urlscan.io logo urlscan.io
SecurityTrails logo

www.midwestsaskatoon.com Open in urlscan Pro
103.160.204.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 41 HTTP transactions. The main IP is 103.160.204.43, located in Hong Kong and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.midwestsaskatoon.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 11th 2022. Valid for: a year.
This is the only time www.midwestsaskatoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 103.160.204.43 209242 (CLOUDFLAR...)
21 103.160.204.4 209242 (CLOUDFLAR...)
1 192.229.221.25 15133 (EDGECAST)
2 103.160.204.252 209242 (CLOUDFLAR...)
1 172.66.40.15 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 47.246.48.251 24429 (TAOBAO Zh...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 151.101.1.21 54113 (FASTLY)
1 103.160.204.246 209242 (CLOUDFLAR...)
1 151.101.65.35 54113 (FASTLY)
41 12
7    103.160.204.43 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.midwestsaskatoon.com
21    103.160.204.4 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
static-theme.cdncloud.top
apps-apisix.myshops.vip
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    103.160.204.252 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
img.cdncloud.top
1    172.66.40.15 (United States)

ASN13335 (CLOUDFLARENET, US)
www.17track.net
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    47.246.48.251 (Amsterdam, Netherlands)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    103.160.204.246 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.itaboola.com
1    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
16 cdncloud.top
static-theme.cdncloud.top — Cisco Umbrella Rank: 129555
img.cdncloud.top — Cisco Umbrella Rank: 145472
620 KB
7 myshops.vip
apps-apisix.myshops.vip
373 KB
7 midwestsaskatoon.com
www.midwestsaskatoon.com
10 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2431
t.paypal.com — Cisco Umbrella Rank: 3215
6 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 131
113 KB
1 itaboola.com
www.itaboola.com — Cisco Umbrella Rank: 219881
451 B
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 10024
43 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1052
5 KB
1 17track.net
www.17track.net — Cisco Umbrella Rank: 74794
13 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1951
189 KB
41 11
Domain Requested by
14 static-theme.cdncloud.top www.midwestsaskatoon.com
static-theme.cdncloud.top
7 apps-apisix.myshops.vip www.midwestsaskatoon.com
static-theme.cdncloud.top
apps-apisix.myshops.vip
7 www.midwestsaskatoon.com www.midwestsaskatoon.com
static-theme.cdncloud.top
static.cloudflareinsights.com
apps-apisix.myshops.vip
2 www.facebook.com www.midwestsaskatoon.com
2 connect.facebook.net www.midwestsaskatoon.com
connect.facebook.net
2 img.cdncloud.top www.midwestsaskatoon.com
1 t.paypal.com www.midwestsaskatoon.com
1 www.itaboola.com static-theme.cdncloud.top
1 www.paypal.com www.paypalobjects.com
1 at.alicdn.com static-theme.cdncloud.top
1 static.cloudflareinsights.com www.midwestsaskatoon.com
1 www.17track.net www.midwestsaskatoon.com
1 www.paypalobjects.com www.midwestsaskatoon.com
41 13

This site contains links to these domains. Also see Links.

Domain
letracking.net
Subject Issuer Validity Valid
www.midwestsaskatoon.com
Cloudflare Inc ECC CA-3		 2022-03-11 -
2023-03-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-30 -
2022-06-29		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-25 -
2023-04-25		 a year crt.sh
*.17track.net
GeoTrust RSA CA 2018		 2022-03-11 -
2023-04-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-06 -
2022-05-07		 3 months crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-03 -
2022-08-04		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-04 -
2022-11-23		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Frame ID: D22685AE17800B609CE5F7608B455818
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thank you for your purchase! - midwestsaskatoon

