hvacmoney.com Open in urlscan Pro
23.227.38.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hvacmoney.com/
Submission: On April 07 via automatic, source certstream-suspicious (April 7th 2022, 6:50:28 pm UTC) — Scanned from CA

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 66 HTTP transactions. The main IP is 23.227.38.32, located in Canada and belongs to CLOUDFLARENET, US. The main domain is hvacmoney.com.
TLS certificate: Issued by R3 on April 7th 2022. Valid for: 3 months.

This is the only time hvacmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2a04:4e42:400... 2a04:4e42:400::268	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
6	104.16.254.71 104.16.254.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::ac43:592	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.192.108.235 69.192.108.235	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:141b:500... 2600:141b:5000:682::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.131.127.224 104.131.127.224	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	52.85.61.81 52.85.61.81	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:21b... 2600:9000:21b8:5000:7:6365:89c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1	3.97.44.171 3.97.44.171	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
66	17

2 23.227.38.32 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

hvacmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a04:4e42:400::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
productreviews.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.254.71 (None, )

ASN13335 (CLOUDFLARENET, US)

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:592 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.108.235 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-108-235.deploy.static.akamaitechnologies.com

883d95281f02d796f8b6-7f0f44eb0f2ceeb9d4fffbe1419aae61.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:5000:682::1d72 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.127.224 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

upsell.kad.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-81.ewr53.r.cloudfront.net

static.cdn.printful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21b8:5000:7:6365:89c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.97.44.171 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-44-171.ca-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2252	663 KB
6	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2851	5 KB
6	shopifycdn.com fonts.shopifycdn.com — Cisco Umbrella Rank: 4866 productreviews.shopifycdn.com — Cisco Umbrella Rank: 8952	81 KB
3	pushowl.com cdn.pushowl.com — Cisco Umbrella Rank: 15111	38 KB
3	yotpo.com staticw2.yotpo.com — Cisco Umbrella Rank: 6691 p.yotpo.com — Cisco Umbrella Rank: 6183	159 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282 fonts.googleapis.com — Cisco Umbrella Rank: 46	35 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	502 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	hvacmoney.com hvacmoney.com	30 KB
1	printful.com static.cdn.printful.com — Cisco Umbrella Rank: 29201	6 KB
1	kad.systems upsell.kad.systems	116 KB
1	rackcdn.com 883d95281f02d796f8b6-7f0f44eb0f2ceeb9d4fffbe1419aae61.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 233030	10 KB
1	powr.io www.powr.io — Cisco Umbrella Rank: 13274	6 KB
1	shop.app shop.app — Cisco Umbrella Rank: 5621	1 KB
66	15

	Domain	Requested by
30	cdn.shopify.com	hvacmoney.com cdn.shopify.com
6	monorail-edge.shopifysvc.com	cdn.shopify.com
3	cdn.pushowl.com	hvacmoney.com cdn.shopify.com
3	productreviews.shopifycdn.com	hvacmoney.com productreviews.shopifycdn.com
3	fonts.shopifycdn.com	cdn.shopify.com
2	staticw2.yotpo.com	hvacmoney.com staticw2.yotpo.com
2	www.facebook.com	hvacmoney.com
2	connect.facebook.net	cdn.shopify.com connect.facebook.net
2	www.google-analytics.com	hvacmoney.com www.google-analytics.com
2	hvacmoney.com	cdn.shopify.com
1	fonts.googleapis.com	staticw2.yotpo.com
1	p.yotpo.com
1	ajax.googleapis.com	productreviews.shopifycdn.com
1	static.cdn.printful.com	hvacmoney.com
1	upsell.kad.systems	hvacmoney.com
1	883d95281f02d796f8b6-7f0f44eb0f2ceeb9d4fffbe1419aae61.ssl.cf1.rackcdn.com	hvacmoney.com
1	www.powr.io	hvacmoney.com
1	shop.app	cdn.shopify.com
66	18

This site contains no links.

Subject Issuer	Validity	Valid
hvacmoney.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
shop.app R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-15` - `2022-04-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.yotpo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-04` - `2023-04-04`	a year	crt.sh
upsell.kad.systems R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
cdn.printful.com Amazon	`2021-09-02` - `2022-10-01`	a year	crt.sh
ik.imagekit.io R3	`2022-03-03` - `2022-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
yotpo.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hvacmoney.com/
Frame ID: 54399DB58ADF6C8AC018ADA24C16B7EC
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BADASS RIGS® CLOTHING Co. – BADASS RIGS™ Clothing Co. AmazonAmerican ExpressApple PayBitcoinBitcoin CashDAIDiners ClubDiscoverDogecoinEthereumFacebook PayGoogle PayLitecoinMastercardPayPalShop PayUSDCVenmoVisa

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Amazon Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<meta id="amazon-payments

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

PushOwl (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.pushowl\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

95 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

17
IPs

3
Countries

1283 kB
Transfer

3407 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hvacmoney.com/ 140 KB
28 KB 571ms
481ms Document
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

c082864a63f283c23cb43e6604a752b59cd93ed6e775b5c18b1b5171e9d3ef17

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f84f2c31953a205-YYZ
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 07 Apr 2022 18:50:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
server: cloudflare
server-timing-public: processing;dur=406, db;dur=176, parse;dur=6
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:182d0522638acf6dd40b753b95ae676b
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 8c46e171-2f32-4730-9802-d9773b8e0c8b
x-shardid: 56
x-shopid: 12985165
x-shopify-stage: production
x-sorting-hat-podid: 56
x-sorting-hat-shopid: 12985165
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H2 200 theme.scss.css
cdn.shopify.com/s/files/1/1298/5165/t/10/assets/ 166 KB
28 KB 1025ms
1002ms Stylesheet
text/css 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css?v=9248826802260002681

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

26348dc25b03e4ed1a08a9b31ce7c8078bfd22403bad59df1334001255d03f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, MISS
server-timing: imagery;dur=864.604, imageryFetch;dur=88.915, imageryProcess;dur=764.200;desc="scss", cdn;dur=974.357,cdnPop;desc=LGA,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=892.940,cdnOriginTTLB;dur=974.274, cdn;dur=990.542,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=982.481,cdnOriginTTLB;dur=990.447
content-length: 28185
x-xss-protection: 1; mode=block
x-request-id: 5a817f44d4c27c27497117624303686e
x-served-by: cache-lga21970-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.533437,VS0,VE991
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css>; rel="canonical"
x-cache-hits: 0, 0

GET
H2 200 load_feature-8efd97e96728f91aa74d4a6e8acbe8011adda17d2c0b6ccd8600a1bdd2453392.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
3 KB 34ms
10ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-8efd97e96728f91aa74d4a6e8acbe8011adda17d2c0b6ccd8600a1bdd2453392.js

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12831-YUL /

Resource Hash

8efd97e96728f91aa74d4a6e8acbe8011adda17d2c0b6ccd8600a1bdd2453392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hvacmoney.com/
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.145,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2801
x-xss-protection: 1; mode=block
x-request-id: d34b425e947dccf59d533bbf705ef4ac
x-served-by: cache-lga21965-LGA, cache-yul12831-YUL
server: cache-yul12831-YUL
x-timer: S1649357421.533951,VS0,VE0
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-8efd97e96728f91aa74d4a6e8acbe8011adda17d2c0b6ccd8600a1bdd2453392.js>; rel="canonical"
x-cache-hits: 1, 1666372

