urlscan.io logo urlscan.io
SecurityTrails logo

veryfast.io Open in urlscan Pro
34.195.48.210  Public Scan

Go To Rescan Add Verdict Report
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Submission: On May 05 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 28 HTTP transactions. The main IP is 34.195.48.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is veryfast.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 11th 2020. Valid for: a year.
This is the only time veryfast.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 34.195.48.210 14618 (AMAZON-AES)
1 141.226.142.181 394213 (BLUESNAP-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 141.226.140.51 394213 (BLUESNAP-AS)
2 52.37.61.134 16509 (AMAZON-02)
3 141.226.140.63 394213 (BLUESNAP-AS)
8 2606:4700::c6... 13335 (CLOUDFLAR...)
28 11
8    34.195.48.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-48-210.compute-1.amazonaws.com
veryfast.io
1    141.226.142.181 (United States)

ASN394213 (BLUESNAP-AS, US)
ws.bluesnap.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    141.226.140.51 (United States)

ASN394213 (BLUESNAP-AS, US)
sandbox.bluesnap.com
2    52.37.61.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-61-134.us-west-2.compute.amazonaws.com
tst.kaptcha.com
3    141.226.140.63 (United States)

ASN394213 (BLUESNAP-AS, US)
www1.bluesnap.com
8    2606:4700::c6d9:fbfa (United States)

ASN13335 (CLOUDFLARENET, US)
songbird.cardinalcommerce.com
centinelapi.cardinalcommerce.com
geo.cardinalcommerce.com
writer.cardinalcommerce.com
Domain Requested by
8 veryfast.io veryfast.io
5 songbird.cardinalcommerce.com ws.bluesnap.com
songbird.cardinalcommerce.com
3 www1.bluesnap.com ws.bluesnap.com
2 tst.kaptcha.com ws.bluesnap.com
2 sandbox.bluesnap.com 2 redirects
1 writer.cardinalcommerce.com songbird.cardinalcommerce.com
1 geo.cardinalcommerce.com songbird.cardinalcommerce.com
1 centinelapi.cardinalcommerce.com songbird.cardinalcommerce.com
1 www.google.de veryfast.io
1 www.google.com veryfast.io
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com veryfast.io
1 cdnjs.cloudflare.com veryfast.io
1 ws.bluesnap.com veryfast.io
28 15

This site contains links to these domains. Also see Links.

Domain
account.microsoft.com
Subject Issuer Validity Valid
veryfast.io
Go Daddy Secure Certificate Authority - G2		 2020-01-11 -
2021-03-11		 a year crt.sh
*.bluesnap.com
COMODO RSA Organization Validation Secure Server CA		 2020-02-05 -
2021-12-01		 2 years crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
tst.kaptcha.com
RapidSSL RSA CA 2018		 2018-02-06 -
2021-05-06		 3 years crt.sh
ssl981384.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-19 -
2020-08-27		 6 months crt.sh

This page contains 7 frames:

Primary Page: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Frame ID: 341089EFFD61A16F472C18EB6103D790
Requests: 22 HTTP requests in this frame

Frame: https://veryfast.io/compatibility.html
Frame ID: 1C2F239FC333AAF24EBDE01A321E57A9
Requests: 1 HTTP requests in this frame

Frame: https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
Frame ID: 9C5DD6FDFB6A1AC0455D8B34F7B86323
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.3.0/hpfCcnInput.html
Frame ID: 3DF63874F8F95B20D46E7A24257CBB48
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.3.0/hpfExpInput.html
Frame ID: BA324A79B09A13272ACD665A8D67BC6B
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.3.0/hpfCvvInput.html
Frame ID: 5ECF3ADCB495499C09A7256C94BB1186
Requests: 1 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5e1705424e540305c024b686&tmEventType=PAYMENT&referenceId=83602397&geolocation=false&origin=Songbird
Frame ID: 8712ADB3909C83E8A725E54E02CCE832
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

15
Subdomains

11
IPs

2
Countries

587 kB
Transfer

1187 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://sandbox.bluesnap.com/servlet/logo.htm?s=e24597c113e496f9babbddc79d298f56 HTTP 302
  • https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
Request Chain 19
  • https://sandbox.bluesnap.com/servlet/logo.gif?s=e24597c113e496f9babbddc79d298f56 HTTP 302
  • https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
veryfast.io/ 		32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9845cca5d866d7b2ec425384fa1e37282bcc4be0d48913d0151bd0d3dac0173a