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

25 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1373 kB
Transfer

4943 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sI3aq2MNq7vj2rJSCgvMvA
www.midwestsaskatoon.com/orders/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0352584f6f0c9c93b2fc8d88400b75df48a88caad226fd171333ba09a1213d2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
703afd47eae19b40-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Apr 2022 21:04:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
styles.min.css
static-theme.cdncloud.top/liquid/buyer/public/css/ 		311 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20220422163153
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cbce62ee7731460704ef7a0cb5fed8fb8bb609522a6b132137498da7e2cdcaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
649937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EQVQPR4325HVMXW6
x-amz-id-2
GrXD/EmU9eoadD9gySh+sOEX8hjoj18VRIemSjxPtEL/JOzQJwq0eXoFMbNwjfPbsF7k9S+/piA=
last-modified
Fri, 22 Apr 2022 08:23:46 GMT
server
cloudflare
etag
W/"0e356286fdf5d63a61133c2ccf826546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
Hon5O6.cWpszAK49kx5pb32zfirnpeWE
cf-ray
703afd4d390d9273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
sail001.comm.min.css
static-theme.cdncloud.top/liquid/buyer/public/css/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd5bd3eea0170b3fd5874a4a576b93a1887af50c1e0b6b88d564202ea68ec91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
649839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
W6Y03SZHDD5CXG8Q
x-amz-id-2
/wZxX/Q51nN3aOMkpAxrIcGkkCDkNhsct40WMkX79iReU37YTCjcDAO3Vlr9rFAV8a/Q4Pn2PDQ=
last-modified
Fri, 22 Apr 2022 08:23:45 GMT
server
cloudflare
etag
W/"f8b74f53fa5a11eb90fce4ac263cd495"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
kUEv0Y9_FAQWs2Ub6SurQqE4sn38ft53
cf-ray
703afd4d390e9273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
init.js
static-theme.cdncloud.top/liquid/buyer/public/js/ 		1 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/init.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
386493
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E70CWJC79D439906
x-amz-id-2
j5Bc3/vwGoqV3/e7qtRz3537BGqeRlxhp5aE3m2MJlXuCfUgKqod3Mpj0iTXc6KrAVPLFIzGPvo=
last-modified
Mon, 27 Dec 2021 07:31:02 GMT
server
cloudflare
etag
W/"4bee4977c2da6cd1e2a55df8b38d45b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
do_jqp_rQUFzIgHBfD7xGfv9MW06MiVN
cf-ray
703afd4d390f9273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
jquery.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
386492
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E70AJAR0DW118T41
x-amz-id-2
jC8Ri1bw/646Hi+1BVfxYLuaYOJ1Noe39M966ll+pKKyu3wH5hVQbw0HhTFqj3fqs9Kg+SGHhX4=
last-modified
Mon, 27 Dec 2021 07:31:03 GMT
server
cloudflare
etag
W/"46442f55456bd45abc5b9a3152d2416d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
h3uUFuwebjadhY.1hdQdhVmwsw3NYtts
cf-ray
703afd4d39109273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
checkout.min.js
www.paypalobjects.com/api/ 		862 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD6) /
Resource Hash
950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
ce3bb0cd64b8d
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
content-length
192776
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
server
ECAcc (frc/8FD6)
etag
"6266d4b0-d7987"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 30 Apr 2022 21:04:20 GMT
Swiper.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		121 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/Swiper.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
386477
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JQ80PKWCK7HK17K4
x-amz-id-2
HdkvfWmTGNzMHxdQPg5MiqUaXg99o7cwvagQUm+ftq9D1ZPbUM7bhtuvMDjY4MQDvTTdcwVjk64=
last-modified
Mon, 27 Dec 2021 07:31:02 GMT
server
cloudflare
etag
W/"e04c2dbd165eb77452595484642f2b86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
tkrxP5I9ewD.KVpCUQRml0VoNXPAmj9_
cf-ray
703afd4d39139273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
fingerprint2.min.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/fingerprint2.min.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
386485
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JQ8FTNHWP0BXR363
x-amz-id-2
AJi9wuL8fLJVpzlib8Jky+II80N4ekNKqHrM/FYf7bG7JIEQcOJUOltiUXGX3oTMvq5cips0bHE=
last-modified
Mon, 27 Dec 2021 07:31:02 GMT
server
cloudflare
etag
W/"707f902ed38efb1d56de9a5b5004dae6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
QSDJR1zArdu.IYaPHEuesT6d7S0pXo4z
cf-ray
703afd4d39119273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
vendor.min.js
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/vendor.min.js?t=20220422163153
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e0023958e972db76916e91cc0189887411c5fd047d10a067ae206484e4c25c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
649937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EQVQM8KV4BJG2BRG
x-amz-id-2
ofPt4IB9Qd4rjJyPDBTaWe1pQxaUP3TrKQGwteySSHK1ozEZ9pVwrqZnsmnTy+1zzmQ+aMRiDlM=
last-modified
Fri, 22 Apr 2022 08:23:58 GMT
server
cloudflare
etag
W/"82807848ac9c3a5494287e9a59afb255"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
po15M3ooKTPgyiCQg1vFAuL6bnD2rhLs
cf-ray
703afd4d39129273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
d2b7bc66939088944148d20f0a0c10c5.png
img.cdncloud.top/uploader/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/d2b7bc66939088944148d20f0a0c10c5.png