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
17 KB 11ms
11ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12831-YUL /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hvacmoney.com/
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.199,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17403
x-xss-protection: 1; mode=block
x-request-id: d24f68e00ad2c387919512c88e2154be
x-served-by: cache-lga21969-LGA, cache-yul12831-YUL
server: cache-yul12831-YUL
x-timer: S1649357421.552986,VS0,VE0
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 13, 1086584

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 11ms
11ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12831-YUL /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hvacmoney.com/
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.123,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 12325
x-xss-protection: 1; mode=block
x-request-id: 85a40ec136958bab513c48c86d4a0b01
x-served-by: cache-lga21932-LGA, cache-yul12831-YUL
server: cache-yul12831-YUL
x-timer: S1649357421.568317,VS0,VE0
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 32, 1611969

GET
H2 200 jquery-2.2.3.min.js Show response
cdn.shopify.com/s/files/1/1298/5165/t/10/assets/ 84 KB
29 KB 35ms
11ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/jquery-2.2.3.min.js?v=5821186314690718683

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.310,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 29118
x-xss-protection: 1; mode=block
x-request-id: 5a48b830ce57cfaee63f037ef0102072
x-served-by: cache-lga21931-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.533521,VS0,VE0
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/jquery-2.2.3.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 lazysizes.min.js Show response
cdn.shopify.com/s/files/1/1298/5165/t/10/assets/ 21 KB
8 KB 13ms
13ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/lazysizes.min.js?v=814795323333422134

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

32bdd920f4c76736a77c4e2493b7a8a1586adf891f6b22aef65a9f550b3c9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.066,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7631
x-xss-protection: 1; mode=block
x-request-id: 657b662562c438c345929ffcc9d6f82d
x-served-by: cache-lga21976-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.582465,VS0,VE1
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/lazysizes.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 vendor.js Show response
cdn.shopify.com/s/files/1/1298/5165/t/10/assets/ 113 KB
36 KB 12ms
12ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/vendor.js?v=10617728264572072733

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

23a8a9e25c65b6e928d6ee291f4392d536676693b6318f1981d23623b0f3b640

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.349,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 36400
x-xss-protection: 1; mode=block
x-request-id: 467487c521dcb3611bae5233f19fddd0
x-served-by: cache-lga21926-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.597954,VS0,VE0
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/vendor.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 theme.js Show response
cdn.shopify.com/s/files/1/1298/5165/t/10/assets/ 49 KB
14 KB 13ms
13ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.js?v=570899025489126576

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

802efa4047f66f99ba48b916ef455cf54abbeeae8bfc50a7d20f017669c9c513

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.963,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 13379
x-xss-protection: 1; mode=block
x-request-id: cd144c445d2addb2a5e6a815200836eb
x-served-by: cache-lga21961-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.615812,VS0,VE2
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
18ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 178
date: Thu, 07 Apr 2022 18:47:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 07 Apr 2022 20:47:22 GMT

GET
H2 200 1000x500_smoke_this_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 10 KB
10 KB 11ms
10ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_smoke_this_300x.png?v=1580874872

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

929be9a58241ba2bee9df7eab9279a580e83c2635633ce8476a2adca70bd2b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.260,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 10034
x-xss-protection: 1; mode=block
x-request-id: f1d4c7d85c3eef255bdbc2f2b765f762
x-served-by: cache-lga21953-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.706992,VS0,VE0
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_smoke_this_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 1000x500_guy_and_girl_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 11 KB
11 KB 12ms
12ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_guy_and_girl_300x.png?v=1580874664

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

7690f781699a7ad8925cfb9e7ab68e0dcfd34edde68323ddfc2c43628e4d3c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.980,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 11302
x-xss-protection: 1; mode=block
x-request-id: 59ad85c5f65acff016d36cc84afea67a
x-served-by: cache-lga21940-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.719906,VS0,VE1
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_guy_and_girl_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 1000x500_free-image-resizer-cropper_9_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 15 KB
16 KB 12ms
11ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_free-image-resizer-cropper_9_300x.png?v=1580918301

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

30aed8d9dec3892acdcd7b0f5042b6071b6d849386938f5f3244dbacf330d634

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.713,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 15444
x-xss-protection: 1; mode=block
x-request-id: f8b75e98e08ddf2915e6a6ee296ce07e
x-served-by: cache-lga21983-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.733118,VS0,VE1
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_free-image-resizer-cropper_9_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 free-image-resizer-cropper_15_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 10 KB
10 KB 12ms
12ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_15_300x.png?v=1582338034

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

d454d3618b54360b6cec297ab95bfc20ad087c84d7dc6301c78f857d8acc40cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.130,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 10044
x-xss-protection: 1; mode=block
x-request-id: e023103622328650bb483d682de29d77
x-served-by: cache-lga21952-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.746090,VS0,VE1
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_15_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 free-image-resizer-cropper_11_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 9 KB
9 KB 11ms
11ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_300x.png?v=1580924770

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

94b51c7195d20b2640e8b7af90106619c36da776e56e66a6d2700888361b7d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.714,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 9230
x-xss-protection: 1; mode=block
x-request-id: e98d89b64883d0fc29ca83b07b529461
x-served-by: cache-lga21927-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357421.759256,VS0,VE1
date: Thu, 07 Apr 2022 18:50:20 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js Show response
cdn.shopify.com/s/ 79 KB
17 KB 11ms
11ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

7594b5b004d92a957618cf442dab030acf7c392de49cbac3e969f06c0498a376

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.109,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 16608
x-xss-protection: 1; mode=block
x-request-id: ed2312648364dc101e5bf4371e79a0da
x-served-by: cache-lga21941-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.554483,VS0,VE0
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js>; rel="canonical"
x-cache-hits: 1, 1039617

GET
H2 200 shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 12ms
12ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.136,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2560
x-xss-protection: 1; mode=block
x-request-id: 1eb88e98fda0736f43b081080bd1971e
x-served-by: cache-lga21957-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.555012,VS0,VE0
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js>; rel="canonical"
x-cache-hits: 1, 943558

GET
H2 200 montserrat_n5.e72d00d31ae5399d260a80ec70322c62c1819762.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
23 KB 26ms
14ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n5.e72d00d31ae5399d260a80ec70322c62c1819762.woff2?h1=aHZhY21vbmV5LmNvbQ&hmac=def86a4ed5446bb1c2111be802735811acc5c2ca80d84e037dc8dce9f7e5b720
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css?v=9248826802260002681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4cf3f54a68e9a00da43ed9ad4a370ec4312be90656aa4622527d66593e3bef6b

