: 60
X-Shopify-Stage: production
X-Frame-Options: DENY
Etag: cacheable:33532d79727537173d0271cc5f400b4b
X-Download-Options: noopen
Vary: Accept
Content-Language: en
X-Request-Id: 5c500cd9-d54f-4ece-9b99-da328ec89a1d
X-Shopid: 13493231
Content-Type: text/html; charset=utf-8
X-Sorting-Hat-Podid: 60

Redirect headers

Date: Mon, 07 Sep 2020 19:41:21 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
Server: nginx
X-Dc: gcp-us-east1,gcp-us-east1
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Type: text/html;charset=utf-8
Location: /x?key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&ld_fp=445006243
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK clickstream Show response
cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/ 46 B
705 B 375ms
375ms Script
application/javascript 68.183.147.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/clickstream?url=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&referrer=&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&js=true&ld_t=01565117-13bb-4fd3-f89a-2a1c8c2f073c&ld_ext=&ld_fp=445006243&channel=&key=79220a4b8fe43e70bd40f136f569f65f3eb8a8af&callback=__LDCB_1599507680841_127640&page_url=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&page_referrer=

Requested by

Host: cpcontacts.secured-wellsconnect01.duckdns.org
URL: https://cpcontacts.secured-wellsconnect01.duckdns.org/a/ldc/static/leaddyno.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

68.183.147.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

upestuass.com

Software

nginx /

Resource Hash

c65a829403319c4b47282f39a155b3093f587b21bcbce8cf617c48699bd45196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Sep 2020 19:41:21 GMT
X-Content-Type-Options: nosniff
Nel: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
Server: nginx
X-Dc: gcp-us-east1,gcp-us-east1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 46

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700%7CBitter:300,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,500,700%7CBitter:300,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 38244
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:56 GMT

GET
H2 200 embeddable_blip Show response
joyfulmoose.zendesk.com/ Frame 84EE 0
579 B 136ms
136ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://joyfulmoose.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vY3Bjb250YWN0cy5zZWN1cmVkLXdlbGxzY29ubmVjdDAxLmR1Y2tkbnMub3JnLyIsInRpbWUiOjc5LCJsb2FkVGltZSI6NjYuOTg5OTk5MjY0NDc4NjgsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJOYXBraW4gSG9sZGVycyDigJMgSm95ZnVsIE1vb3NlIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAsIG1heGltdW0tc2NhbGU9MS4wLCB1c2VyLXNjYWxhYmxlPW5vIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiI0NTkxYjg4YTZmZjFkMDBhZDAzNGNiMjcyZDgxNGIzNiIsInN1aWQiOiIzOWRiN2E0NGZkNWE4MTgwNmRiYmNlYjUzZDY4YTRmZSIsInZlcnNpb24iOiIxYjIzNDNmMmEiLCJ0aW1lc3RhbXAiOiIyMDIwLTA5LTA3VDE5OjQxOjIwLjkwNloiLCJ1cmwiOiJodHRwczovL2NwY29udGFjdHMuc2VjdXJlZC13ZWxsc2Nvbm5lY3QwMS5kdWNrZG5zLm9yZy8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.b829c8068938a6bf5326.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5cf2e81dce1efa60-AMS
cf-request-id: 050baf669e0000fa60c13e5200000001

GET
H2 200 stamped-font.ttf
cdn1.stamped.io/fonts/ 9 KB
10 KB 48ms
17ms Font
application/octet-stream 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/fonts/stamped-font.ttf?rkevfi
Requested by: Host: cdn1.stamped.io
URL: https://cdn1.stamped.io/files/widget.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33

