my-heiq-shopmyshop.referralcandy.com Open in urlscan Pro
54.254.130.57  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request settings Show response my-heiq-shopmyshop.referralcandy.com/RN59DBB/	29 KB 10 KB	888ms 473ms	Document text/html	54.254.130.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.254.130.57 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-254-130-57.ap-southeast-1.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash 7c73f155130f82306b18dd6a417effb110bb065ead22f6a966421994b6ffef8e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Fri, 22 Jul 2022 07:31:21 GMT etag W/"281a1c23ea9fe8834044e5ac5621e736" server nginx/1.10.3 (Ubuntu) vary Origin x-rack-cache miss x-request-id db6ed93accdbfeb328eb4c7fced34c6b x-runtime 0.277079 x-ua-compatible IE=Edge,chrome=1
GET H2	200	foundation.min.css cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/css/	118 KB 14 KB	58ms 22ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/css/foundation.min.css Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1928a8f2a6a66976a933c16af4961d18d4ef93f760b3e70c2e03de7af398131d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://my-heiq-shopmyshop.referralcandy.com/ Origin https://my-heiq-shopmyshop.referralcandy.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 9202986 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13273 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:13 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e65-1d66a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7jMfCPkRDO6DkfrYHTH7DMefl3GOgg%2FE0LIxsUk3n%2B9MoIOKTA%2BfzpZ1LtlMPyBql8x1gczM4q5gHo0hDr%2BUQerfPG7W2%2BmMzyhnV%2BFsL8N2cDJzI15zJBTf1r8CVjP4YSSoFbfcnF09CtqLaDRMal4"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72ea79ee7b729000-FRA expires Wed, 12 Jul 2023 07:31:22 GMT
GET H2	200	a70183fe6e.css use.fontawesome.com/	1 KB 1 KB	67ms 31ms	Stylesheet text/css	2606:4700:3033::6815:3f36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/a70183fe6e.css Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4922081f4858c29568f4990baa87f2b64076df30be35f308101613b82a7608c2 Request headers accept-language de-DE,de;q=0.9 Referer https://my-heiq-shopmyshop.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3614 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id C0J6C29T84S533F1 x-amz-id-2 /5AaCFdp8BB0CUezNDNEqRH/q+uv/VIcZF/1OzRvwCLahMWzWHZSb2JXHCEkSuuJzrH5KTYsaWw= last-modified Thu, 01 Jul 2021 13:38:54 GMT server cloudflare etag W/"4d700056a61fbefb92707febe3bb2cd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYQTrovx4PGCAjKsaDg%2F9OmBEHCKBR4fXypmywgtBIx0weY1eWQZ2PoyTPe%2FjdOFGKumR9ndk5IS189o%2BrxVof7%2Bf4xE%2BDesdOF%2F9zKVxYEw3VhRsKACyfd6nhEZ1lziQgJLwW%2FoX91tsawSt95M0%2FOg"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 72ea79ee78e29174-FRA
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 1001 B	132ms 47ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 847e29e6f7702972e9cea1c64d13bdc0f8d4f7045b18fd54276a8f4949501c04 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://my-heiq-shopmyshop.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 588 x-xss-protection 1; mode=block expires Fri, 22 Jul 2022 07:31:22 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	123ms 38ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://my-heiq-shopmyshop.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1525 date Fri, 22 Jul 2022 07:05:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 22 Jul 2022 09:05:57 GMT
GET H/1.1	200 OK	cSWyMziHRaKmI8odmcJB_MyHeiq%20logo%20transparent%20300x300.png client-assets.referralcandy.com/evergreen-dev/56664/	30 KB 30 KB	79ms 9ms	Image image/png	13.224.189.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://client-assets.referralcandy.com/evergreen-dev/56664/cSWyMziHRaKmI8odmcJB_MyHeiq%20logo%20transparent%20300x300.png Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.189.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-13.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 1c2a4c691e4cf8c903e64c13e4040a4d86169ce6d16250df72557ff093649074 Request headers accept-language de-DE,de;q=0.9 Referer https://my-heiq-shopmyshop.referralcandy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Thu, 21 Jul 2022 09:13:30 GMT Via 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront) Last-Modified Fri, 20 May 2022 09:04:57 GMT Server AmazonS3 Age 80273 ETag "f68f7e766d2b6cfd772f0d3012cee9d5" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes Content-Length 30428 X-Amz-Cf-Id ldlDkoHwzF7UEiiy-kZ5OECrpBvXgg6qi3Z6HZ6AwZnoZ4Dy2QcM-Q==