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.252 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8985d080a1ce9aacb9cd770a3da914142baa35dea91fff597bbd0176357408aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
content-md5
77MOjw0Hb1S30yLZWNXM5A==
age
23
cf-polished
origFmt=png, origSize=47376
x-oss-request-id
626C52BD87085D3335050874
last-modified
Thu, 14 Apr 2022 08:24:58 GMT
content-disposition
inline; filename="d2b7bc66939088944148d20f0a0c10c5.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16416
x-oss-object-type
Normal
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"EFB30E8F0D076F54B7D322D958D5CCE4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
703afd4dda6e5b98-FRA
x-oss-hash-crc64ecma
12592903789439489176
x-oss-server-time
25
expires
Sat, 30 Apr 2022 01:04:20 GMT
result-Credit-Card.png
static-theme.cdncloud.top/buyer/public/img/ 		350 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-theme.cdncloud.top/buyer/public/img/result-Credit-Card.png
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
624aaacc524bed63fb1407f1493dc89258537ee03188f13ae9c5781c48711a69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
1626723
cf-polished
origFmt=png, origSize=879
last-modified
Sat, 24 Oct 2020 07:52:37 GMT
content-disposition
inline; filename="result-Credit-Card.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
KKS96VR1V9YCRKPP
x-amz-id-2
RFdHZaG1rQpnPErsIyzLUDF3FA03Y4xXtHvMDexvFNGeeXbl33DBgzQRk0tUtm1W3aTg0uaEX7E=
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"bf56157be19d2d59aae8812b450ef2d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
z8KLVT3etHDW3TzQCnxcbrMcVwhh4Abq
content-length
350
cf-ray
703afd4db9e39273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
41759b72e84283dd8777c690bee4dc09.png
img.cdncloud.top/uploader/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdncloud.top/uploader/41759b72e84283dd8777c690bee4dc09.png?x-oss-process=image/resize,w_120
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.252 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9305737b3995c606e2e8cb3bc87380670a5206d614b3d00cda514dbe2eb8d5d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:24 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-oss-request-id
626C52D8F52D6D3338189A8E
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30263
x-oss-object-type
Multipart
last-modified
Wed, 16 Mar 2022 08:36:43 GMT
server
cloudflare
etag
"96C511BBB0DA7985B937B09F5D108B1E-2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
703afd4dda6f5b98-FRA
x-oss-hash-crc64ecma
11883543324393856422
x-oss-server-time
127
expires
Sat, 30 Apr 2022 01:04:24 GMT
email-decode.min.js
www.midwestsaskatoon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 13:06:56 GMT
server
cloudflare
etag
W/"626be2f0-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
703afd4d9dc09b40-FRA
vary
Accept-Encoding
expires
Sun, 01 May 2022 21:04:20 GMT
externalcall.js
www.17track.net/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.17track.net/externalcall.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8dc60fb66211dd76a09671f59abb75cca7436949de0aaa336aefae8b8401a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 07:59:35 GMT
server
cloudflare
age
33071
etag
W/"807f-YulRzD37W4Z7Rwt5Lb4SNjT/KuU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
nginx-cache
HIT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=7200
cf-ray
703afd4f8b5e8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.midwestsaskatoon.com/
Origin
https://www.midwestsaskatoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
703afd4dcc089bd7-FRA
event.js
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/lib/event.js?t=20220422163153
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fc0c00a491f69684ee6d9c1f4d3f18621273a37de49f460f28421eb1be26c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
649937
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EQVJ5NEE55BTG903
x-amz-id-2
teaIuqd9P6baiecIE1zc4vSLyAspOwvDbzwoYOt2g+cqA+OBLu2CLB22awtPIXcc5nAhwb2Xh9g=
last-modified
Fri, 22 Apr 2022 08:23:57 GMT
server
cloudflare
etag
W/"3f00be69baed72b0d18f11261a6cb471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
6xlZbWxYuGRyVr4lxPxiSguURlEHcBKc
cf-ray
703afd4db9db9273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
index.js
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ 		630 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/js/lib/index.js?t=20220422163153
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b745cb604c6ea4cc72c3ffd35ee4e4f2856e334663e0360dabf39fb6fe8fbb5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
649937
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EQVKZ5TAPWP66J5H
x-amz-id-2
+qAxHJH8WBSDJzWw2t70IJbLjzplg3bxqW2DBtH1CI+IwM5A8cKGK59N7Cy3l4eqT36QZOVQRW4=
last-modified
Fri, 22 Apr 2022 08:23:57 GMT
server
cloudflare
etag
W/"339f8e16858b26e5aef4a572d5aa421b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-amz-version-id
18yf_tHcxYf3w8Vq_YmhvD.Lszxgm8w9
cf-ray
703afd4db9dd9273-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
9DO6jydPGyKazPAIhhX6YyjPZib0uqkULJlEOK7qI63CapugseN6q0jTgb+GtyAZ1SpaOD7gHQ+s84sfXQYIwg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 29 Apr 2022 21:04:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
font_871426_ou7555ftk8o.woff2
at.alicdn.com/t/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_871426_ou7555ftk8o.woff2?t=1631848450369
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20220422163153
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.48.251 Amsterdam, Netherlands, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a