Request headers

Origin: https://cpcontacts.secured-wellsconnect01.duckdns.org
Referer: https://cdn1.stamped.io/files/widget.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Sep 2020 19:41:20 GMT
x-azure-ref-originshield: 0hoxUXwAAAABy6NGcVKg2SIwFH9PIosUQTE9OMjFFREdFMTUxMwAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
status: 200
content-length: 9536
x-ms-lease-status: unlocked
last-modified: Wed, 20 Nov 2019 18:33:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D76DE815C88978
x-azure-ref: 04YxWXwAAAAD7bygE7S8QSrnewMNvOZvbQlJVMzBFREdFMDQyMAAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 003ffc1f-f01e-004e-0a56-81508a000000
cache-control: max-age=604800
x-ms-version: 2009-09-19

GET
H2 200 p Show response
bacon.getcarro.com/ 18 B
220 B 389ms
140ms XHR
application/json 3.216.5.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bacon.getcarro.com/p?cuuid=3cb55d5d-05fc-4ff1-8319-f355958f3455&session_id=51c308dd-c544-471a-bc1d-f55f55de66fb&host_id=8d8340a6-c497-4a17-9648-d21ae25f372c&new_host_id=true&domain=cpcontacts.secured-wellsconnect01.duckdns.org&context_page_path=%2F&sdk_version=1.28.0&page_id=4a1d13ab-a1f6-4165-9aa9-bad03ff4511f&source=shopify&source_id=caribou-creek-cases.myshopify.com&ch=pixel&context_page_search=&context_page_title=Napkin%20Holders%20%E2%80%93%20Joyful%20Moose&context_page_url=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org%2F&referrer=&history_count=2&package=Visit&class=Page&event=view&timestamp=1599507681241&bacon_version=1.1.35&page_event_index=0
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.5.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-5-142.compute-1.amazonaws.com
Software: /
Resource Hash: e70ec4590ed626e70d12eda92a69afdcf366f2e85d9d1e6728ca45bd9f1925c9

Request headers

Accept: application/json, text/plain, */*
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
x-amzn-requestid: a51d7318-2829-48d9-97e5-cf97992088ac
status: 200
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f568ce1-4ff11b4d50492c2c88b071ef
x-amz-apigw-id: SgrzQFFqoAMF7IA=
content-length: 18

GET
H/1.1 200
OK tagjs Show response
pixel-geo.prfct.co/ 87 B
415 B 46ms
46ms Script
text/javascript 176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?a_id=125346&source=js_tag
Requested by: Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/5f4fe3c95f060addb200006c.js?shop=caribou-creek-cases.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bbb3a67b135a676fd40a5601fe26b813e04170bc6594549ecc5380c4192ddd2e

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 87
Content-Type: text/javascript

GET
H2 200 checkToken.html
sdk.vyrl.co/ Frame CF66 0
0 37ms
37ms Document
text/html 143.204.201.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.vyrl.co/checkToken.html?localOrigin=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org
Requested by: Host: sdk.vyrl.co
URL: https://sdk.vyrl.co/carro.min.js?ver=1.28.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: sdk.vyrl.co
:scheme: https
:path: /checkToken.html?localOrigin=https%3A%2F%2Fcpcontacts.secured-wellsconnect01.duckdns.org
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/

Response headers

status: 200
content-type: text/html
content-length: 260
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Tue, 25 Aug 2020 20:34:21 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: RlXh.ljgqqsNoDVrSl869PlT1ufBbKaK
accept-ranges: bytes
server: AmazonS3
date: Mon, 07 Sep 2020 17:21:09 GMT
etag: "a380c1766cceefe7187cca914326f297"
x-cache: Hit from cloudfront
via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ehzfUdDRANxmFqN6DnFg2Qq-dY0uX1RMKHX07FXEnrRMxVjXponIrw==
age: 8413

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_edJ3kWg7unud6eObl&sigv=1&esig=2~1fa2503db9fb06bd3ac014f8f068ee309cb60371
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl

43 B
460 B

122ms
122ms

Image
image/gif

52.7.90.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.90.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-90-251.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Mon, 07 Sep 2020 19:41:21 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_edJ3kWg7unud6eObl
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 136ms
135ms Image
image/gif 176.34.132.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=23589816&source=js_tag&a_id=125346
Requested by: Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/5f4fe3c95f060addb200006c.js?shop=caribou-creek-cases.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.132.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-132-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tr
www.facebook.com/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=611440189544997&ev=ViewContent&cd[rtb_id]=23589816&noscript=1