Request headers

Referer: https://cdn.shopify.com/
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
via: 1.1 varnish
age: 26207798
x-guploader-uploadid: ABg5-Uxumgq2B-Vc76pFyiclSnIu8RW4so_PgGM7k7CfA_kmdXQwqPH78HIqwwIRXIUr0hxQ98-7YZopf5fHazS4XMg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22728
x-request-id: 958d666e4c97e10402d28b7d592f691555f719744d767fe4123d0c68923d7b11
x-served-by: cache-yul12831-YUL
last-modified: Fri, 12 Mar 2021 19:42:26 GMT
server: UploadServer
x-timer: S1649357422.574921,VS0,VE0
etag: "d9cdf1b5437d48c36791c46358739d20"
x-goog-hash: crc32c=MYaIfg==, md5=2c3xtUN9SMNnkcRjWHOdIA==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:53:44 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 195047

GET
H2 200 montserrat_n7.c496e9cf2031deec4c4bca338faa81971c8631d4.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
23 KB 20ms
11ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n7.c496e9cf2031deec4c4bca338faa81971c8631d4.woff2?h1=aHZhY21vbmV5LmNvbQ&hmac=7dab765e58633ad092ebff5136e241d2d7a743e5cd64cade7d80e4f3c617447e
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css?v=9248826802260002681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b59d5f1c395f6c6931df5d01e7de4086834c7098cdfd6d043fb5199b5dae2236

Request headers

Referer: https://cdn.shopify.com/
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
via: 1.1 varnish
age: 26207909
x-guploader-uploadid: ABg5-UxR08TfHZO-a0B0JuN0NJyu5kdRW4Jg2QaFJ-KRv9_tcf61XVMUzlYTMz1uKrzdqVCDtCFrxOup36dAep8dmSYEvk5jqw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22736
x-request-id: 6bedabb0df191b3ccce77d9243f45664a8d14b064549ac22b12535ce1f37965e
x-served-by: cache-yul12831-YUL
last-modified: Fri, 12 Mar 2021 19:42:33 GMT
server: UploadServer
x-timer: S1649357422.574841,VS0,VE0
etag: "9723dc6acedf51483457acf18a46cd4e"
x-goog-hash: crc32c=Ps2yKw==, md5=lyPcas7fUUg0V6zxikbNTg==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:51:51 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 240525

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 34ms
33ms XHR
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1085735775&t=pageview&_s=1&dl=https%3A%2F%2Fhvacmoney.com%2F&ul=en-us&de=UTF-8&dt=BADASS%20RIGS%C2%AE%20CLOTHING%20Co.%20%E2%80%93%20BADASS%20RIGS%E2%84%A2%20Clothing%20Co.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=260375740&gjid=669368529&cid=2003686570.1649357422&tid=UA-80126001-1&_gid=404323338.1649357422&_r=1&_slc=1&z=477943264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 18:50:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hvacmoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Revised_Black_Background_Badass-Rigs-Full-Color-Logo_540x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 34 KB
35 KB 24ms
24ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/Revised_Black_Background_Badass-Rigs-Full-Color-Logo_540x.png?v=1580780783

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

88f6ead008458908c0a92cb0c334307a4fa104a7fe497258294b5af31c7efd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=2.781,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=12.323,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=10.431,cdnOriginTTLB;dur=12.242
content-length: 34826
x-xss-protection: 1; mode=block
x-request-id: b5688e4ac5b43b3f3687f42c74a3f168
x-served-by: cache-lga21930-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.599614,VS0,VE12
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/Revised_Black_Background_Badass-Rigs-Full-Color-Logo_540x.png>; rel="canonical"
x-cache-hits: 1, 0

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
929 B 100ms
56ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 9af63943-515f-469f-b983-708fd4507e8c
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VreuXDc5RDD0Ux%2BQA6RsRhJWlLNynk5%2FgqFpaEhANNbcLg0BUYFQDSal1Ra9qOzjv%2B0CoPOEHOwpkRkwVv0kIsd%2BlYom6vQgauzC5BQLDZWdD7zDsn036QEhz893wO3U%2BIafKdQlCo31dinOg1g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hvacmoney.com
access-control-allow-credentials: true
cf-ray: 6f84f2cd6ffda1f9-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 montserrat_i7.83866c3eec90071fa974c17980ffb42977f9e667.woff2
fonts.shopifycdn.com/montserrat/ 23 KB
23 KB 14ms
14ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_i7.83866c3eec90071fa974c17980ffb42977f9e667.woff2?h1=aHZhY21vbmV5LmNvbQ&hmac=044540a55247841c4e10a66cd4052c785f5eb4a326fd60a67341b9ff84327c7f
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css?v=9248826802260002681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6284ce60083c608b5b7c435a908f0dab08c6c74680cc4594b67d88a18f326d96

Request headers

Referer: https://cdn.shopify.com/
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
via: 1.1 varnish
age: 26207789
x-guploader-uploadid: ABg5-UxOkkmfzaFWUDE0hd_u_2QPt9jS4EkEk3rPPgWHZIE_Wx5fF61iSSm9cx5WmhkBu9YUM3do_FzKme6YKVmmVRI
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 23560
x-request-id: 008714dff9280e5c756830da3d4cca008423a71667672f5a90924313b1871c38
x-served-by: cache-yul12831-YUL
last-modified: Fri, 12 Mar 2021 19:42:27 GMT
server: UploadServer
x-timer: S1649357422.631292,VS0,VE0
etag: "093993eca89ebbdc471826811f7ccae0"
x-goog-hash: crc32c=+GD7BQ==, md5=CTmT7Kieu9xHGCaBH3zK4A==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:53:52 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 35253

GET
H2 200 session Show response
shop.app/pay/ 18 B
1 KB 158ms
95ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,us-east1
p3p: CP="Not used"
content-type: application/json; charset=utf-8
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 642eee2a-c220-4fca-a4e2-c588143a11da
x-runtime: 0.003982
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEDi8k9N9bEAbPsTbXdq7oThmDP6tweydD3Z%2F582QcDiwau%2BDUuwLtYQQhkrH4YoLDU%2FOGLIi9vQqFwrw8EnDU0pb2dOM6gs4OdZB%2Byw9CrCNyD3bWfA0uU1"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://hvacmoney.com
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6f84f2cdec805467-YYZ
x-sorting-hat-podid: -1
access-control-expose-headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e12e39ba64ffd82047d353b8c00a647717d78823b6681d23b7a9e069fa6c42b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icons.woff
cdn.shopify.com/s/files/1/1298/5165/t/10/assets/ 3 KB
4 KB 34ms
34ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/icons.woff?v=12824116054993862840

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css?v=9248826802260002681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12831-YUL /

Resource Hash

81da582a057949865be882c8178af731926e0741cba878a5c7f49ab08781e1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/theme.scss.css?v=9248826802260002681
Origin: https://hvacmoney.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.715,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 3156
x-xss-protection: 1; mode=block
x-request-id: f05d05f2c14205bc715ef4181abd64fa
x-served-by: cache-lga21981-LGA, cache-yul12831-YUL
server: cache-yul12831-YUL
x-timer: S1649357422.703775,VS0,VE1
date: Thu, 07 Apr 2022 18:50:21 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/icons.woff>; rel="canonical"
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e881d2b255ce09773d13b13427d5990b4eff960e7ef8b7f4fcc9e4f334829772

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d58fd319b63d6d79955e2942a91772cd946d06e454639b05f8576a4285c202db