Request headers

Referer
https://static-theme.cdncloud.top/
Origin
https://www.midwestsaskatoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 03:21:31 GMT
via
cache22.l2ot7-1[0,0,200-0,H], cache24.l2ot7-1[0,0], cache5.nl2[0,0,200-0,H], cache7.nl2[1,0]
x-oss-request-id
614409BB14A30E36330D91AB
content-md5
rgWHwHbPVaCTap787BYoqg==
age
19417368
x-cache
HIT TCP_MEM_HIT dirn:1:424489062
x-swift-cachetime
12565824
x-swift-savetime
Tue, 19 Apr 2022 16:51:08 GMT
content-length
43280
x-oss-object-type
Normal
last-modified
Fri, 17 Sep 2021 03:14:10 GMT
server
Tengine
etag
"AE0587C076CF55A0936A9EFCEC1628AA"
ali-swift-global-savetime
1631848892
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
16904730654307218689
eagleid
2ff6309b16512662601402623e
x-oss-server-time
2
Lato-Regular.ttf
static-theme.cdncloud.top/liquid/buyer/public/css/font/ 		117 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/font/Lato-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Referer
https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Origin
https://www.midwestsaskatoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
392865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XSXAM9SY36N5RHMT
x-amz-id-2
xmKp0/Rxhd5/0vkvzD8DuuyYhCH+HTnFXkFhUzrD0uxjaUUL9E+A16z84LqCgH+qTNVCBt6tRvY=
last-modified
Mon, 27 Dec 2021 07:30:48 GMT
server
cloudflare
etag
W/"7f690e503a254e0b8349aec0177e07aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
font/ttf
access-control-allow-origin
https://www.midwestsaskatoon.com
cache-control
public, max-age=14400
x-amz-version-id
t2rP6HJIAScGNDVRCb2sKlYSnE8pwP2S
cf-ray
703afd4dccb690f4-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
OpenSans-Regular.ttf
static-theme.cdncloud.top/liquid/buyer/public/css/font/ 		212 KB
85 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/font/OpenSans-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Request headers

Referer
https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Origin
https://www.midwestsaskatoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
392854
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XSX1SGN9N3RAAMXJ
x-amz-id-2
nL+1Firb3SM1PYpnEhwVKhW4H4upamrkpar3QWYWEEO80z+eiHWhjx8c2znpvqNRiTqwCR/qfak=
last-modified
Mon, 27 Dec 2021 07:30:48 GMT
server
cloudflare
etag
W/"d7d5d4588a9f50c99264bc12e4892a7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
font/ttf
access-control-allow-origin
https://www.midwestsaskatoon.com
cache-control
public, max-age=14400
x-amz-version-id
9dcCjv8Wpc7yYnaf_kWqVsFH5ssGKZ00
cf-ray
703afd4dccb990f4-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
AvenirNext-Regular.ttf
static-theme.cdncloud.top/liquid/buyer/public/css/font/ 		411 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/font/AvenirNext-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c