Requested by

Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/5f4fe3c95f060addb200006c.js?shop=caribou-creek-cases.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 07 Sep 2020 19:41:21 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 49ms
48ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?t=2&add=23589816

Requested by

Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/5f4fe3c95f060addb200006c.js?shop=caribou-creek-cases.myshopify.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Sep 2020 19:41:21 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.42:80
AN-X-Request-Uuid: 35f27d0c-5055-4721-86ee-c92faa9b2994
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 c9c0d1f1-e82d-4e30-8ac0-4c39719d682d.json Show response
members.shoptimized.net/api/validate/ 83 B
694 B 219ms
189ms XHR
application/json 2606:4700:3032::ac43:b1d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://members.shoptimized.net/api/validate/c9c0d1f1-e82d-4e30-8ac0-4c39719d682d.json?domain=caribou-creek-cases.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b1d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec01b15e42697556f27326ded0215719d9a54aa9a07f5737ec1e21cf3c055ebf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cpcontacts.secured-wellsconnect01.duckdns.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 19:41:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
cf-request-id: 050baf6de80000dfc353a68200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cf2e8297a18dfc3-FRA
access-control-allow-headers: X-CSRF-Token
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1349/3231/t/23/assets/transparent.png?v=16508383962216632665

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secured-wellsconnect01.duckdns.org/	1970-01-19 12:19:54	Name: _gid Value: GA1.3.1279515548.1599507679
.secured-wellsconnect01.duckdns.org/	1970-01-20 05:49:39	Name: _ga Value: GA1.3.1640453600.1599507679
.secured-wellsconnect01.duckdns.org/	1970-01-19 14:28:03	Name: _fbp Value: fb.2.1599507679564.1359340591
.secured-wellsconnect01.duckdns.org/	1970-01-19 12:18:29	Name: _shopify_sa_p Value:
.secured-wellsconnect01.duckdns.org/	1970-01-19 12:18:27	Name: _gat Value: 1
.secured-wellsconnect01.duckdns.org/	1970-01-19 12:18:29	Name: _shopify_sa_t Value: 2020-09-07T19%3A41%3A19.363Z
.secured-wellsconnect01.duckdns.org/	1970-01-20 05:35:15	Name: _shopify_y Value: 6a164ce7-8B13-4E9B-D46F-D9962297BC7F
.secured-wellsconnect01.duckdns.org/	1970-01-19 12:18:29	Name: _s Value: 6a164cfd-CE1F-4D13-5A6E-0ECC5E259982
.secured-wellsconnect01.duckdns.org/	1970-01-19 12:18:29	Name: _shopify_s Value: 6a164cfd-CE1F-4D13-5A6E-0ECC5E259982
.secured-wellsconnect01.duckdns.org/	1970-01-20 05:35:15	Name: _shopify_fs Value: 2020-09-07T19%3A41%3A19.143Z
.cpcontacts.secured-wellsconnect01.duckdns.org/	1970-01-19 21:04:03	Name: _pin_unauth Value: dWlkPU9UY3lNV1V6WTJNdFkySTFaQzAwTmpjeExUbGlOV0V0WldZeU5UTTRZakV3WmpjeSZycD1abUZzYzJV
cpcontacts.secured-wellsconnect01.duckdns.org/	1970-01-19 12:38:37	Name: cart_currency Value: USD
.secured-wellsconnect01.duckdns.org/	1970-01-20 05:35:15	Name: _y Value: 6a164ce7-8B13-4E9B-D46F-D9962297BC7F

