au.stepback.store Open in urlscan Pro
23.227.38.74  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request login.php Show response au.stepback.store/	387 KB 77 KB	302ms 274ms	Document text/html	23.227.38.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6aeb70c6ac807de88f391442b898096268e3f6973f1da55f46559b95056d279e Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=c775eddc-71ee-4055-a051-d96e64e5fedd Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=c775eddc-71ee-4055-a051-d96e64e5fedd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Thu, 23 Dec 2021 19:56:21 GMT content-type text/html; charset=utf-8 x-sorting-hat-podid 199 x-sorting-hat-shopid 58356170952 x-frame-options DENY x-shopid 58356170952 x-shardid 199 x-shopify-generated-cart-token e74543671a880f390b0431fe288c1a94 content-language en strict-transport-security max-age=7889238 x-alternate-cache-key cacheable:de999216713939e6d3520aaef0b026a6 x-cache hit, server x-shopify-stage production content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=c775eddc-71ee-4055-a051-d96e64e5fedd x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=c775eddc-71ee-4055-a051-d96e64e5fedd x-dc gcp-us-central1,gcp-us-east1,gcp-us-east1 x-request-id c775eddc-71ee-4055-a051-d96e64e5fedd cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6c24271b5e557157-YUL content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	theme.scss.css cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/	179 KB 25 KB	38ms 12ms	Stylesheet text/css	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/theme.scss.css?v=13513003502497063962 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 4df43a7aa68a6544c6032131ed2e0c675911bf8268a16af7852ca68fbb32190b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-east1 x-cache HIT, HIT server-timing cdn;dur=0.851,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 25294 x-xss-protection 1; mode=block x-request-id 1eee0e7388a4b65b058688ea62056e40 x-served-by cache-lga13621-LGA, cache-yul12822-YUL last-modified Wed, 22 Dec 2021 23:21:35 GMT server cache-yul12822-YUL x-timer S1640289382.978172,VS0,VE1 date Thu, 23 Dec 2021 19:56:21 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type text/css access-control-allow-origin * expires Thu, 22 Dec 2022 23:21:35 GMT cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/theme.scss.css>; rel="canonical" x-cache-hits 1, 1
GET H2	200	polyfill.min.js Show response cdn.polyfill.io/v2/	222 B 620 B	83ms 35ms	Script text/javascript	2a04:4e42::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v2/polyfill.min.js?features=fetch,Element.prototype.closest,Element.prototype.remove,Element.prototype.classList,Array.prototype.includes,Array.prototype.fill,Object.assign,CustomEvent,IntersectionObserver,IntersectionObserverEntry Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 4798453 detected-user-agent Chrome Mobile/96.0.4664 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=103, HIT, fastly;desc="Edge time";dur=0 content-length 126 referrer-policy origin-when-cross-origin last-modified Fri, 29 Oct 2021 05:28:40 GMT date Thu, 23 Dec 2021 19:56:22 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/96.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	libs.min.js Show response cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/	183 KB 55 KB	19ms 19ms	Script application/javascript	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/libs.min.js?v=8846682211898979100 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 302ec32d4bb74c41a9dc84200692093e921762cdef2627ef1633e6d0e530249b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-central1 x-cache HIT, HIT server-timing cdn;dur=0.784,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 56470 x-xss-protection 1; mode=block x-request-id ca968d81c5322176b01b0968b2ceab34 x-served-by cache-lga21930-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.011574,VS0,VE1 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/libs.min.js>; rel="canonical" x-cache-hits 1, 1