Request headers

Referer
https://static-theme.cdncloud.top/liquid/buyer/public/css/sail001.comm.min.css?t=20220422163153
Origin
https://www.midwestsaskatoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
392840
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
YTTMYQQB8EFEDCNG
x-amz-id-2
TEeySm62siWS71x88y5PLSAhjphLAt8BBUihSVife12qdiE2P3dx05cEUk3nDX82kddrp+Z6aMY=
last-modified
Mon, 27 Dec 2021 07:30:47 GMT
server
cloudflare
etag
W/"4d8fdeb265ff6d34fb3bd8e4292665c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
font/ttf
access-control-allow-origin
https://www.midwestsaskatoon.com
cache-control
public, max-age=14400
x-amz-version-id
a4w8Idt7y2zfJpJ29HcyGICUat3w3CyW
cf-ray
703afd4dccba90f4-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
Roboto-Regular.ttf
static-theme.cdncloud.top/liquid/buyer/public/css/font/ 		168 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-theme.cdncloud.top/liquid/buyer/public/css/font/Roboto-Regular.ttf
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20220422163153
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Referer
https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20220422163153
Origin
https://www.midwestsaskatoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
27187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AFKC54D62G1KA0GC
x-amz-id-2
R7stDxDA3i8K0eJpcDY9v3MCcTRdUgzjzQIuSjwIXTKEDCjsNz0vUGrCw0V1kMDGLDkd3XJXd+A=
last-modified
Fri, 25 Feb 2022 06:02:38 GMT
server
cloudflare
etag
W/"3e1af3ef546b9e6ecef9f3ba197bf7d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET, POST, HEAD, PUT, DELETE
content-type
font/ttf
access-control-allow-origin
https://www.midwestsaskatoon.com
cache-control
public, max-age=14400
x-amz-version-id
DcjAMHnx4RMA3EJ.2F5Bkz8ZAbEs8ZYp
cf-ray
703afd4dfcf290f4-FRA
expires
Sat, 30 Apr 2022 01:04:20 GMT
3129730477299438
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3129730477299438?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46dbaccf3e64d9e877b04a76bb57e6a88f2e3ad14ede1fc967a1b53b376bc9fe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
+VL9QDwBzKTCj8xYlwcsqA4XZNJbSjMUAOs/JfuBPTmBbx3mU2IUUng/phwNdPqjfOdIhKll4O0oofjjLLUOvg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 29 Apr 2022 21:04:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1651266260322
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3129730477299438&ev=PageView&dl=https%3A%2F%2Fwww.midwestsaskatoon.com%2Forders%2FsI3aq2MNq7vj2rJSCgvMvA&rl=&if=false&ts=1651266260362&sw=1600&sh=1200&v=2.9.57&r=stable&a=plshopify1.2&ec=0&o=30&fbp=fb.1.1651266260361.606740347&it=1651266260192&coo=false&eid=lfcl61uiwwgPageView1651266260107&rqm=GET
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 29 Apr 2022 21:04:20 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.midwestsaskatoon.com&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36fb889569aab047217a5f00d75452120ec9495d749fb8921e1c5f2f0bd66355
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-tUAm1I9jd40UgE2YZ268m+pTqVrMeRk+N3E1FUUqldhxrPGg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-tUAm1I9jd40UgE2YZ268m+pTqVrMeRk+N3E1FUUqldhxrPGg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
26
x-cache
HIT, MISS
paypal-debug-id
f678330b2fe98
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4300
x-xss-protection
1; mode=block
x-served-by
cache-hhn11529-HHN, cache-fra19130-FRA
x-timer
S1651266261.503714,VS0,VE5
x-frame-options
SAMEORIGIN
date
Fri, 29 Apr 2022 21:04:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"2f38-JDMl9QCL5m4RLY99VyF7LBb/6MY"
accept-ranges
bytes
x-cache-hits
1, 0
user-capi
www.midwestsaskatoon.com/buyer/user/ 		79 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/buyer/user/user-capi
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
84a01ffca7e9c9d0d3d209cc2d9cd080f36e48b52c15c8a3b4d01e56aefd9af8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Apr 2022 21:04:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
703afd500bef699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
select-coupon
www.midwestsaskatoon.com/buyer/user/ 		64 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/buyer/user/select-coupon
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
299bd0b9143a93b103fd2c73b62e9df0bd5979ddc30bd040fa4153e1eed96454