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]
console-api	warning	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: Invalid App Id: Must be a number or numeric string representing the application id.
console-api	debug	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: sdkperf: it took 30 ms and 65092 bytes to load https://connect.facebook.net/en_US/sdk.js
console-api	debug	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: sdkperf: init logged after 352 ms
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: domReady
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: XFBML Parsing Start 1
console-api	debug	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: sdkperf: pluginframe logged after 621 ms
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: XFBML Parsing Finish 1, 1 tags found
console-api	debug	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: sdkperf: ttfp logged after 729 ms
console-api	info	URL: https://connect.facebook.net/en_US/sdk.js?hash=34731b91a40a281cbc21964cb8edf44c&ua=modern_es6(Line 52) Message: Plugin f39dcc9e69d281c ready from https://www.facebook.com
console-api	log	URL: https://sdk.vyrl.co/loader-v2.js(Line 1) Message: Loaded Carro SDK 1.28.0 master
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 611440189544997.
console-api	log	URL: https://www.klaviyo.com/media/js/public/klaviyo_subscribe.js(Line 40) Message: [object Arguments]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
ads.yahoo.com
ajax.googleapis.com
analytics.twitter.com
api.privy.com
api.vyrl.co
assets.privy.com
bacon.getcarro.com
c.sharethis.mgr.consensu.org
cdn-bacon.getcarro.com
cdn-stamped-io.azureedge.net
cdn.getcarro.com
cdn.shopify.com
cdn1.stamped.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cpcontacts.secured-wellsconnect01.duckdns.org
ct.pinterest.com
ekr.zdassets.com
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
joyfulmoose.zendesk.com
l.sharethis.com
members.shoptimized.net
monorail-edge.shopifysvc.com
obscure-escarpment-2240.herokuapp.com
pay.shopify.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
platform-api.sharethis.com
privymktg.com
s.pinimg.com
sdk.vyrl.co
secure.adnxs.com
shop.app
shopify.privy.com
stamped.io
static.zdassets.com
stats.g.doubleclick.net
tag.perfectaudience.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.klaviyo.com
www.upestuass.com
cdn.shopify.com
104.16.53.111
104.18.71.113
104.244.42.195
143.204.201.33
143.204.201.5
143.204.201.75
143.204.201.87
151.101.114.217
151.101.36.84
172.217.22.66
176.34.132.203
18.195.28.127
185.33.221.90
2600:9000:214f:e400:c:a9b7:ddc0:93a1
2600:9000:214f:ee00:1c:8a07:5e80:93a1
2606:4700:20::681a:68b
2606:4700:20::681a:78b
2606:4700:3032::ac43:b1d1
2606:4700:3036::ac43:8404
2606:4700::6811:4e6b
2620:1ec:bdf::10
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2008
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::268
2a04:4e42:9::84
3.216.216.242
3.216.5.142
34.192.56.227
34.193.9.51
34.98.64.218
35.165.191.202
35.185.69.233
52.7.90.251
68.183.147.206
69.173.144.165
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06350a540f1e817bd86514b117be82a3b49b6c980c2cac2ed4efbf2cfdfdcfa7
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1189468a47706c9897678be487d8a7889d5590fe6adc7d89e0e68169b903c87b