GET H2	200	theme.min.js Show response cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/	130 KB 24 KB	29ms 27ms	Script application/javascript	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/theme.min.js?v=10178386333428187552 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 3da607c0a3fb21d995a10c0e66683cf24ce2f587780f25a56eb02049e0c32b14 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-central1 x-cache HIT, HIT server-timing cdn;dur=0.721,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 24208 x-xss-protection 1; mode=block x-request-id ffd96b55577cd65512d02a47e05df876 x-served-by cache-lga21953-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.018817,VS0,VE1 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/theme.min.js>; rel="canonical" x-cache-hits 1, 1
GET H2	200	custom.js Show response cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/	94 B 398 B	29ms 27ms	Script application/javascript	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/custom.js?v=881471708870390663 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash e47d533a3adf358d3f70c3c1c2680e4ed21de43b6c6d47296275bf75a7192bdb Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-east1 x-cache HIT, HIT server-timing cdn;dur=0.611,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 98 x-xss-protection 1; mode=block x-request-id 08895073afe38d27853950bd3a64ee8e x-served-by cache-lga21928-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.018861,VS0,VE1 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/custom.js>; rel="canonical" x-cache-hits 1, 1
GET H2	200	paymentfont.scss.css cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/	5 KB 1 KB	37ms 13ms	Stylesheet text/css	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/paymentfont.scss.css?v=3342251978275923690 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 3a77639d6f2dc62285d4b1cbcd584ce37d4b275f1b91422c4e5589239aeba0de Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-east1 x-cache HIT, HIT server-timing cdn;dur=0.637,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 1160 x-xss-protection 1; mode=block x-request-id 6ceb81297ec8b4aff73c276844d9ff20 x-served-by cache-lga21975-LGA, cache-yul12822-YUL last-modified Wed, 22 Dec 2021 23:21:35 GMT server cache-yul12822-YUL x-timer S1640289382.978282,VS0,VE1 date Thu, 23 Dec 2021 19:56:21 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type text/css access-control-allow-origin * expires Thu, 22 Dec 2022 23:21:35 GMT cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/paymentfont.scss.css>; rel="canonical" x-cache-hits 1, 1
GET H2	200	Untitled_design_45_1_fe320423-6ab0-4b07-bea0-1fed0a25309f_230x.png cdn.shopify.com/s/files/1/0583/5617/0952/files/	5 KB 6 KB	32ms 31ms	Image image/webp	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/files/Untitled_design_45_1_fe320423-6ab0-4b07-bea0-1fed0a25309f_230x.png?v=1630614253 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 190ca1747a4b8826ce55057161f094400612e2b1d982a3435c1049a7aae10eec Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-central1 x-cache HIT, HIT server-timing cdn;dur=0.750,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 5470 x-xss-protection 1; mode=block x-request-id 9d1f5e4117214ae41e7be55410c479aa x-served-by cache-lga21942-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.018927,VS0,VE1 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type image/webp access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/files/Untitled_design_45_1_fe320423-6ab0-4b07-bea0-1fed0a25309f_230x.png>; rel="canonical" x-cache-hits 1, 1
GET H2	200	hotjar-2655859.js Show response static.hotjar.com/c/	4 KB 2 KB	38ms 12ms	Script application/javascript	54.192.48.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2655859.js?sv=6 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.48.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-48-56.yul62.r.cloudfront.net Software / Resource Hash 4a1d3822b6f1617c18b52e0f41e5248dbc55805cdcf02e42b31204d12d6efc25 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 19:56:21 GMT content-encoding br x-content-type-options nosniff age 1 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 2013 access-control-allow-origin * cache-control max-age=60 etag W/50650d40a7a5900d3c4c79c8fde8aed0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 036a9c4a824b984cd31ef0e9e0ecd306.cloudfront.net (CloudFront) x-cache-hit 1 x-amz-cf-pop YUL62-C2 x-amz-cf-id d_WXe2dCyQzrgqrmPZ_gc6bXhQ397SCk5j5JXvF4KBElgyynUyBa8w==
