urlscan.io logo urlscan.io
SecurityTrails logo

pr-env-238101fa-secure-old.pantryshopdev.com Open in urlscan Pro
2606:4700::6812:1d90  Public Scan

Go To Rescan Add Verdict Report
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Submission: On February 11 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6812:1d90, located in United States and belongs to CLOUDFLARENET, US. The main domain is pr-env-238101fa-secure-old.pantryshopdev.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 7th 2020. Valid for: a year.
This is the only time pr-env-238101fa-secure-old.pantryshopdev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.188.42.15 15169 (GOOGLE)
12 5
6    2606:4700::6812:1d90 (United States)

ASN13335 (CLOUDFLARENET, US)
pr-env-238101fa-secure-old.pantryshopdev.com
pr-env-238101fa-api.pantryshopdev.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2606:4700::6812:1c90 (United States)

ASN13335 (CLOUDFLARENET, US)
pr-env-238101fa-api.pantryshopdev.com
3    2606:4700::6812:d9 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.decovostatic.com
1    35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
Domain Requested by
5 pr-env-238101fa-secure-old.pantryshopdev.com pr-env-238101fa-secure-old.pantryshopdev.com
3 assets.decovostatic.com pr-env-238101fa-secure-old.pantryshopdev.com
2 pr-env-238101fa-api.pantryshopdev.com pr-env-238101fa-secure-old.pantryshopdev.com
1 sentry.io pr-env-238101fa-secure-old.pantryshopdev.com
1 use.fontawesome.com pr-env-238101fa-secure-old.pantryshopdev.com
12 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-07 -
2021-08-07		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
decovostatic.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Frame ID: 820A0E2D10452F054A1988AC261DCC4D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

895 kB
Transfer

3310 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pr-env-238101fa-secure-old.pantryshopdev.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-env-238101fa-secure-old.pantryshopdev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3209bdd5220b06e783d7f702257004fcc00e09be11ced36e918f85a106f0bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pr-env-238101fa-secure-old.pantryshopdev.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db33be799e55fcd495b51065f04e655961613085892; expires=Sat, 13-Mar-21 23:24:52 GMT; path=/; domain=.pantryshopdev.com; HttpOnly; SameSite=Lax
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
083502768100001756bfb40000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6201d36a6fab1756-FRA
content-encoding
gzip
env
pr-env-238101fa-secure-old.pantryshopdev.com/ 		922 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pr-env-238101fa-secure-old.pantryshopdev.com/env
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feee733ed5513661f53920f533b5ae9ef9ee579def5b535e366a642d6399b838
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
vary
Accept-Encoding, Accept-Encoding
cf-request-id
08350278260000175680950000000001
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"39a-siplTclVXR7RquyMY3FUSEL8Efw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=300
content-security-policy
default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
cf-ray
6201d36d0a7b1756-FRA
index.efe3b971b92e68bb4bd3.css
pr-env-238101fa-secure-old.pantryshopdev.com/admin/ 		354 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.css
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123e96f0178be9b85ba36ca444707e49cbc05864a1fdde2bcc1507f994d57222
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 14:29:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5894e-1747345d718"
x-download-options
noopen
strict-transport-security
max-age=15724800; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=1209600
content-security-policy
default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
cf-request-id
0835027825000017560735b000000001
cf-ray
6201d36d0a791756-FRA
expires
Thu, 25 Feb 2021 23:24:53 GMT
index.efe3b971b92e68bb4bd3.js
pr-env-238101fa-secure-old.pantryshopdev.com/admin/ 		3 MB
735 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.js
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db39cd667ddd4c8df0c40f76bde152cfc7666340a97716e066514e0012e8536d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 14:29:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2ac9e2-1747345d718"
x-download-options
noopen
strict-transport-security
max-age=15724800; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1209600
content-security-policy
default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
cf-request-id
08350279a50000175641186000000001
cf-ray
6201d36f6cf11756-FRA
expires
Thu, 25 Feb 2021 23:24:53 GMT
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:52 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 15:10:14 GMT
server
NetDNA-cache/2.2
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
/
pr-env-238101fa-api.pantryshopdev.com/account/me/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://pr-env-238101fa-api.pantryshopdev.com/account/me/
Protocol
H2
Server
2606:4700::6812:1c90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 11 Feb 2021 23:24:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
pep-site-referrer,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
access-control-expose-headers
access-control-max-age
1728000
cache-control
max-age=0, private, must-revalidate
vary
Origin
x-request-id
42d94c85aa830ce6cfc20aa9036b8927
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
cf-request-id
0835027e370000061414985000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6201d376bb3d0614-FRA
/
pr-env-238101fa-api.pantryshopdev.com/account/me/ 		12 B
254 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pr-env-238101fa-api.pantryshopdev.com/account/me/
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d83f01c9aff03af6380e341aad90a5547d378ef54582383c6c9a35c53181af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Feb 2021 23:24:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
6201d3792f391756-FRA
content-length
12
cf-request-id
0835027fbc000017560908d000000001
x-request-id
0d24d6b2f1110303e0de4d38c1c10908
ring.gif
pr-env-238101fa-secure-old.pantryshopdev.com/admin/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/assets/ring.gif
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb690bceaf36c83c9b2bc450ff5b11c33167334fdabc49f93bf6c2c7ff5b221
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:54 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
24466
x-xss-protection
1; mode=block
last-modified
Wed, 09 Sep 2020 14:29:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f92-1747345d718"
x-download-options
noopen
strict-transport-security
max-age=15724800; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
public, max-age=1209600
content-security-policy
default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
cf-request-id
0835027e0f00001756ba33e000000001
accept-ranges
bytes
cf-ray
6201d3767c761756-FRA
expires
Thu, 25 Feb 2021 23:24:54 GMT
DMSans-Regular.ttf
assets.decovostatic.com/fonts/ 		70 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.decovostatic.com/fonts/DMSans-Regular.ttf
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11886d1bb0fcea64c7e1278b019236137ef98578f6fe9f692038e1faa1e3bcac