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 56ms
18ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: FzBskHeqP4ugFwzupTIRKAr6DaDuvihYMP6l5P+//LplF4LS1I869p8c444Htxy351nTBJqmHvUptiGB+Xu3zg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Thu, 07 Apr 2022 18:50:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
17 KB 12ms
11ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

2b40e69b4b5c337e07359025eb264e9125b5228ed972eb8f0f95785a520af271

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.118,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17404
x-xss-protection: 1; mode=block
x-request-id: c765f7ecf3294e0b6ca6a92d370f94f5
x-served-by: cache-lga13628-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.754233,VS0,VE0
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 1, 1157129

POST
H3 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
822 B 96ms
58ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: b0813966-049b-4d01-9760-9156c6cbd4d0
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IR4HUJ0VCIExSyfNO8wNil4xZpq%2BL0CMHbAPBriy99kJSw9yArIHoKHc5n8mg6ekGR5ce0H6hKuvaQrl1%2FfBbmr3%2B3dKh%2FHfRd5Q%2BLBm4Y4ZcSuFph3wx0oWpOIwmaJrS0PwhoqAqoo2fQV%2F1Ko%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hvacmoney.com
access-control-allow-credentials: true
cf-ray: 6f84f2ce3fda549d-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H3 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
817 B 118ms
88ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 0bb913f0-b1e8-441d-914b-5cafb6d71679
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPY6mjgcJhMLy69SinMhOMjJ3tjQjcr4e1I8JaE5Sf%2BKua9D9bIIDZ1YWXVMHSEFgunk5oGD9Ypw7Tk19%2FR66rT6k0mhgLQn8f%2BYcF%2BcYD3lxWGdx7jK1MEzl12lEVe5mWLtaetgfXZ12bYK218%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hvacmoney.com
access-control-allow-credentials: true
cf-ray: 6f84f2ce4fde549d-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H3 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
856 B 84ms
55ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 3309ab58-41be-4422-804c-7502dda60ac6
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8scZaouUKIVbqSvGcwVoAjS2MbakSPPu2Ukqke7kcCwumM47SMlCvhk7zEITMd8k815RQL8dzjXDRye%2Fyx3eulZB%2Fa4BR91ARWv6rxOR7mexXAAiFcwRaqop4PSzh9fG%2BTNXtvWqYIMtzguupk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hvacmoney.com
access-control-allow-credentials: true
cf-ray: 6f84f2ce4fe1549d-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H3 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
817 B 113ms
91ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.61e828e6777cdb0a282d318c770e463a59ad464f.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 18:50:21 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 4f5e0f3e-fc77-4404-8b1b-9ed953b78e5a
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xR6QSzT0GueM3cqeT8UNtokUDGzylRR5Yi8sAGH0g5dRMz7rbqFrlWW%2BdGWklmOYLaZlPXvcXBaUZcJm499wtWCBX02V1Vhm1JkXU3g%2B6xIOU7bv5S2PtIiX%2FJg1762a1g7B7IQyRn7dn6wIBcs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hvacmoney.com
access-control-allow-credentials: true
cf-ray: 6f84f2ce4fe4549d-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 mockup-5954edc2_grande_a3b8976c-35e0-48eb-ab40-2e2f6ee31bb1_360x.jpg
cdn.shopify.com/s/files/1/1298/5165/collections/ 16 KB
17 KB 14ms
13ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/collections/mockup-5954edc2_grande_a3b8976c-35e0-48eb-ab40-2e2f6ee31bb1_360x.jpg?v=1581091535

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

adc1e3850c41d8bf86fe736b209aae711e44c570d41a9596cfb4172579761c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.888,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 16780
x-xss-protection: 1; mode=block
x-request-id: bd287df0ed9079fdd7b85c84d0f58851
x-served-by: cache-lga21979-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.787900,VS0,VE1
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/collections/mockup-5954edc2_grande_a3b8976c-35e0-48eb-ab40-2e2f6ee31bb1_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Female_Official_Badass_Rigs_logo_image_360x.png
cdn.shopify.com/s/files/1/1298/5165/collections/ 35 KB
35 KB 11ms
10ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/collections/Female_Official_Badass_Rigs_logo_image_360x.png?v=1581090899

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

f128161be01d98bf71c52298bcc6d65c2431703f0ecabe9d409c5d9d2ac5e507

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.277,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 35940
x-xss-protection: 1; mode=block
x-request-id: f52a261102eed03c04c2abde82e167a0
x-served-by: cache-lga21937-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.787941,VS0,VE0
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/collections/Female_Official_Badass_Rigs_logo_image_360x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H3 200 558132627673032 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 82ms
62ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/558132627673032?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15f3e603859ee3af4a1aa469e81f19549693d06d286a62d74bda5f620def3399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: qdOp4aQkE+EWGwOSvWPK1CVps0zRxjW9FRQUW8XIjHZ9W3j+6FaxSpTKrhzGa7Y7V/OO+d2C8DamycHs2uOARA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 07 Apr 2022 18:50:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 free-image-resizer-cropper_11_1080x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 41 KB
41 KB 12ms
11ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_1080x.png?v=1580924770

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

9b2322fa521ec7c728c3685c24b3fae36be00916df94a9eb5250bf274b36fe88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.293,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 41678
x-xss-protection: 1; mode=block
x-request-id: eeb3506e67c02c91321473bcd33b353c
x-served-by: cache-lga21936-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.941948,VS0,VE0
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_1080x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 1000x500_smoke_this_1080x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 43 KB
43 KB 21ms
21ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_smoke_this_1080x.png?v=1580874872

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

82678b456ccc885c256d570473e464eeaca1915fb4f03a914f8df3e094d1a958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=0.892,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.004,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.002,cdnOriginTTLB;dur=9.927
content-length: 43708
x-xss-protection: 1; mode=block
x-request-id: 434e2e24dab656ad6023cdf7d5ecf206
x-served-by: cache-lga21926-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.942021,VS0,VE10
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_smoke_this_1080x.png>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 1000x500_guy_and_girl_1080x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 51 KB
51 KB 13ms
13ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_guy_and_girl_1080x.png?v=1580874664

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

23c255670d83ac2035d8989e5dca029a7171d3ec9054840e6688f11b62e8edd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.443,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 51908
x-xss-protection: 1; mode=block
x-request-id: 76957682f0cc3d1e1449a8f0188c7bdc
x-served-by: cache-lga21977-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357422.942069,VS0,VE1
date: Thu, 07 Apr 2022 18:50:21 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_guy_and_girl_1080x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 60ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=558132627673032&ev=PageView&dl=https%3A%2F%2Fhvacmoney.com%2F&rl=&if=false&ts=1649357421957&sw=1600&sh=1200&v=2.9.57&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1649357421956.2055663972&it=1649357421807&coo=false&eid=055d03e7-F873-4292-963C-3E8C669A9DD1&exp=p1&rqm=GET

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 07 Apr 2022 18:50:22 GMT

GET
H2 200 powr.js Show response
www.powr.io/ 15 KB
6 KB 55ms
23ms Script
application/javascript 2606:4700:10::ac43:592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/powr.js?powr-token=smash-factor-golf.myshopify.com&external-type=shopify&shop=smash-factor-golf.myshopify.com