Request headers

Host
veryfast.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 05 May 2020 17:47:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
srcd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 srcr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 lp=%2Flp_special_msoffice_mcafee.html; expires=Tue, 12-May-2020 17:47:15 GMT; Max-Age=604800
Content-Encoding
gzip
office_3mcafee.png
veryfast.io/images/3rdparty/ 		311 KB
312 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veryfast.io/images/3rdparty/office_3mcafee.png
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fbf1ee69fe9ce0eecda64ceeb9b01ab7113444d317e3868aef82e9808f81f4ef

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Last-Modified
Mon, 06 Apr 2020 09:53:42 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e8afc26-4ddbf"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
318911
cc-generic-card.png
veryfast.io/images/ 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veryfast.io/images/cc-generic-card.png
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
026738fe3fdc08c00ade8228365f1e86e5c17d59d01235f351123a754b05cab8

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Last-Modified
Wed, 28 Aug 2019 13:03:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5d667baf-348"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
840
cc_ccv_image.png
veryfast.io/images/ 		713 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veryfast.io/images/cc_ccv_image.png
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8243e50e129d84fe168aca9c1b44fc86877e5ba23bd1a68050948637346e893a

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Last-Modified
Wed, 28 Aug 2019 13:03:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5d667baf-2c9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
713
main.js
veryfast.io/src/ 		205 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://veryfast.io/src/main.js
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
915b2ad50723ed95646711e83d6a492bcc19e51f425d8b6a9a43f69ace94c987

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Last-Modified
Thu, 02 Jan 2020 10:16:53 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e0dc315-cd"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205
bluesnap.js
ws.bluesnap.com/web-sdk/4/ 		176 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.142.181 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
a35f8d4cefe183017351357f59bc03aa3ac24f6eb07cd8bf50632225fc8b2b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Apr 2020 08:54:40 GMT
Server
Apache
ETag
"2c17b-5a3141df5da50-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=80
Content-Length
49828
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 17:47:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
999497
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02878c08a50000175ef9037200000001
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-14983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58ec49210a1c175e-FRA
expires
Sun, 25 Apr 2021 17:47:16 GMT
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-858128210
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61b9c5d45c43e513596173a9367d7d6ad215acb877816d0990d4a03a7030d27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 17:47:15 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30216
x-xss-protection
0
last-modified
Tue, 05 May 2020 15:41:58 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 May 2020 17:47:15 GMT
pixel.gif
veryfast.io/ 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://veryfast.io/pixel.gif?evt_src=web&evt_action=new_fcid&ncrd=1588700835974&user-agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/74.0.3729.169%20Safari/537.36
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Last-Modified
Fri, 24 Mar 2017 19:00:29 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"58d56ccd-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
compatibility.html
veryfast.io/ Frame 1C2F 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://veryfast.io/compatibility.html
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1e4eaf33eb2111e930f67e7d9fdbab0daa07631866089045c24d0d9552b48b87

Request headers

Host
veryfast.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lp=%2Flp_special_msoffice_mcafee.html; _fcid=1588700835974746
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Tue, 05 May 2020 17:47:16 GMT
Content-Type
text/html
Last-Modified
Thu, 02 Jan 2020 10:16:53 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5e0dc315-1eb7"
Content-Encoding
gzip
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-858128210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
11f77cf8044e6ffce376a838bb25750923f52cc16f04b91497360abac7c7dc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 17:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10749
x-xss-protection
0
server
cafe
etag
7567063759010655417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 May 2020 17:47:16 GMT
api.php
veryfast.io/api/ 		92 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://veryfast.io/api/api.php?c=front&a=bstoken
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.195.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-48-210.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2bf312436607344604ec8a3a5f27a23f64475218d71fc4846ab48ab0728aa4cc