GET H2	200	trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js Show response cdn.shopify.com/s/	77 KB 16 KB	28ms 26ms	Script application/javascript	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-central1 x-cache HIT, HIT server-timing cdn;dur=0.114,cdnPop;desc=YUL,cdnCache;desc=HIT content-length 16113 x-xss-protection 1; mode=block x-request-id 890388141c9e3f50940e20290c408200 x-served-by cache-lga21927-LGA, cache-yul12822-YUL last-modified Wed, 15 Dec 2021 16:30:30 GMT server cache-yul12822-YUL x-timer S1640289382.018989,VS0,VE0 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type application/javascript access-control-allow-origin * expires Thu, 15 Dec 2022 16:30:43 GMT cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js>; rel="canonical" x-cache-hits 3, 885065
GET H2	200	shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Show response cdn.shopify.com/shopifycloud/shopify/assets/	7 KB 3 KB	27ms 26ms	Script application/javascript	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-east1 x-cache HIT, HIT server-timing cdn;dur=0.193,cdnPop;desc=YUL,cdnCache;desc=HIT content-length 2437 x-xss-protection 1; mode=block x-request-id 1e9e805e1961fb6c1fcc228b5cc58289 x-served-by cache-lga21980-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.019105,VS0,VE0 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31556952, immutable accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js>; rel="canonical" x-cache-hits 1, 1049990
GET H2	200	IMG_6199_1x1.jpg cdn.shopify.com/s/files/1/0583/5617/0952/files/	700 B 994 B	24ms 24ms	Image image/webp	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/files/IMG_6199_1x1.jpg?v=1631518379 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash dc0216203027a3dfd9465fb6044b40970ea6a73607a0a9c4ce6546e2b3159cf3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-central1 x-cache HIT, HIT server-timing cdn;dur=0.676,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 700 x-xss-protection 1; mode=block x-request-id f722eafb877c98f150d99c1b53ea4344 x-served-by cache-lga21973-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.024230,VS0,VE1 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type image/webp access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/files/IMG_6199_1x1.jpg>; rel="canonical" x-cache-hits 1, 1
GET H2	200	IMG_6198_b2165fb7-05e0-4748-883f-4190a22d2036_1x1.jpg cdn.shopify.com/s/files/1/0583/5617/0952/files/	696 B 1 KB	24ms 24ms	Image image/webp	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/files/IMG_6198_b2165fb7-05e0-4748-883f-4190a22d2036_1x1.jpg?v=1631017566 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 8333e661ce79769b7e2e66665f8c845e4a12eb749445dd0c25c67c919947405e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-central1 x-cache HIT, HIT server-timing cdn;dur=0.490,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 696 x-xss-protection 1; mode=block x-request-id fda3a5260eaf915c21a60671b97133f7 x-served-by cache-lga21954-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.024854,VS0,VE0 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type image/webp access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/files/IMG_6198_b2165fb7-05e0-4748-883f-4190a22d2036_1x1.jpg>; rel="canonical" x-cache-hits 1, 1
GET H2	200	robotocondensed_n4.901867ac1fae62a138ed9ec7898623d714425105.woff2 fonts.shopifycdn.com/roboto_condensed/	20 KB 20 KB	39ms 10ms	Font font/woff2	2a04:4e42:600::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fonts.shopifycdn.com/roboto_condensed/robotocondensed_n4.901867ac1fae62a138ed9ec7898623d714425105.woff2?h1=c3RlcGJhY2suc3RvcmU&h2=YXUuc3RlcGJhY2suc3RvcmU&hmac=c9a0e02eb30614b21826bfd2a10aa3978aa0e9c15cba5f9725968a6588bf6c14 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/theme.scss.css?v=13513003502497063962 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 98f3e71eb352ef9a55f7544d0a85d0a4253342f1fe496c4de8b03b0703d90120 Request headers Referer https://cdn.shopify.com/ Origin https://au.stepback.store Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 19:56:22 GMT via 1.1 varnish age 17139877 x-guploader-uploadid ABg5-UxDMw_xGwdh1vBZ1eHG78czaMHDRpPRczN3RTkeWHfvcwHBOFupahEjSRMDWCqrR4NmDMmfz90lAWKISbA_oMM x-cache HIT x-goog-storage-class MULTI_REGIONAL content-length 20472 x-request-id 30188c270780177d3c9a2e354cac82a5d226d8e5a151753ae36543f20c8851db x-served-by cache-yul12829-YUL last-modified Fri, 12 Mar 2021 22:31:41 GMT server UploadServer x-timer S1640289382.054989,VS0,VE0 etag "3fe55b872ec0badd26bac73e793aefbc" x-goog-hash crc32c=6U8GUA==, md5=P+Vbhy7Aut0musc+eTrvvA== content-type font/woff2 access-control-allow-origin * expires Wed, 08 Jun 2022 10:51:45 GMT cache-control max-age=2629800, immutable accept-ranges bytes x-cache-hits 50189