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

460e8f83b61fcb0247965fda811fcb7da204fbba5ab357b6f74edbf1c09fa5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray: 6f84f2cfe89a713e-YUL
date: Thu, 07 Apr 2022 18:50:22 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Thu, 07 Apr 2022 11:14:12 GMT
server: cloudflare
age: 26703
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
expires: Fri, 07 Apr 2023 11:19:56 GMT
cache-control: max-age=604800, public
content-encoding: br
cf-bgj: minify

GET
H2 200 loader.js Show response
productreviews.shopifycdn.com/embed/ 719 B
1 KB 16ms
10ms Script
text/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://productreviews.shopifycdn.com/embed/loader.js?shop=smash-factor-golf.myshopify.com

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

871a9da6b1121c4536bfc36e43e5b4aa72d7a80234ac525f7aef04a38f420139

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,gke
age: 297
x-cache: HIT, HIT
p3p: CP="Shopify does not support P3P."
server-timing: processing;dur=16, socket_queue;dur=2.081, edge;dur=1.105, util;dur=0.2
content-length: 412
x-xss-protection: 1; mode=block
x-request-id: 4afa5f7a2046ab6eb4041acd1ebc39c91abd50c975a35007eaa186b2a34a9123
x-served-by: cache-iad-kiad7000042-IAD, cache-yul12822-YUL
x-runtime: 0.012799
referrer-policy: origin-when-cross-origin
x-timer: S1649357422.032994,VS0,VE0
date: Thu, 07 Apr 2022 18:50:22 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300, public
etag: W/"871a9da6b1121c4536bfc36e43e5b4aa"
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex,nofollow
x-cache-hits: 1, 152

GET
H/1.1 200
OK teelaunch-scripts.js Show response
883d95281f02d796f8b6-7f0f44eb0f2ceeb9d4fffbe1419aae61.ssl.cf1.rackcdn.com/ 30 KB
10 KB 158ms
54ms Script
application/x-javascript 69.192.108.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://883d95281f02d796f8b6-7f0f44eb0f2ceeb9d4fffbe1419aae61.ssl.cf1.rackcdn.com/teelaunch-scripts.js?shop=smash-factor-golf.myshopify.com&shop=smash-factor-golf.myshopify.com
Requested by: Host: hvacmoney.com
URL: https://hvacmoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.108.235 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-108-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa8d739a6e9eea13ba094223d78cb31bb174b0843cb07cb2e969e8e2a129908e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 18:50:22 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 12 Dec 2019 18:18:40 GMT
X-Trans-Id: txdf56ffe545d648ab88486-00624daa44dfw1
ETag: 6112d6fc0fd168ffb5102885c813bc9b
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Timestamp: 1576174719.18387
Cache-Control: public, max-age=158716
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9515
Expires: Sat, 09 Apr 2022 14:55:38 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO/ 444 KB
114 KB 360ms
106ms Script
text/javascript 2600:141b:5000:682::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO/widget.js?shop=smash-factor-golf.myshopify.com

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000:682::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4530e8d967b38750c257d0619af4834bf608a2204ad9524dcb47945aafedb762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=40, origin; dur=44
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: f7294684a2193c398e235a8bc03af7e1
x-runtime: 0.030797
x-frame-options: SAMEORIGIN
etag: W/"97397c832e678440f6db1b0593704c99"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H/1.1 200
OK bundle.js Show response
upsell.kad.systems/script/ 339 KB
116 KB 164ms
49ms Script
application/javascript 104.131.127.224
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://upsell.kad.systems/script/bundle.js?app=shopify-upsell&shop=smash-factor-golf.myshopify.com
Requested by: Host: hvacmoney.com
URL: https://hvacmoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.131.127.224 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 58d1a243107022ddf44a96cc4847985f1ca6621daaf95e62b2ac2fad6ed6bd41

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 18:50:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Feb 2022 11:24:27 GMT
Server: nginx
ETag: W/"54a41-5d9124a9af1ef"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=60

GET
H2 200 shopify-product-customizer.js Show response
static.cdn.printful.com/static/js/external/ 16 KB
6 KB 84ms
18ms Script
application/javascript 52.85.61.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cdn.printful.com/static/js/external/shopify-product-customizer.js?v=0.25&shop=smash-factor-golf.myshopify.com

Requested by

Host: hvacmoney.com
URL: https://hvacmoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-81.ewr53.r.cloudfront.net

Software

cloudflare /

Resource Hash

50f7058a8b84dcbd6a45f9eca618fb7f729345f454250afa9179ad2e9f401ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 08:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 3148031
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 02 Mar 2022 07:59:50 GMT
server: cloudflare
etag: W/"621f23f6-3f87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR53-P1
cf-ray: 6e58ba989cfd82b6-IAD
x-amz-cf-id: mIg29gaq6lty0_Udeo2Nzkq4lE_D5qVLhXg5H_dRW2mm239DTqb7_Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushowl-shopify.js Show response
cdn.pushowl.com/latest/sdks/ 147 KB
35 KB 172ms
43ms Script
application/javascript 2600:9000:21b8:5000:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=smash-factor-golf&environment=production&guid=5355cd92-5db1-49da-b2c8-6737cc1f912e&shop=smash-factor-golf.myshopify.com
Requested by: Host: hvacmoney.com
URL: https://hvacmoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:5000:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 30fafdf4909676b8b42bc097908c7f6b3ba26daf9d1f725b5f29bee47ac9f6df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 09:05:28 GMT
content-encoding: br
age: 1331094
etag: W/"24afe-1zuFIpdPUcwmSIHGtoL/6YIv4Ko"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: ImageKit.io
x-amz-cf-pop: ORD52-C1
timing-allow-origin: *
x-amz-cf-id: JNPLPC3eZODM7xPhzPZ5QnAQDOaOhOYVHKnMzFeLyNsFUcxWrvW0fg==
via: 1.1 9f7f2f577670c83ff7f5bb7e8d89ae32.cloudfront.net (CloudFront)
x-request-id: 874668bd-7b08-4a00-a802-a87116b7eee1

GET
H2 200 spr-9103b734879a0dc295605773faadddcea7d659fbbb358d5d5d48b4485b5f43d9.js Show response
productreviews.shopifycdn.com/assets/v4/ 8 KB
3 KB 16ms
15ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://productreviews.shopifycdn.com/assets/v4/spr-9103b734879a0dc295605773faadddcea7d659fbbb358d5d5d48b4485b5f43d9.js

Requested by

Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/embed/loader.js?shop=smash-factor-golf.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9103b734879a0dc295605773faadddcea7d659fbbb358d5d5d48b4485b5f43d9

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1
age: 89602
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
server-timing: processing;dur=1, socket_queue;dur=2.079, util;dur=0.4
content-length: 2783
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000098-IAD, cache-yul12822-YUL
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Apr 2022 17:39:14 GMT
x-timer: S1649357422.052211,VS0,VE0
date: Thu, 07 Apr 2022 18:50:22 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 1, 21652

GET
H2 200 spr-07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd.css
productreviews.shopifycdn.com/assets/v4/ 17 KB
8 KB 16ms
16ms Stylesheet
text/css 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://productreviews.shopifycdn.com/assets/v4/spr-07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd.css