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Tue, 05 May 2020 17:47:16 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/858128210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858128210/?random=1588700836514&cv=9&fst=1588700836514&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fveryfast.io%2F%3Fp%3Dlp_special_msoffice_mcafee%26ap%3Demail%26email%3Djimmy.roy%40loblaw.ca&tiba=Special%20Offer!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d30702329301c8941596acf53239bc804137eef3919fc80647c8ae0884572293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 May 2020 17:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/858128210/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/858128210/?random=1588700836514&cv=9&fst=1588698000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fveryfast.io%2F%3Fp%3Dlp_special_msoffice_mcafee%26ap%3Demail%26email%3Djimmy.roy%40loblaw.ca&tiba=Special%20Offer!&async=1&fmt=3&is_vtc=1&random=89217420&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 May 2020 17:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/858128210/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/858128210/?random=1588700836514&cv=9&fst=1588698000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fveryfast.io%2F%3Fp%3Dlp_special_msoffice_mcafee%26ap%3Demail%26email%3Djimmy.roy%40loblaw.ca&tiba=Special%20Offer!&async=1&fmt=3&is_vtc=1&random=89217420&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: veryfast.io
URL: https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 May 2020 17:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set logo.htm
tst.kaptcha.com/ Frame 9C5D
Redirect Chain
  • https://sandbox.bluesnap.com/servlet/logo.htm?s=e24597c113e496f9babbddc79d298f56
  • https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.37.61.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-61-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
tst.kaptcha.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
Set-Cookie
k=27a86d3117ff4b6287a118e98a56bd0d; Path=/; Expires=Mon, 03 Aug 2020 17:47:18 GMT; Secure; SameSite=None
Date
Tue, 05 May 2020 17:47:18 GMT
Transfer-Encoding
chunked

Redirect headers

Date
Tue, 05 May 2020 17:47:17 GMT
Set-Cookie
JSESSIONID=C1EA413067CD54505FD32D8DF90E022C; Path=/; Secure; HttpOnly TS017057c4=018b1f380b739392df84b1b9f0153cf2ca56831442c5dcc8c6443a81827c394d99f6fbbfd91c7f34e50cac20e67dd8b3fa328281f6b74c8743f2f6c206eb847f541c68fff3; Path=/
Location
https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
Content-Length
0
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfCcnInput.html
www1.bluesnap.com/web-sdk/4.3.0/ Frame 3DF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.bluesnap.com/web-sdk/4.3.0/hpfCcnInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca

Response headers

Date
Tue, 05 May 2020 17:47:17 GMT
Server
Apache
Last-Modified
Sun, 12 Apr 2020 08:55:23 GMT
ETag
"23b-5a31420828f8e"
Accept-Ranges
bytes
Content-Length
571
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfExpInput.html
www1.bluesnap.com/web-sdk/4.3.0/ Frame BA32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.bluesnap.com/web-sdk/4.3.0/hpfExpInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca

Response headers

Date
Tue, 05 May 2020 17:47:17 GMT
Server
Apache
Last-Modified
Sun, 12 Apr 2020 08:55:23 GMT
ETag
"23b-5a3142083db9c"
Accept-Ranges
bytes
Content-Length
571
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfCvvInput.html
www1.bluesnap.com/web-sdk/4.3.0/ Frame 5ECF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.bluesnap.com/web-sdk/4.3.0/hpfCvvInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca

Response headers

Date
Tue, 05 May 2020 17:47:17 GMT
Server
Apache
Last-Modified
Sun, 12 Apr 2020 08:55:23 GMT
ETag
"235-5a31420832401"
Accept-Ranges
bytes
Content-Length
565
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
songbird.js
songbird.cardinalcommerce.com/edge/v1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2dd81d97dd91e8ed037b369f96d6c794df676e38a69b851b457186bc474f4e

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 05 May 2020 17:47:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1350
status
200
cf-request-id
02878c0ca40000d6c108985200000001
last-modified
Thu, 26 Mar 2020 23:45:58 GMT
server
cloudflare
etag
W/"07facb2c83d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 05 May 2020 21:47:17 GMT
cache-control
public, max-age=14400
cf-ray
58ec49276f32d6c1-FRA
cf-bgj
minify
logo.htm
tst.kaptcha.com/
Redirect Chain
  • https://sandbox.bluesnap.com/servlet/logo.gif?s=e24597c113e496f9babbddc79d298f56
  • https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.37.61.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-61-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*

Redirect headers

Location
https://tst.kaptcha.com/logo.htm?m=700000&s=e24597c113e496f9babbddc79d298f56
Date
Tue, 05 May 2020 17:47:17 GMT
Connection
Keep-Alive
Keep-Alive
timeout=2, max=80
Content-Length
0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/gif
1.91ae5edca378ad3af82e.songbird.js
songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/ 		387 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/1.91ae5edca378ad3af82e.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfdaed6733c70bab45120257e47904b9983c607620f9886f8734b244d689ef1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Origin
https://veryfast.io