12372b7b336ca0cfcb3d6680a396d593d0657df9a1037a7d40bdce6ee0ac015d
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad
24ca87d25bf16d34cf68c4f1a47d727109bb04b3ad710a8688b8846c5c66db37
2632023fb2795bd6668b6fbae05b661baba07afb3d62048f023763eca3cd96e3
26da681710f792eca20ac7b81bd3efb7c11ad6cd9acbed9d53e0d308c7afed36
2752ca9b40225cc4fdf4fb71ac843c41b4856ee3796058f6ea202148608cfce4
27cedca55e7af115fd53d8f2a061ddb5f3cf322e897ea360f6c4e109f295063a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d25f06ba5a1e228262948c457155e24a1d91bfb5dad460bd1dcfe2106011f20
2e5b1828c560a7e17f73366dfe057c1831b4c04b3ca9e8ec2dad8007906c968b
2eaa1db5989ca675c631571c30a198b4eb7abf23b19d27066fa7aa0d2138d978
35b137aac13ccdefc4116a827dffd01c0e919c1436c5b1d0f5ed9089859ae26c
36d7d8275114d89a92b2cde5ad42bc70cb7b054c8e8e9c4906eced96c44b6893
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d9c096b2c70edd42208923924a57417effac44ee62d7a8015b22ceab346b4d9
44fed74aca3ad29dee0e05406be99293618d140cb57ee2b2ef54602959fc7a5d
4714a7dac912c6a9e874bea82aeba18839e16abedaceefc378240273b570fa3c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c400f846bb92a4322b3ce6856e7bfe63c3e0dd9a067a60865d0547e71b2e7a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
58492c9e47b0e5f135ef89c4a05495fd6166776e82bbc89bca59179f766027bf
5b78c528e123dfb9a71673a20bd0b61014b69234e46c5c776f7e30bbb1f6e96c
5c290d245c56448f522fe02a3c3896ac06e37069930b48328938f71c57207256
5c9eb5c4cd764ac941deba666ab71c72e51f02e841d7b29f8f6f1a689f7a6f8f
5cb89d417e6560940658e9b2c5179c91a8684210cb3bd0be79a99342ec0a54eb
6006b8610590c9482adddc97c1cd0bceb6ca273c86ffd8ce013aba6ced455871
6589061a874aeaf860458b68da964fe09a1300ccb859332860f071c374406c21
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
678e453186950cf5770d8808f0bb8e0b294aab29f35ca2916ae2167778722165
68cd7e5003aead266041f0c707ad4060f32af6de2f13b08f43a561fedf8eaab2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ea3215eacab4eeefa8c38ab223eb312d31c1a2f5c7af20b701f34266e54d069
6fa2ca16421cdd1e6c331551a68537c0b5c6b3ab6a03ab8ff4aaacc54b9c9ad9
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
73a385181ac28b7e998a0ceb725f809ddab3800a2496b01f92bb541d693f7942
73c5202cdf09134f5fcdcf157f5bdf59a404e0e553b15ac9d9b6ba873d68534d
748ccc4b37109bc4a06abcfc9d27c3734b75f4f9b5cd73ddc2e5cb1207c97a9a
786824d31e703c236e2196f1f71e07a7189b520514efc52bbfdbf70a9716e3c0
7a395381c7ff15598a25f122b1746feeafdb8d68e378c55963e44f4888e587ac
7a52d0c5a8a7e8fc6ce9624e895b72e05e2f1d076cdea888064627109ca374b8
7f313c67027a63c4d31074e35a55b5e5f83b342cf18e350bedad283db376cefa
804746a295cb794510313c5d0284cbbe8bdce702fe898ac94747e2e4ecbed34f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87ba34a2dac0d833ec28f5da1f52fa5a2b8279152500e1b825e241e4a64ea488
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
888a4896e62b4c66cf947306f818840639326efaa3a36d6eac80a280d2eb30e4
8ea6ac3faf357236a97f5de749df4da6e8436ca107bc3a4ee805cbf08bc47392
92f492db4ff1b782c756e97baa48b186a24556157920290169db4332821a3748
948885bd4309eb712603274e39eb265810a3c7f20b5507068491f12e566aa143
991bed67a80819844fba2a07d0691077321a2137b35fb91020db88918ec81ad6
99fbbc08541c4be73adba9fc260a51e5c10ad79570b31d494816d605160236c6
9b1f88d2c06b920acb6b4621e867a356b74f2e2fa72b8d7077c68b2534ffe8f3