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Apr 2022 21:04:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
703afd503c38699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
swiper.js
www.itaboola.com/ 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itaboola.com/swiper.js?ul=https%3A%2F%2Fwww.midwestsaskatoon.com%2Forders%2FsI3aq2MNq7vj2rJSCgvMvA&ht=www.midwestsaskatoon.com&ua=mozilla%2F5.0+(windows+nt+10.0%3B+win64%3B+x64)+applewebkit%2F537.36+(khtml%2C+like+gecko)+chrome%2F101.0.4951.41+safari%2F537.36&lp=true&sr=direct&rl=&s=71068&u=1888183067&ev=PageView&fu=0485a5c179102f33f8e349f9f86d9a89&p=result&ts=1651266260481&cd=%257B%257D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fwww.midwestsaskatoon.com%2Forders%2FsI3aq2MNq7vj2rJSCgvMvA&customer_id=&is_login=false&session_id=s.1.1651266260481.3bff51520788a
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.246 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.midwestsaskatoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:21 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 29 Apr 2022 21:04:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
703afd506dbd924f-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 30 Apr 2022 01:04:21 GMT
ts
t.paypal.com/ 		42 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Thank%20you%20for%20your%20purchase!%20-%20midwestsaskatoon&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1651266260523&g=0&completeurl=https%3A%2F%2Fwww.midwestsaskatoon.com%2Forders%2FsI3aq2MNq7vj2rJSCgvMvA&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:20 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
77e3060105a95
x-cache-hits
0, 0
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn11570-HHN, cache-fra19178-FRA
pragma
no-cache
x-timer
S1651266261.576463,VS0,VE148
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Apr 2022 21:04:20 GMT
cart
www.midwestsaskatoon.com/buyer/ 		1019 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/buyer/cart
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd76ff45cdf91c5cc2e289363f15d87e13238f0e1d06012f0a8b168bc6f3608