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 475 B	129ms 39ms	Ping text/plain	34.138.230.116 GOOGLE-PRIVATE-CLOUD
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US), Reverse DNS 116.230.138.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://au.stepback.store/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers date Thu, 23 Dec 2021 19:56:22 GMT x-dc gcp-us-east1 access-control-max-age 86400 access-control-allow-methods OPTIONS,POST access-control-allow-origin https://au.stepback.store access-control-allow-credentials true strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For content-length 0 x-request-id 4590efbe-9005-48ac-93a0-e0f6aaab8cd4
GET H2	200	modules.6d5409da698bc5e020b1.js Show response script.hotjar.com/	228 KB 60 KB	41ms 14ms	Script application/javascript	13.225.185.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.6d5409da698bc5e020b1.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2655859.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.185.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-185-34.yul62.r.cloudfront.net Software / Resource Hash 9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 21 Dec 2021 16:10:06 GMT content-encoding br x-content-type-options nosniff age 186376 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 61259 access-control-allow-origin * last-modified Tue, 21 Dec 2021 16:09:54 GMT etag "a250696209ae851dce97a4101057f333" vary Accept-Encoding content-type application/javascript via 1.1 1a0361f1d6eeb33d623d41bfabfa3e8f.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop YUL62-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id BUfICbPWcWLe3UJMnLlzROm2Vl2cP88zqyDO6fZyetHMvPpMgfTdsQ==
GET H2	200	custom.min.js Show response cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/	2 KB 769 B	12ms 11ms	Script application/javascript	2a04:4e42:400::268 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/custom.min.js?v=17285127949069177633 Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::268 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cache-yul12822-YUL / Resource Hash 10d3676208214c7dc86ce813546c205e037de22d17ff676a1a40a17a8f55967d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-content-type-options nosniff nel {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0} x-cdn Fastly, http2 x-dc gcp-us-east1 x-cache HIT, HIT server-timing cdn;dur=0.569,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER content-length 486 x-xss-protection 1; mode=block x-request-id a1f703f6185947f36c6dac3b5d18a135 x-served-by cache-lga21934-LGA, cache-yul12822-YUL server cache-yul12822-YUL x-timer S1640289382.136205,VS0,VE1 date Thu, 23 Dec 2021 19:56:22 GMT vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31557600 accept-ranges bytes timing-allow-origin * link <https://cdn.shopify.com/s/files/1/0583/5617/0952/t/21/assets/custom.min.js>; rel="canonical" x-cache-hits 1, 1
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.0/	95 KB 34 KB	69ms 21ms	Script text/javascript	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js Requested by Host: au.stepback.store URL: https://au.stepback.store/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 22 Dec 2021 01:49:54 GMT content-encoding gzip x-content-type-options nosniff age 151588 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34044 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Dec 2022 01:49:54 GMT
GET H2	200	box-a1ae2079824d1c48aa9ce06efb256f18.html Show response vars.hotjar.com/ Frame 31B0	2 KB 1 KB	36ms 10ms	Document text/html	13.225.185.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2655859.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.185.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-185-7.yul62.r.cloudfront.net Software / Resource Hash d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://au.stepback.store/ Response headers content-type text/html content-length 1044 date Thu, 02 Dec 2021 15:53:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "6215abf691a11c2f451680e635d30daa" last-modified Thu, 02 Dec 2021 15:52:57 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-C1 x-amz-cf-id zkCgwWe_STodBw0qXQIKMfEuuoyPaTIfn_Y3Kei9kELgETxskoAwIQ== age 1828996