Requested by

Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/embed/loader.js?shop=smash-factor-golf.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1
age: 2085953
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
server-timing: processing;dur=1, socket_queue;dur=4.264, util;dur=0.3
content-length: 8244
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100050-IAD, cache-yul12822-YUL
referrer-policy: origin-when-cross-origin
last-modified: Mon, 28 Feb 2022 16:33:49 GMT
x-timer: S1649357422.052270,VS0,VE0
date: Thu, 07 Apr 2022 18:50:22 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 1, 170330

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/assets/v4/spr-9103b734879a0dc295605773faadddcea7d659fbbb358d5d5d48b4485b5f43d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Apr 2023 01:22:28 GMT

OPTIONS
H2 200 /
cdn.pushowl.com/config/api/v1/smash-factor-golf/subscriber/config/widget/ 0
0 89ms
29ms Preflight 2600:9000:21b8:5000:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/smash-factor-golf/subscriber/config/widget/?guid=5355cd92-5db1-49da-b2c8-6737cc1f912e&platform=shopify
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:5000:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hvacmoney.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
age: 315070
cache-control: public, s-maxage=15552000, max-age=15552000
content-length: 0
date: Mon, 04 Apr 2022 03:19:12 GMT
via: 1.1 6882b7f73f99f4252e38ffcae3fa0c4a.cloudfront.net (CloudFront)
x-amz-cf-id: rLDA4KqVfOsofySQopq01bYoxhQadAN9xyTQutNuzeitywhpsmlqgA==
x-amz-cf-pop: ORD52-C1
x-cache: Hit from cloudfront
x-request-id: 56dc38df-3e2f-4652-b369-d5ab1c7cbae8

GET
H2 200 / Show response
cdn.pushowl.com/config/api/v1/smash-factor-golf/subscriber/config/widget/ 2 KB
2 KB 29ms
29ms XHR
application/json 2600:9000:21b8:5000:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/smash-factor-golf/subscriber/config/widget/?guid=5355cd92-5db1-49da-b2c8-6737cc1f912e&platform=shopify
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:5000:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b970d90b2ab1afd726568fb6c82551636944b9a23aa6b308f67e568256eaece3

Request headers

Accept: application/json
Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Apr 2022 03:19:13 GMT
via: 1.1 6882b7f73f99f4252e38ffcae3fa0c4a.cloudfront.net (CloudFront)
age: 315069
etag: W/"841-N/dgH8vRV46oO+DiRoNCyqy+Chc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: ORD52-C1
timing-allow-origin: *
content-length: 2113
x-amz-cf-id: HeWRJ8T2eqzkbq9YDY0aG55Ic8KVoW8i91glK7ZG-ANiHkVCfo3MEA==
x-request-id: f43b5c99-d37d-4fcf-b3cc-e007d290449f

GET
H3 200 settings Show response
hvacmoney.com/a/shopify-upsell-api/v1/ 1002 B
1 KB 359ms
318ms XHR
application/json 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hvacmoney.com/a/shopify-upsell-api/v1/settings

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare / PHP/7.3.16

Resource Hash

dfa46be8ad3dd4491365f100bbc52fc9ada00dd7be98abc91dc4efb5fb9153eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1
x-powered-by: PHP/7.3.16
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 12985165
x-storefront-renderer-rendered: 1
x-request-id: 9e2af9b2-38f3-412c-b06a-0cdc3caf575c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
cf-ray: 6f84f2d19c62a1fc-YYZ
x-sorting-hat-podid: 56

GET
H2 200 widget.css
staticw2.yotpo.com/5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO/ 483 KB
44 KB 276ms
276ms Stylesheet
text/css 2600:141b:5000:682::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO/widget.css?widget_version=2022-04-04_12-15-21

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO/widget.js?shop=smash-factor-golf.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:5000:682::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d36953ab018c7a68e5ff95cdafd47965e14af9534aadc65c2d5d1df196352e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=38, origin; dur=215
vary: Accept-Encoding
content-length: 44842
x-xss-protection: 1; mode=block
x-request-id: cc1acb3579fec207b8de6633629c7b7e
x-runtime: 0.201524
x-frame-options: SAMEORIGIN
etag: W/"87d1196330fcf65c26317e831b5ec93a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10749
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 i
p.yotpo.com/ 35 B
279 B 60ms
12ms Image
image/gif 3.97.44.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=BADASS%20RIGS%C2%AE%20CLOTHING%20Co.%20%E2%80%93%20BADASS%20RIGS%E2%84%A2%20Clothing%20Co.&se_va=5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO&cx=eyJwdl91dWlkIjo4MzA3ODI0NjZ9&dtm=1649357422473&tid=481952&vp=1600x1200&ds=1600x5987&vid=1&duid=a2874bbd7ad88f0a&p=web&tv=js-0.13.2&fp=2521163034&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fhvacmoney.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.44.171 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-44-171.ca-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:22 GMT
cache-control: max-age=86400, private
server: nginx
content-type: image/gif
content-length: 35
expires: Fri, 08 Apr 2022 18:50:22 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 48ms
23ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=558132627673032&ev=Microdata&dl=https%3A%2F%2Fhvacmoney.com%2F&rl=&if=false&ts=1649357422487&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20BADASS%20RIGS%C2%AE%20CLOTHING%20Co.%20%E2%80%93%20BADASS%20RIGS%E2%84%A2%20Clothing%20Co.%5Cn%20%20%22%2C%22meta%3Adescription%22%3A%22BADASS%20RIGS%C2%AE%20Clothing%20Co.%20Mainly%20shirts%2C%20hats%2C%20tank%20tops%20and%20hoodies.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22BADASS%20RIGS%E2%84%A2%20Clothing%20Co.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fhvacmoney.com%2F%22%2C%22og%3Atitle%22%3A%22BADASS%20RIGS%C2%AE%20CLOTHING%20Co.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22BADASS%20RIGS%C2%AE%20Clothing%20Co.%20Mainly%20shirts%2C%20hats%2C%20tank%20tops%20and%20hoodies.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1298%2F5165%2Ffiles%2FBadass-Rigs-Full-Color-Logo_d827b1cb-32af-468d-a121-69396bd00a89_1200x1200.png%3Fv%3D1580660321%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1298%2F5165%2Ffiles%2FBadass-Rigs-Full-Color-Logo_d827b1cb-32af-468d-a121-69396bd00a89_1200x1200.png%3Fv%3D1580660321%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A238%2C%22w%22%3A500%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2F%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1649357421956.2055663972&it=1649357421807&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 18:50:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 07 Apr 2022 18:50:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 85ms
34ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/5Z79EEtEwgYlTqJSoyEbnEyAjf8Wu6wZ3DjiU7ZO/widget.css?widget_version=2022-04-04_12-15-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 16:52:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 18:50:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 18:50:22 GMT

GET
H2 200 mockup-78c454f1_360x.jpg
cdn.shopify.com/s/files/1/1298/5165/products/ 12 KB
12 KB 23ms
22ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-78c454f1_360x.jpg?v=1581692952