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Apr 2022 21:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cf-ray
703afd54dca9699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3129730477299438&ev=Microdata&dl=https%3A%2F%2Fwww.midwestsaskatoon.com%2Forders%2FsI3aq2MNq7vj2rJSCgvMvA&rl=&if=false&ts=1651266261867&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Thank%20you%20for%20your%20purchase!%20-%20midwestsaskatoon%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=plshopify1.2&ec=1&o=30&fbp=fb.1.1651266260361.606740347&it=1651266260192&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 29 Apr 2022 21:04:21 GMT
script-tag.js
apps-apisix.myshops.vip/convert-helper-front/js/ 		185 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/convert-helper-front/js/script-tag.js?shop=https://zyth000002.xshoppy.shop
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cad968a09f64e8686cb8592eb9acb6c7b79e75bdcb17f176827bbe02551979d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 05 Nov 2021 01:58:28 GMT
server
cloudflare
etag
W/"61848fc4-2e403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
703afd6c3bba9b2b-FRA
expires
Sat, 30 Apr 2022 01:04:25 GMT
preload.js
apps-apisix.myshops.vip/product-recommend-front/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/product-recommend-front/preload.js?shop=https://zyth000002.xshoppy.shop
Requested by
Host: www.midwestsaskatoon.com
URL: https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ca8b5cbdf150ecf92a42660bea0dd48fa5826414c67608d2e0a330a2dfdbc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:25 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 08:45:26 GMT
server
cloudflare
etag
W/"61163126-7b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
703afd6c3bbe9b2b-FRA
expires
Sat, 30 Apr 2022 01:04:25 GMT
rum
www.midwestsaskatoon.com/cdn-cgi/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Fri, 29 Apr 2022 21:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.midwestsaskatoon.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
703afd6c1bf1699f-FRA
vary
Origin
runtime.js
apps-apisix.myshops.vip/product-recommend-front/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/product-recommend-front/static/js/runtime.js?_=1651266260100
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20457dc7222e2ac5db8b94770eb2c09452be04ec2bf03fd232f1a45965e082d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 08:45:53 GMT
server
cloudflare
etag
W/"61163141-c6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
703afd70bc5e9b2b-FRA
expires
Sat, 30 Apr 2022 01:04:26 GMT
polyfill.js
apps-apisix.myshops.vip/product-recommend-front/static/js/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/product-recommend-front/static/js/polyfill.js?_=1651266260101
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca9cea5ec210afe5123e609128ba1008aa936d65e4c9a2aa08b8bcec41d09ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 08:45:53 GMT
server
cloudflare
etag
W/"61163141-189be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
703afd70bc609b2b-FRA
expires
Sat, 30 Apr 2022 01:04:26 GMT
scriptTag.js
apps-apisix.myshops.vip/product-recommend-front/static/js/ 		1009 KB
269 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/product-recommend-front/static/js/scriptTag.js?_=1651266260102
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e50dcb1450efeb64d4f9f8e240c1dc390617a9cf2ed7b3a880227de1d9c7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 13 Aug 2021 08:45:53 GMT
server
cloudflare
etag
W/"61163141-fc476"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
703afd70bc629b2b-FRA
expires
Sat, 30 Apr 2022 01:04:26 GMT
scriptTag.css
apps-apisix.myshops.vip/product-recommend-front/static/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/product-recommend-front/static/css/scriptTag.css
Requested by
Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a209c7b8123bdb10f3cc76fb3dc2938a01a16f30fc62ee32c7a184df6d4d2f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 13 Aug 2021 08:45:53 GMT
server
cloudflare
age
2128
etag
W/"61163141-5e95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
703afd70bc639b2b-FRA
expires
Sat, 30 Apr 2022 01:04:25 GMT
script-tag.css
apps-apisix.myshops.vip/convert-helper-front/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps-apisix.myshops.vip/convert-helper-front/css/script-tag.css
Requested by
Host: apps-apisix.myshops.vip
URL: https://apps-apisix.myshops.vip/convert-helper-front/js/script-tag.js?shop=https://zyth000002.xshoppy.shop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e668fcee0b953e7919565fdef7e1db831c954ec9023ba27fd24f29adc0823efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midwestsaskatoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 05 Nov 2021 01:58:28 GMT
server
cloudflare
age
4294
etag
W/"61848fc4-2000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
703afd7308899b2b-FRA
expires
Sat, 30 Apr 2022 01:04:26 GMT
cart
www.midwestsaskatoon.com/gateway/front-order/ 		877 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.midwestsaskatoon.com/gateway/front-order/cart
Requested by
Host: apps-apisix.myshops.vip
URL: https://apps-apisix.myshops.vip/convert-helper-front/js/script-tag.js?shop=https://zyth000002.xshoppy.shop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
103.160.204.43 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
053f43bebc1d3a7b9cfe8ee87d4d99afd03f512f2b42f86b8a234ec45ead011c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.midwestsaskatoon.com/orders/sI3aq2MNq7vj2rJSCgvMvA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 21:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
cf-ray
703afd730fd2699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails number| dpr number| rem function| $ function| jQuery function| Swiper function| Fingerprint2 function| _createClass function| _classCallCheck function| _typeof object| NP_ENV object| $api object| $tracking boolean| isLazyLoad function| lazyLoad object| $asiabillPayment string| id function| setCookie function| getCookie string| clientId object| event_id_PageView function| fbq function| _fbq object| json number| index string| html object| YQ function| UAParser object| update_i18n object| _Modernizr object| YQBrowserCheck object| YQV5 function| yqtrack_v4 function| userLogin object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| __cfBeacon object| $plug object| $http function| xtag function| sharetag function| conversionsApi object| $session object| jQuery110207921801395013688 string| user_fingerprint object| paypalDDL