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2655859/	146 B 323 B	309ms 106ms	XHR application/json	34.254.124.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2655859/visit-data?sv=6 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.124.164 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-124-164.eu-west-1.compute.amazonaws.com Software / Resource Hash 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de Request headers Referer https://au.stepback.store/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Thu, 23 Dec 2021 19:56:22 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	cart.js Show response au.stepback.store/	283 B 982 B	104ms 103ms	XHR text/javascript	23.227.38.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://au.stepback.store/cart.js?_=1640289382242 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01e4ea6137252f3e2ed57d7cd0913f0dc3379e90b69a2e0a376008980b8bcbd8 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://au.stepback.store/login.php X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 19:56:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-permitted-cross-domain-policies none x-dc gcp-us-central1,gcp-us-east1,gcp-us-east1 x-shopify-stage production content-type text/javascript; charset=utf-8 strict-transport-security max-age=7889238 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 58356170952 x-shardid 199 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept x-download-options noopen x-shopid 58356170952 x-request-id 9f89e313-62a9-4840-8fee-6b76b1a6152f content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; cf-ray 6c2427259a437157-YUL x-sorting-hat-podid 199 x-cartjs-updatedat 0
GET H3	200	cart.js Show response au.stepback.store/	283 B 1 KB	126ms 125ms	XHR text/javascript	23.227.38.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://au.stepback.store/cart.js?_=1640289382243 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39956ee43b8c4559392691421cfde618ed9f7f5026a681b80b34a06809075773 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://au.stepback.store/login.php X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 19:56:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-permitted-cross-domain-policies none x-dc gcp-us-central1,gcp-us-east1,gcp-us-east1 x-shopify-stage production content-type text/javascript; charset=utf-8 strict-transport-security max-age=7889238 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 58356170952 x-shardid 199 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept x-download-options noopen x-shopid 58356170952 x-request-id 1594439e-3166-4e16-8533-6434415a0546 content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; cf-ray 6c24272bdbb04bbf-YUL x-sorting-hat-podid 199 x-cartjs-updatedat 0
GET H3	200	cart.js Show response au.stepback.store/	283 B 1 KB	114ms 114ms	XHR text/javascript	23.227.38.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://au.stepback.store/cart.js?_=1640289382244 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 915f48f91f1bb22b391cde745928e8ab957dc058ed639f1896df46227ab4c501 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://au.stepback.store/login.php X-Requested-With XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 23 Dec 2021 19:56:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-permitted-cross-domain-policies none x-dc gcp-us-central1,gcp-us-east1,gcp-us-east1 x-shopify-stage production content-type text/javascript; charset=utf-8 strict-transport-security max-age=7889238 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 58356170952 x-shardid 199 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept x-download-options noopen x-shopid 58356170952 x-request-id c7902961-b205-402b-8c66-0670c3a81331 content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; cf-ray 6c2427321a084bbf-YUL x-sorting-hat-podid 199 x-cartjs-updatedat 0
GET		cart.js au.stepback.store/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

au.stepback.store

URL

https://au.stepback.store/cart.js?_=1640289382245