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

811c302fac7af279b1eef39a65108b7b7b96237141df69bc85355826849ab3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=0.349,cdnPop;desc=LGA,cdnCache;desc=HIT, cdn;dur=11.335,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=10.484,cdnOriginTTLB;dur=11.259
content-length: 11954
x-xss-protection: 1; mode=block
x-request-id: c3f40343e67b35b21949cbf85e88079c
x-served-by: cache-lga21928-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.032879,VS0,VE11
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-78c454f1_360x.jpg>; rel="canonical"
x-cache-hits: 3, 0

GET
H2 200 mockup-8093938a_360x.jpg
cdn.shopify.com/s/files/1/1298/5165/products/ 8 KB
9 KB 23ms
23ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-8093938a_360x.jpg?v=1581885459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

d3159b321bdad97778484815edd06779e22b319c3e512a8e3ef27d7d8c9b5241

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=0.930,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=11.798,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=11.155,cdnOriginTTLB;dur=11.678
content-length: 8128
x-xss-protection: 1; mode=block
x-request-id: d9e6a0763f1581ea1ce23c3243a8127f
x-served-by: cache-lga21952-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.032940,VS0,VE12
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-8093938a_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 mockup-29873857_360x.jpg
cdn.shopify.com/s/files/1/1298/5165/products/ 10 KB
10 KB 22ms
21ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-29873857_360x.jpg?v=1581692435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

b8fa38c59f1dc72dca69abe64ce3a6b79ce37bb1b68e35d2c42bc5602ffac025

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=0.993,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.190,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.400,cdnOriginTTLB;dur=10.083
content-length: 9962
x-xss-protection: 1; mode=block
x-request-id: e4737aaac9cb8891d55bbf634da6ceaa
x-served-by: cache-lga21957-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.033071,VS0,VE10
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-29873857_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 mockup-ee4a0c6a_360x.jpg
cdn.shopify.com/s/files/1/1298/5165/products/ 10 KB
10 KB 21ms
20ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-ee4a0c6a_360x.jpg?v=1581691968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

9cffbe09ea9be87e14d963da0192a7c0c73b7f3026a8d238efedf57264dbb040

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=1.004,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=9.529,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=8.893,cdnOriginTTLB;dur=9.452
content-length: 9776
x-xss-protection: 1; mode=block
x-request-id: eacdc2cffed6d754e124742ab4a145e7
x-served-by: cache-lga21965-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.033131,VS0,VE10
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/products/mockup-ee4a0c6a_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET 1000x500_free-image-resizer-cropper_9_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 0
0

GET
H2 200 1000x500_free-image-resizer-cropper_9_1080x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 68 KB
68 KB 12ms
11ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_free-image-resizer-cropper_9_1080x.png?v=1580918301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

ca0c69158dfc4f3ec96694c4fb39c85f1f6d61c62bebba345eb8fa32fc4329ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.143,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 69440
x-xss-protection: 1; mode=block
x-request-id: 2be3050e729f48d46c6b359c1b4f3dc3
x-served-by: cache-lga21922-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.170976,VS0,VE1
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_free-image-resizer-cropper_9_1080x.png>; rel="canonical"
x-cache-hits: 1, 1

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
821 B 85ms
84ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hvacmoney.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Apr 2022 18:50:23 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 9af07919-d31e-47dd-830a-99578edae2c4
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Skuo1%2BZCmcfFowpO1o7lZTx378LpvzSENCwYD0NOELI4LnG6Cf8inyWRiD7drjWmQNMGxe3rxFjvDWO1y6bAqiJkuf8kYzXg0FJTXXJjgUr5eOE71mfuM%2FrVd%2F%2FXBkEtaWRyCgRJZph0aEgX9s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hvacmoney.com
access-control-allow-credentials: true
cf-ray: 6f84f2d79a25549d-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET free-image-resizer-cropper_15_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 0
0

GET
H2 200 free-image-resizer-cropper_15_1080x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 45 KB
45 KB 12ms
12ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_15_1080x.png?v=1582338034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

ffaadb181e9e4cf8657e0cd6255cb8e2132219e8b56456f0c2966509df8019db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.918,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 46068
x-xss-protection: 1; mode=block
x-request-id: d533004c74be5d99a5805059288ead9a
x-served-by: cache-lga21945-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.304121,VS0,VE1
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_15_1080x.png>; rel="canonical"
x-cache-hits: 1, 1

GET free-image-resizer-cropper_11_300x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 0
0

GET
H2 200 free-image-resizer-cropper_11_1080x.png
cdn.shopify.com/s/files/1/1298/5165/files/ 41 KB
41 KB 11ms
10ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_1080x.png?v=1580924770

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/t/10/assets/lazysizes.min.js?v=814795323333422134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12822-YUL /

Resource Hash

9b2322fa521ec7c728c3685c24b3fae36be00916df94a9eb5250bf274b36fe88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hvacmoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.198,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 41678
x-xss-protection: 1; mode=block
x-request-id: eeb3506e67c02c91321473bcd33b353c
x-served-by: cache-lga21936-LGA, cache-yul12822-YUL
server: cache-yul12822-YUL
x-timer: S1649357423.415069,VS0,VE0
date: Thu, 07 Apr 2022 18:50:23 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_1080x.png>; rel="canonical"
x-cache-hits: 1, 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/files/1000x500_free-image-resizer-cropper_9_300x.png?v=1580918301

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_15_300x.png?v=1582338034

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1298/5165/files/free-image-resizer-cropper_11_300x.png?v=1580924770

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hvacmoney.com/	1970-01-20 10:54:53	Name: secure_customer_sig Value:
hvacmoney.com/	1970-01-20 02:29:27	Name: localization Value: US
hvacmoney.com/	1970-01-20 02:29:27	Name: cart_currency Value: USD
.hvacmoney.com/	1970-01-20 02:29:27	Name: _orig_referrer Value:
.hvacmoney.com/	1970-01-20 02:29:27	Name: _landing_page Value: %2F
.hvacmoney.com/	1970-01-20 10:54:53	Name: _y Value: 87311ae5-d097-4321-82de-703d6e22aef5
.hvacmoney.com/	1970-01-20 02:09:19	Name: _s Value: 8db20fc5-6fb4-418d-8fd8-42bf6e7fe00e
.hvacmoney.com/	1970-01-20 10:54:53	Name: _shopify_y Value: 87311ae5-d097-4321-82de-703d6e22aef5
.hvacmoney.com/	1970-01-20 02:09:19	Name: _shopify_s Value: 8db20fc5-6fb4-418d-8fd8-42bf6e7fe00e
.hvacmoney.com/	1970-01-20 19:40:29	Name: _ga Value: GA1.2.2003686570.1649357422
.hvacmoney.com/	1970-01-20 02:10:43	Name: _gid Value: GA1.2.404323338.1649357422
.hvacmoney.com/	1970-01-20 02:09:17	Name: _gat Value: 1
.hvacmoney.com/	1970-01-20 02:09:19	Name: _shopify_sa_t Value: 2022-04-07T18%3A50%3A21.752Z
.hvacmoney.com/	1970-01-20 02:09:19	Name: _shopify_sa_p Value:
hvacmoney.com/	1970-01-20 02:09:21	Name: shopify_pay_redirect Value: pending
.hvacmoney.com/	1970-01-20 04:18:53	Name: _fbp Value: fb.1.1649357421956.2055663972
.facebook.com/	1970-01-20 04:18:53	Name: fr Value: 0SyRKw5Jj9Y9sUZjj..BiTzJu...1.0.BiTzJu.
hvacmoney.com/	1970-01-20 10:54:53	Name: po_visitor Value: cVJ4I8m_P_nl
hvacmoney.com/	1970-01-20 19:40:29	Name: _sp_id.7c5c Value: a2874bbd7ad88f0a.1649357422.1.1649357422.1649357422
hvacmoney.com/	1970-01-20 02:09:19	Name: _sp_ses.7c5c Value: *
.yotpo.com/	1970-01-20 10:54:53	Name: pixel Value: f1b5a442-e6e5-4f5b-4dca-85b0e1800b27