8 Cookies

Domain/Path Name / Value
.www.midwestsaskatoon.com/ Name: ssid
Value: 71068
.www.midwestsaskatoon.com/ Name: utuni
Value: 7b9d763b1e72af408488f31f590642dc52fd0ee8d4d13a8be7d99e13646861d0a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A1888183067%3B%7D
.www.midwestsaskatoon.com/ Name: __cfruid
Value: c7bada887b653064845b32146f5210635dbb6a6a-1651266259
.midwestsaskatoon.com/ Name: client_id
Value: 1651266260106100
.midwestsaskatoon.com/ Name: _fbp
Value: fb.1.1651266260361.606740347
www.midwestsaskatoon.com/ Name: ga_utm
Value: {}
.paypal.com/ Name: ts
Value: vreXpYrS%3D1745960660%26vteXpYrS%3D1651268060%26vr%3D77238eaf1800a98079463bfbffffffff%26vt%3D77238eaf1800a98079463bfbfffffffe
.paypal.com/ Name: ts_c
Value: vr%3D77238eaf1800a98079463bfbffffffff%26vt%3D77238eaf1800a98079463bfbfffffffe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps-apisix.myshops.vip
at.alicdn.com
connect.facebook.net
img.cdncloud.top
static-theme.cdncloud.top
static.cloudflareinsights.com
t.paypal.com
www.17track.net
www.facebook.com
www.itaboola.com
www.midwestsaskatoon.com
www.paypal.com
www.paypalobjects.com
103.160.204.246
103.160.204.252
103.160.204.4
103.160.204.43
151.101.1.21
151.101.65.35
172.66.40.15
192.229.221.25
2606:4700:440e::6812:2fe6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
47.246.48.251
0352584f6f0c9c93b2fc8d88400b75df48a88caad226fd171333ba09a1213d2f
053f43bebc1d3a7b9cfe8ee87d4d99afd03f512f2b42f86b8a234ec45ead011c
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
17e0023958e972db76916e91cc0189887411c5fd047d10a067ae206484e4c25c
20457dc7222e2ac5db8b94770eb2c09452be04ec2bf03fd232f1a45965e082d4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
299bd0b9143a93b103fd2c73b62e9df0bd5979ddc30bd040fa4153e1eed96454
36fb889569aab047217a5f00d75452120ec9495d749fb8921e1c5f2f0bd66355
3a209c7b8123bdb10f3cc76fb3dc2938a01a16f30fc62ee32c7a184df6d4d2f1
3bd76ff45cdf91c5cc2e289363f15d87e13238f0e1d06012f0a8b168bc6f3608
46dbaccf3e64d9e877b04a76bb57e6a88f2e3ad14ede1fc967a1b53b376bc9fe
48fc0c00a491f69684ee6d9c1f4d3f18621273a37de49f460f28421eb1be26c7
58e50dcb1450efeb64d4f9f8e240c1dc390617a9cf2ed7b3a880227de1d9c7a9
5bbf62ad203c1261b1f628721481e4d387b4d3bece69aa9328e7e49a98b39375
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
624aaacc524bed63fb1407f1493dc89258537ee03188f13ae9c5781c48711a69
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7cad968a09f64e8686cb8592eb9acb6c7b79e75bdcb17f176827bbe02551979d
7cbce62ee7731460704ef7a0cb5fed8fb8bb609522a6b132137498da7e2cdcaf
7cd5bd3eea0170b3fd5874a4a576b93a1887af50c1e0b6b88d564202ea68ec91
7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a
84a01ffca7e9c9d0d3d209cc2d9cd080f36e48b52c15c8a3b4d01e56aefd9af8
8985d080a1ce9aacb9cd770a3da914142baa35dea91fff597bbd0176357408aa
9305737b3995c606e2e8cb3bc87380670a5206d614b3d00cda514dbe2eb8d5d7
950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d
b745cb604c6ea4cc72c3ffd35ee4e4f2856e334663e0360dabf39fb6fe8fbb5f
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade
bca9cea5ec210afe5123e609128ba1008aa936d65e4c9a2aa08b8bcec41d09ae
c1ca8b5cbdf150ecf92a42660bea0dd48fa5826414c67608d2e0a330a2dfdbc6
c42a7f762dff0348a739456ab0f0fc990921471759a548edb183b146942c9b5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e668fcee0b953e7919565fdef7e1db831c954ec9023ba27fd24f29adc0823efc
e8dc60fb66211dd76a09671f59abb75cca7436949de0aaa336aefae8b8401a35
f2ef172aa4800b8232e983684503c2367e292ae8613839eb13517a6cae89620d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505