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Shopify object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| theme object| languages object| lazySizesConfig function| hj object| _hjSettings object| meta string| attr object| ShopifyAnalytics object| gaDevIds object| trekkie object| Spurit object| qb object| Handlebars object| AwesomeQuantityBreak object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| getUrlParam function| hasFlag undefined| appikonSafe object| appikon object| appikonDiscount object| appikonResponseStore object| appikonHandlebars undefined| head undefined| script boolean| script_loaded object| activityEvents function| loadJSscripts function| loadJSscriptsNow string| afterpay_shop_currency string| afterpay_cart_currency string| afterpay_shop_money_format string| afterpay_shop_permanent_domain string| afterpay_theme_name object| afterpay_product object| afterpay_current_variant number| afterpay_cart_total_price string| afterpay_js_snippet_version function| disableBodyScroll object| _gsScope function| domDelegate object| fastdom function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| Instafeed function| PhotoSwipe function| Rellax object| Stickyfill object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| TimelineLite function| CSSPlugin function| _classCallCheck function| _createClass undefined| $ undefined| jQuery

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			au.stepback.store/	1970-01-19 23:58:18	Name: localization Value:
			au.stepback.store/	1970-01-19 23:58:18	Name: cart_currency Value: AUD
			au.stepback.store/	1970-01-19 23:58:18	Name: cart_sig Value: 69779c3187e47963933601058aa0a5b0
			au.stepback.store/	1970-01-20 08:23:45	Name: secure_customer_sig Value:
			.stepback.store/	1970-01-20 08:23:45	Name: _y Value: 59a55cb5-962e-4781-b97a-c83c55a52237
			.stepback.store/	1970-01-19 23:38:11	Name: _s Value: 810d99be-c2cc-447c-8e99-4bf9df549591
			.stepback.store/	1970-01-20 08:23:45	Name: _shopify_y Value: 59a55cb5-962e-4781-b97a-c83c55a52237
			.stepback.store/	1970-01-19 23:38:11	Name: _shopify_s Value: 810d99be-c2cc-447c-8e99-4bf9df549591
			au.stepback.store/	1970-01-20 08:23:45	Name: adp-pr-id Value:
			.stepback.store/	1970-01-20 08:23:45	Name: _hjSessionUser_2655859 Value: eyJpZCI6IjhlZDc1NWM4LTY0ZTQtNTM1OC1hMDM1LWJhMDFiNzI4MDBjNiIsImNyZWF0ZWQiOjE2NDAyODkzODIyMDUsImV4aXN0aW5nIjpmYWxzZX0=
			.stepback.store/	1970-01-19 23:38:11	Name: _hjFirstSeen Value: 1
			.stepback.store/	1970-01-19 23:38:11	Name: _hjSession_2655859 Value: eyJpZCI6Ijc2OGQ1NjA5LWIwNDktNDE0Yi04Njc1LTc1MDg0MDA2YWU0ZSIsImNyZWF0ZWQiOjE2NDAyODkzODIyOTN9
			au.stepback.store/	1970-01-19 23:38:09	Name: _hjIncludedInPageviewSample Value: 1
			.stepback.store/	1970-01-19 23:38:11	Name: _hjAbsoluteSessionInProgress Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://au.stepback.store/login.php Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=c775eddc-71ee-4055-a051-d96e64e5fedd
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=not_found&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=c775eddc-71ee-4055-a051-d96e64e5fedd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
au.stepback.store
cdn.polyfill.io
cdn.shopify.com
fonts.shopifycdn.com
in.hotjar.com
monorail-edge.shopifysvc.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
au.stepback.store
13.225.185.34
13.225.185.7
23.227.38.74
2607:f8b0:4006:817::200a
2a04:4e42:400::268
2a04:4e42:600::268
2a04:4e42::282
34.138.230.116
34.254.124.164
54.192.48.56
01e4ea6137252f3e2ed57d7cd0913f0dc3379e90b69a2e0a376008980b8bcbd8
10d3676208214c7dc86ce813546c205e037de22d17ff676a1a40a17a8f55967d
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
190ca1747a4b8826ce55057161f094400612e2b1d982a3435c1049a7aae10eec
302ec32d4bb74c41a9dc84200692093e921762cdef2627ef1633e6d0e530249b
39956ee43b8c4559392691421cfde618ed9f7f5026a681b80b34a06809075773
3a77639d6f2dc62285d4b1cbcd584ce37d4b275f1b91422c4e5589239aeba0de
3da607c0a3fb21d995a10c0e66683cf24ce2f587780f25a56eb02049e0c32b14
4a1d3822b6f1617c18b52e0f41e5248dbc55805cdcf02e42b31204d12d6efc25
4df43a7aa68a6544c6032131ed2e0c675911bf8268a16af7852ca68fbb32190b
53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6aeb70c6ac807de88f391442b898096268e3f6973f1da55f46559b95056d279e
8333e661ce79769b7e2e66665f8c845e4a12eb749445dd0c25c67c919947405e
915f48f91f1bb22b391cde745928e8ab957dc058ed639f1896df46227ab4c501
98f3e71eb352ef9a55f7544d0a85d0a4253342f1fe496c4de8b03b0703d90120
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
dc0216203027a3dfd9465fb6044b40970ea6a73607a0a9c4ce6546e2b3159cf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47d533a3adf358d3f70c3c1c2680e4ed21de43b6c6d47296275bf75a7192bdb
f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840