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

883d95281f02d796f8b6-7f0f44eb0f2ceeb9d4fffbe1419aae61.ssl.cf1.rackcdn.com
ajax.googleapis.com
cdn.pushowl.com
cdn.shopify.com
connect.facebook.net
fonts.googleapis.com
fonts.shopifycdn.com
hvacmoney.com
monorail-edge.shopifysvc.com
p.yotpo.com
productreviews.shopifycdn.com
shop.app
static.cdn.printful.com
staticw2.yotpo.com
upsell.kad.systems
www.facebook.com
www.google-analytics.com
www.powr.io
cdn.shopify.com
104.131.127.224
104.16.254.71
23.227.38.32
23.227.38.33
2600:141b:5000:682::1d72
2600:9000:21b8:5000:7:6365:89c0:93a1
2606:4700:10::ac43:592
2607:f8b0:4006:809::200a
2607:f8b0:4006:817::200a
2607:f8b0:4006:824::200e
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::268
3.97.44.171
52.85.61.81
69.192.108.235
07102fd76ff4bc22a3e0c32f0cca9ee51c77c34bbc4bdac79abb48f698de10dd
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15f3e603859ee3af4a1aa469e81f19549693d06d286a62d74bda5f620def3399
23a8a9e25c65b6e928d6ee291f4392d536676693b6318f1981d23623b0f3b640
23c255670d83ac2035d8989e5dca029a7171d3ec9054840e6688f11b62e8edd7
26348dc25b03e4ed1a08a9b31ce7c8078bfd22403bad59df1334001255d03f61
2b40e69b4b5c337e07359025eb264e9125b5228ed972eb8f0f95785a520af271
30aed8d9dec3892acdcd7b0f5042b6071b6d849386938f5f3244dbacf330d634
30fafdf4909676b8b42bc097908c7f6b3ba26daf9d1f725b5f29bee47ac9f6df
32bdd920f4c76736a77c4e2493b7a8a1586adf891f6b22aef65a9f550b3c9100
4530e8d967b38750c257d0619af4834bf608a2204ad9524dcb47945aafedb762
460e8f83b61fcb0247965fda811fcb7da204fbba5ab357b6f74edbf1c09fa5cc
4cf3f54a68e9a00da43ed9ad4a370ec4312be90656aa4622527d66593e3bef6b
4e12e39ba64ffd82047d353b8c00a647717d78823b6681d23b7a9e069fa6c42b
50f7058a8b84dcbd6a45f9eca618fb7f729345f454250afa9179ad2e9f401ab6
58d1a243107022ddf44a96cc4847985f1ca6621daaf95e62b2ac2fad6ed6bd41
6284ce60083c608b5b7c435a908f0dab08c6c74680cc4594b67d88a18f326d96
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
7594b5b004d92a957618cf442dab030acf7c392de49cbac3e969f06c0498a376
7690f781699a7ad8925cfb9e7ab68e0dcfd34edde68323ddfc2c43628e4d3c5d
802efa4047f66f99ba48b916ef455cf54abbeeae8bfc50a7d20f017669c9c513
811c302fac7af279b1eef39a65108b7b7b96237141df69bc85355826849ab3da
81da582a057949865be882c8178af731926e0741cba878a5c7f49ab08781e1ab
82678b456ccc885c256d570473e464eeaca1915fb4f03a914f8df3e094d1a958
871a9da6b1121c4536bfc36e43e5b4aa72d7a80234ac525f7aef04a38f420139
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
88f6ead008458908c0a92cb0c334307a4fa104a7fe497258294b5af31c7efd1a
8efd97e96728f91aa74d4a6e8acbe8011adda17d2c0b6ccd8600a1bdd2453392
9103b734879a0dc295605773faadddcea7d659fbbb358d5d5d48b4485b5f43d9
929be9a58241ba2bee9df7eab9279a580e83c2635633ce8476a2adca70bd2b51
94b51c7195d20b2640e8b7af90106619c36da776e56e66a6d2700888361b7d35
9b2322fa521ec7c728c3685c24b3fae36be00916df94a9eb5250bf274b36fe88
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9cffbe09ea9be87e14d963da0192a7c0c73b7f3026a8d238efedf57264dbb040
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
adc1e3850c41d8bf86fe736b209aae711e44c570d41a9596cfb4172579761c9f
b59d5f1c395f6c6931df5d01e7de4086834c7098cdfd6d043fb5199b5dae2236
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b8fa38c59f1dc72dca69abe64ce3a6b79ce37bb1b68e35d2c42bc5602ffac025
b970d90b2ab1afd726568fb6c82551636944b9a23aa6b308f67e568256eaece3
c082864a63f283c23cb43e6604a752b59cd93ed6e775b5c18b1b5171e9d3ef17
ca0c69158dfc4f3ec96694c4fb39c85f1f6d61c62bebba345eb8fa32fc4329ae
ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2
d3159b321bdad97778484815edd06779e22b319c3e512a8e3ef27d7d8c9b5241
d36953ab018c7a68e5ff95cdafd47965e14af9534aadc65c2d5d1df196352e35
d454d3618b54360b6cec297ab95bfc20ad087c84d7dc6301c78f857d8acc40cd
d58fd319b63d6d79955e2942a91772cd946d06e454639b05f8576a4285c202db
dfa46be8ad3dd4491365f100bbc52fc9ada00dd7be98abc91dc4efb5fb9153eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e881d2b255ce09773d13b13427d5990b4eff960e7ef8b7f4fcc9e4f334829772
f128161be01d98bf71c52298bcc6d65c2431703f0ecabe9d409c5d9d2ac5e507
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
fa8d739a6e9eea13ba094223d78cb31bb174b0843cb07cb2e969e8e2a129908e
ffaadb181e9e4cf8657e0cd6255cb8e2132219e8b56456f0c2966509df8019db

hvacmoney.com Open in urlscan Pro 23.227.38.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

95 %HTTPS

56 %IPv6

15 Domains

18 Subdomains

17 IPs

3 Countries

1283 kBTransfer

3407 kBSize

21 Cookies

0 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hvacmoney.com Open in urlscan Pro
23.227.38.32 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

95 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

17
IPs

3
Countries

1283 kB
Transfer

3407 kB
Size

21
Cookies

66 HTTP transactions
3 data transactions