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	26ms 24ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://my-heiq-shopmyshop.referralcandy.com/ Origin https://my-heiq-shopmyshop.referralcandy.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 301973 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or9m4F%2F3er7KkaWIGeEgPHk3TS%2BcSbLIFmPUrDdQGZ%2BQi8zUT6%2FnYoB72QMqcPPRjgWSjcMjid%2B%2B93jF%2BCJv0YrkCIJ4AfPG81MS0S%2FNQJ53RjQIDXhzfCeQBa9jpvUC7uPI49%2FCYZ7M%2FB22n8JZpLL1"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72ea79eebbba9000-FRA expires Wed, 12 Jul 2023 07:31:22 GMT
GET H3	200	foundation.min.js Show response cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/js/	145 KB 27 KB	26ms 26ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/foundation/6.4.3/js/foundation.min.js Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9916250aee441bea2e0f4ed6c4b17cbf8640658080e96ae67485f29f506ff559 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://my-heiq-shopmyshop.referralcandy.com/ Origin https://my-heiq-shopmyshop.referralcandy.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2506580 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27396 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:13 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e65-2454f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKU9KI66nhUmO5PdLA9hWlt%2Bi2uSKmDrf3GmbGgn3w2vr0Tm4FyZG7zl126mjtTM8an1PG8JVJhkbjSpPW%2BZBRbXQMUlWLI1dlgdK35385bTmuzWQPwu6Jiuz5ZkhKY8Yu8FFgyzAouPsjP87kfC2V9q"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72ea79eeee7bbbc8-FRA expires Wed, 12 Jul 2023 07:31:22 GMT
GET H3	200	clipboard.min.js Show response cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.1/	10 KB 4 KB	20ms 20ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.6.1/clipboard.min.js Requested by Host: my-heiq-shopmyshop.referralcandy.com URL: https://my-heiq-shopmyshop.referralcandy.com/RN59DBB/settings Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://my-heiq-shopmyshop.referralcandy.com/ Origin https://my-heiq-shopmyshop.referralcandy.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2501603 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2974 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:13 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e29-2967" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmTjvtDL3gU1W9ktlh%2B6rnFHbZbdnA208UYu4mcXeq1rSYOFpgZfeoXRmsij2DypUGdmxeCKxXpLUdYm0UG2E0AD5f62ze3J2XsIT6rNgprlGJlPIC14t2HhS1537hgj46ADgL9GIe%2FXsvyHnu2e2UEN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72ea79ef1ecdbbc8-FRA expires Wed, 12 Jul 2023 07:31:22 GMT
GET H2	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	24ms 23ms	Stylesheet text/css	2606:4700:3033::6815:3f36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/a70183fe6e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers accept-language de-DE,de;q=0.9 Referer https://use.fontawesome.com/a70183fe6e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15380805 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 6GFEKMY757AZVMJR x-amz-id-2 a1rJqww5kk6lKRIdMoYuvo+3HD7E3szcwTrKVVU4ncyVGl1400tEbljwaRkXSznguGC14aUQGXY= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag W/"36082410df2ef7f83932219089dc1443" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6A8ciL25s10MayNPl78g%2Bwuvu3T5fOmclW7bRpJlLnXyu%2FHFBKKxW%2Fs2ObcLMmHm1GQ6VWmmC%2FbbFoVSNPCY%2FiXPX68yQ8AozEooBjLupWg%2F9NLujEgRHBjjBS1JIRSmSYYANTYRLPqTY1BzOsfMfqE"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 72ea79eeb9229174-FRA
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/	365 KB 145 KB	124ms 38ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://my-heiq-shopmyshop.referralcandy.com/ Origin https://my-heiq-shopmyshop.referralcandy.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:29:40 GMT content-encoding gzip x-content-type-options nosniff age 102 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147954 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Jul 2023 07:29:40 GMT