Response headers

date
Tue, 05 May 2020 17:47:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2340004
cf-polished
origSize=395963
status
200
cf-request-id
02878c0cd10000d6fd11253200000001
last-modified
Thu, 26 Mar 2020 23:45:58 GMT
server
cloudflare
etag
W/"07facb2c83d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 01 Nov 2020 17:47:17 GMT
cache-control
public, max-age=15552000
cf-ray
58ec4927bed9d6fd-FRA
cf-bgj
minify
12.91ae5edca378ad3af82e.songbird.js
songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/12.91ae5edca378ad3af82e.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0e790cea151e2c2958ce9c2733350bba10e0b63dc8d130f6bdb93893d7064c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Origin
https://veryfast.io

Response headers

date
Tue, 05 May 2020 17:47:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2332522
cf-polished
origSize=22956
status
200
cf-request-id
02878c13c10000d6fd1134e200000001
last-modified
Thu, 26 Mar 2020 23:45:58 GMT
server
cloudflare
etag
W/"07facb2c83d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 01 Nov 2020 17:47:18 GMT
cache-control
public, max-age=15552000
cf-ray
58ec4932cfd8d6fd-FRA
cf-bgj
minify
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/1.91ae5edca378ad3af82e.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7725d1bb4160b7b1a2b3bf0ba4af5a4c0894340db99a3f344c11de156fc9f6a9

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
X-Cardinal-Tid
Tid-d785277a-7a35-43ab-8983-32dc8c9e0d84
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 05 May 2020 17:47:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://veryfast.io
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cf-ray
58ec4933db12d6fd-FRA
cf-request-id
02878c14640000d6fd1135d200000001
11.91ae5edca378ad3af82e.songbird.js
songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/11.91ae5edca378ad3af82e.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43254e79437320507f478254143713181cace86b1cf7c2face7a7e8cf156e53e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Origin
https://veryfast.io

Response headers

date
Tue, 05 May 2020 17:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2332522
status
200
cf-request-id
02878c14fe0000d6fd1137f200000001
last-modified
Thu, 26 Mar 2020 23:45:58 GMT
server
cloudflare
etag
W/"07facb2c83d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 01 Nov 2020 17:47:19 GMT
cache-control
public, max-age=15552000
cf-ray
58ec4934ce01d6fd-FRA
cf-bgj
minify
Render
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 8712 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5e1705424e540305c024b686&tmEventType=PAYMENT&referenceId=83602397&geolocation=false&origin=Songbird
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/1.91ae5edca378ad3af82e.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
geo.cardinalcommerce.com
:scheme
https
:path
/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5e1705424e540305c024b686&tmEventType=PAYMENT&referenceId=83602397&geolocation=false&origin=Songbird
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca

Response headers

status
200
date
Tue, 05 May 2020 17:47:19 GMT
content-type
text/html;charset=ISO-8859-1
p3p
CP="This site does not have a p3p policy."
vary
accept-encoding
content-language
en-US
set-cookie
BIGipServerPortal-Prod-Web-DeviceFingerprintWeb.app~Portal-Prod-Web-DeviceFingerprintWeb_pool=!mglnSrUcv2AhZFrOZjmAVbCf9+xeYTddF6HO6pjkN6UzQWejt0umshI9VgB7x6JX1WR4T2EYcCMP; path=/; Httponly; Secure
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58ec4934e9ffd6c1-FRA
content-encoding
gzip
cf-request-id
02878c15130000d6c108ace200000001
3.91ae5edca378ad3af82e.songbird.js
songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/3.91ae5edca378ad3af82e.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b24562b83c26a7d24ab1af287eb940999264e5a803e6322f1e64a6604cffe1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
Origin
https://veryfast.io

Response headers

date
Tue, 05 May 2020 17:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2332521
status
200
cf-request-id
02878c15240000d6fd1138f200000001
last-modified
Thu, 26 Mar 2020 23:45:58 GMT
server
cloudflare
etag
W/"07facb2c83d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 01 Nov 2020 17:47:19 GMT
cache-control
public, max-age=15552000
cf-ray
58ec49350eead6fd-FRA
cf-bgj
minify
log
writer.cardinalcommerce.com/prod/ 		15 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://writer.cardinalcommerce.com/prod/log
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/91ae5edca378ad3af82e/1.91ae5edca378ad3af82e.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://veryfast.io/?p=lp_special_msoffice_mcafee&ap=email&email=jimmy.roy@loblaw.ca
X-Cardinal-Tid
Tid-d785277a-7a35-43ab-8983-32dc8c9e0d84
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 05 May 2020 17:47:20 GMT
via
1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
ATL51-C1
x-amzn-requestid
99be0d36-9764-40cd-b962-eccc8e9d69f9
x-cache
Miss from cloudfront
status
200
x-amz-apigw-id
MEb6PGxsIAMFXpQ=
content-length
15
cf-request-id
02878c174c0000d6fd11007200000001
server
cloudflare
x-amzn-trace-id
Root=1-5eb1a6a7-b841fe30be836e53ffc78b51;Sampled=0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
58ec49387979d6fd-FRA
x-amz-cf-id
s_wvwqzlHf938Y6GmD7xgkN0DEIoQCeXo0UavhCb8tDKFjiX8qsvLw==