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a450159efc5350f21b16796672c9bb13b7b5f2bf2df2b2ee14d10df8144ae725
a4d0cc2ba721c5df211e902766c0efb5144758a1500dd861004676de421fe92f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae4a8ab23dfa787bbcbc478d7dce500c81f03e54ba9b1584fb462a64cf14da3f
b129ccf4def3c2124b8e173b148de8a100050491db5665f25c5bf0a8fed83d3f
b291007c00998a699e9a4a06528199c6864d9772abea1007db203b0e7a082ff1
b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33
b5a61526edbf90d4ab36c1edf05f28b410839573fd3769510f66f83e1ba51ba8
b7b2477e7876212e56481e625c1562bedbd0e3e2e674854cc91b9396afa3ff1f
b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783
bbb3a67b135a676fd40a5601fe26b813e04170bc6594549ecc5380c4192ddd2e
c070958ab1ee6ede8d84c1f09cf36ef916e5c20467eb2e7b01703a4f8fe7a577
c0a26ababbe1ae4e930cffeb8fd53219253edbd8afb5c075ecdc3f045869c194
c1cc72d77385d4404619101c898d1edb48c3456f4a5b602c94b7f4aaf541055b
c642780159940abc69a10c34acb91f27c0036c6b651464dfc21ae80ad9db82fb
c65a829403319c4b47282f39a155b3093f587b21bcbce8cf617c48699bd45196
c98ad91fb505c5274ffd7c7f24fa62878c420db7778edb428ecb4d4e387df3ae
ca0201479be1440751db3dfbaa16f6ef4499e4d00ef2c4b0e350d169643ee098
cc4a0c9052d089efd3e3067e0241e5c28d913395db859b5032121a01453f189b
cc65116d7f14185237cb32aef9ee2d2917b3da2c4a6c1359f70fd6a4996b5114
cf0bc41c352f9bb55c1cad549f89500e4e1e30f983be3408960f65f83c917c20
d5cda935f8ed170bfd1ef82a8dc2cb69ec0a040ec7d6f9a1755cd6d619011920
db5ca408b0a0f7192f70699d7aab80dd90b2f24b9ad9050504ad14b243d8e21b
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
dd6f5c5aa383f2f8afa0bca5c44313e6f837a347cb6d53d827b684a88356693a
df700ae5f7e1535b54ce817c3f69a94be9ac4d30b6bfed516db0a07d521adc1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70ec4590ed626e70d12eda92a69afdcf366f2e85d9d1e6728ca45bd9f1925c9
e84f1623f9c6186ec1665f83a9d8a5cd8e4e5b310a4996c387eff1dbd88a4cf3
e9971e2ef2b448f683f1338f14225524d9a359f481d080c48afd93c59a5c7001
e9e29bf173dba58b06458353c4bdd5db0957ddf0135f90df413272f518b0f69b
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ec01b15e42697556f27326ded0215719d9a54aa9a07f5737ec1e21cf3c055ebf
edb66434567b603679a9fd45786ff3b3b2bf3903d0da2e1c5af626688540bcc4
edffc9384a84607d30be0cbfc7ccd89cf972829772a045b0c163d799a7fef5ae
ee665d0b545431913b963b0ac3d2ed18b936f6c6ba0e55c111efe8e7763a0c0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61695dc3f58468c40db4492defbcd70b2435e6e5a6e31096cd117a54ab0b4a
f56466ab035a1ee8a5e42cd783af49557f6a313e5c042ffe03cc64a9d40c469d
f7f8185fe7fc82ef10bec7ed319b60080330179cdb4af5c78d614a2081d044a1
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f
ff2cf729d4dbbd8c828ef0a527512e10da600b23df28aef76f4b5182ef7af59b

cpcontacts.secured-wellsconnect01.duckdns.org Open in urlscan Pro 68.183.147.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

149 Requests

99 %HTTPS

53 %IPv6

38 Domains

54 Subdomains

46 IPs

7 Countries

2444 kBTransfer

8933 kBSize

13 Cookies

6 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cpcontacts.secured-wellsconnect01.duckdns.org Open in urlscan Pro
68.183.147.206 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

99 %
HTTPS

53 %
IPv6

38
Domains

54
Subdomains

46
IPs

7
Countries

2444 kB
Transfer

8933 kB
Size

13
Cookies

149 HTTP transactions
0 data transactions