Request headers

Origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:54 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
1A6A11DE63823FC9
x-amz-id-2
O11wv224W3EuTaTGW0f7kxMb/JFMy9PgbnY3Bue/rGdTXq+luJ2jUMEWk9Vlhka5KdpkBARDkN0=
last-modified
Thu, 27 Aug 2020 17:57:42 GMT
server
cloudflare
etag
W/"3e7f038b85daa739336e4a3476c687f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
expires
Fri, 12 Feb 2021 03:24:54 GMT
cache-control
public, max-age=14400
cf-request-id
0835027e3900000eaf61a0c000000001
cf-ray
6201d376cb300eaf-FRA
x-amz-meta-mtime
1586294565
/
sentry.io/api/1535033/store/ 		41 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1535033/store/?sentry_key=b8467f363a76470a81cd12f9c212531b&sentry_version=7
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5dc76d574fa8a656243195d0320ad7198c847454e5270183271e1ec307150ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 11 Feb 2021 23:24:55 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
41
dark-large-pantry-shop-logo.svg
assets.decovostatic.com/static-images/pantry-shop-icons/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.decovostatic.com/static-images/pantry-shop-icons/dark-large-pantry-shop-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35bb2749dfc5d64a97f943b9747bdda4856edf0b889864fd797214b0b7f99abc

Request headers

Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
7271309E77454CAA
x-amz-id-2
pkyU2NwmbKcbMTYyRT42+nKqh6uHMFarENbBHi4OtW+nOGFBmVqMhY+X6R5aWGhF3t+k3hzE9tQ=
last-modified
Wed, 26 Aug 2020 14:15:59 GMT
server
cloudflare
etag
W/"bc6cd1507ab8fd1e3117a5b772c8341a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
expires
Fri, 12 Feb 2021 03:24:55 GMT
cache-control
public, max-age=14400
cf-request-id
08350281d600004ac2bb8e6000000001
cf-ray
6201d37c8ab04ac2-FRA
x-amz-meta-mtime
1587057049
DMSans-Bold.ttf
assets.decovostatic.com/fonts/ 		70 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.decovostatic.com/fonts/DMSans-Bold.ttf
Requested by
Host: pr-env-238101fa-secure-old.pantryshopdev.com
URL: https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35879eb94bef73bd2fab40f0c3391c26d53844b67e7fd4a7c7ba9ef86fb96968

Request headers

Origin
https://pr-env-238101fa-secure-old.pantryshopdev.com
Referer
https://pr-env-238101fa-secure-old.pantryshopdev.com/admin/index.efe3b971b92e68bb4bd3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 23:24:55 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
D282C7446C7A6A21
x-amz-id-2
V9/B3hZ9ua6aUdFnq9Aoxl27bMAOjYZkWFqos+BOrj+asrW9UfLXTDzz0kAz1fVhZQkqr1J/lx4=
last-modified
Thu, 27 Aug 2020 17:57:42 GMT
server
cloudflare
etag
W/"071853031a2175ada019db9e6fd1585c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
expires
Fri, 12 Feb 2021 03:24:55 GMT
cache-control
public, max-age=14400
cf-request-id
08350281c700000eaf7bb03000000001
cf-ray
6201d37c78bd0eaf-FRA
x-amz-meta-mtime
1586294565

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| WELLSPACE_ENV object| __core-js_shared__ object| core function| _ object| __SENTRY__ object| regeneratorRuntime function| setImmediate function| clearImmediate

1 Cookies

Domain/Path Name / Value
.pantryshopdev.com/ Name: __cfduid
Value: db33be799e55fcd495b51065f04e655961613085892

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-src *.braintreegateway.com *.kaptcha.com; script-src 'self' localhost:10012 cdn.ravenjs.com fast.fonts.net 'unsafe-eval' www.paypalobjects.com *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; connect-src *; style-src 'self' localhost:10012 blob: fast.fonts.net use.fontawesome.com 'unsafe-inline' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; font-src data: use.fontawesome.com fast.fonts.net *.decovostatic.com *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com; img-src localhost:10012 'self' *.decovostatic.com *.wellspacestatic.com *.wellspace.io *.staging.wellspace.io *.production.wellspace.io *.staging.pantryshop.com *.pantryshop.com *.pantryshopstaging.com *.pantryshopdev.com https://s3.amazonaws.com/braintree-badges/
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block