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| makePostRequest function| makeGetRequest function| getQueryParams function| parseJson function| createCookie function| readCookie function| eraseCookie function| showAlert function| gaInit function| gaSendPageView function| gaSendEvent function| pixelEvent function| ft function| appendJs function| checkCookieUID function| getGuid function| newGuid function| animateShow function| animateHide function| sendGtagUserId string| guid function| getGuidOnError number| packageSelect object| packages function| getProduct function| getPrice undefined| s1 undefined| s0 object| __core-js_shared__ object| bluesnap function| $ function| jQuery number| loadInt function| initBluesnap function| prefillCCform function| showCCform function| changeImpactedElement object| cardUrl object| bsObj function| getPostData function| activeSubmitBtn function| submitForm function| gtag object| dataLayer string| sHref string| lpCookie undefined| Tawk_API undefined| Tawk_LoadStart object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| songbirdLoader object| Cardinal function| setImmediate function| clearImmediate

3 Cookies

Domain/Path Name / Value
.veryfast.io/ Name: guid
Value: XXXXXXXX-XXXX-XXXX-XXXX-588700836415
.veryfast.io/ Name: _fcid
Value: 1588700835974746
veryfast.io/ Name: lp
Value: %2Flp_special_msoffice_mcafee.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
centinelapi.cardinalcommerce.com
geo.cardinalcommerce.com
googleads.g.doubleclick.net
sandbox.bluesnap.com
songbird.cardinalcommerce.com
tst.kaptcha.com
veryfast.io
writer.cardinalcommerce.com
ws.bluesnap.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www1.bluesnap.com
141.226.140.51
141.226.140.63
141.226.142.181
172.217.23.130
2606:4700::6810:85e5
2606:4700::c6d9:fbfa
2a00:1450:4001:806::2002
2a00:1450:4001:814::2003
2a00:1450:4001:815::2004
2a00:1450:4001:824::2008
34.195.48.210
52.37.61.134
026738fe3fdc08c00ade8228365f1e86e5c17d59d01235f351123a754b05cab8
11f77cf8044e6ffce376a838bb25750923f52cc16f04b91497360abac7c7dc26
1e4eaf33eb2111e930f67e7d9fdbab0daa07631866089045c24d0d9552b48b87
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2bf312436607344604ec8a3a5f27a23f64475218d71fc4846ab48ab0728aa4cc
2cfdaed6733c70bab45120257e47904b9983c607620f9886f8734b244d689ef1
43254e79437320507f478254143713181cace86b1cf7c2face7a7e8cf156e53e
61b9c5d45c43e513596173a9367d7d6ad215acb877816d0990d4a03a7030d27b
6e2dd81d97dd91e8ed037b369f96d6c794df676e38a69b851b457186bc474f4e
7725d1bb4160b7b1a2b3bf0ba4af5a4c0894340db99a3f344c11de156fc9f6a9
8243e50e129d84fe168aca9c1b44fc86877e5ba23bd1a68050948637346e893a
84b24562b83c26a7d24ab1af287eb940999264e5a803e6322f1e64a6604cffe1
915b2ad50723ed95646711e83d6a492bcc19e51f425d8b6a9a43f69ace94c987
9845cca5d866d7b2ec425384fa1e37282bcc4be0d48913d0151bd0d3dac0173a
9a0e790cea151e2c2958ce9c2733350bba10e0b63dc8d130f6bdb93893d7064c
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a35f8d4cefe183017351357f59bc03aa3ac24f6eb07cd8bf50632225fc8b2b4d
d30702329301c8941596acf53239bc804137eef3919fc80647c8ae0884572293
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbf1ee69fe9ce0eecda64ceeb9b01ab7113444d317e3868aef82e9808f81f4ef