GET DATA	200 OK	truncated /	179 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.7.0/fonts/	75 KB 76 KB	24ms 16ms	Font application/font-woff2	2606:4700:3033::6815:3f36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/a70183fe6e.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://use.fontawesome.com/a70183fe6e.css Origin https://my-heiq-shopmyshop.referralcandy.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 57072 cf-ray 72ea79ef48a09268-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 x-amz-id-2 bs8VdYsOVDuJNRhEUyOSMVizOLy3BIzNEeDpDZtZLihKukCzWixvHxV3Eh0YBMA2oKHmbcys2ks= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9otnw7m34qhFEEstd0UiYi5nIo1lGH0MSfosOMZGOiXJnYQiMxiyssewPT9%2FZcElkoF0PuSnycrXRHRVPPK3xY4MabiKKeaHAY53AxOqGsjOaV2LSqJv4Q0ilzDkvQtOdn8uy2NnX39sYQpdwNYPXfUh"}],"group":"cf-nel","max_age":604800} x-amz-request-id 9CFANWRA5SAQFJ18 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes content-type application/font-woff2
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame AD45	42 KB 22 KB	136ms 55ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0d68f5016ea64b52d4884788f3a5a1bd6d32db92ad056c93e3c213db4dc37a84 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eK1Bq5nUwDisbMM2VGIwbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://my-heiq-shopmyshop.referralcandy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22191 content-security-policy script-src 'report-sample' 'nonce-eK1Bq5nUwDisbMM2VGIwbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 22 Jul 2022 07:31:22 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame AD45	51 KB 24 KB	112ms 38ms	Stylesheet text/css	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:12:35 GMT content-encoding gzip x-content-type-options nosniff age 1127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Jul 2023 07:12:35 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame AD45	365 KB 145 KB	130ms 56ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:29:40 GMT content-encoding gzip x-content-type-options nosniff age 102 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147954 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 22 Jul 2023 07:29:40 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame AD45	2 KB 2 KB	37ms 36ms	Image image/png	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 18:59:48 GMT x-content-type-options nosniff age 217894 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 26 Jul 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame AD45	15 KB 16 KB	141ms 39ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 11:18:05 GMT x-content-type-options nosniff age 245597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 19 Jul 2023 11:18:05 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame AD45	15 KB 15 KB	150ms 48ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 19 Jul 2022 18:59:48 GMT x-content-type-options nosniff age 217894 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 19 Jul 2023 18:59:48 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame AD45	102 B 134 B	48ms 47ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:31:22 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Fri, 22 Jul 2022 07:31:22 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame AD45	32 KB 18 KB	78ms 78ms	XHR application/json	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 58ee19658dab28722e705335862c18013e8e053e33c0d0b40dec3914b517cad7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf9bdoUAAAAADqyaSItvGY1SvJDbxghOcRpbleX&co=aHR0cHM6Ly9teS1oZWlxLXNob3BteXNob3AucmVmZXJyYWxjYW5keS5jb206NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=u5sk8ora8ib7 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-protobuffer Response headers date Fri, 22 Jul 2022 07:31:23 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18711 x-xss-protection 1; mode=block expires Fri, 22 Jul 2022 07:31:23 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| Foundation object| google_tag_data function| ga object| gaplugins object| recaptcha object| closure_lm_231784

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 09:00:27	Name: _GRECAPTCHA Value: 09AOWOVp0pLeg-obg2OrTlI_J6ESr_5llqUFf_YvEKGIBkem0zBEB1XDXhrHayuA0H0Wfz2qyVUG8d-O3H9UdlOyI
			my-heiq-shopmyshop.referralcandy.com/	1969-12-31 23:59:59	Name: _referral_corner_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJWFhNmI2Zjg5MjIxODAwMjNjNDM2ZGI1NGFhZDAwM2EyBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMU1UcFdZaHZ5VEsrbDROL0h6c01pclRxSTlUK0ZaZlhzZmQ4UldqMUtYU2c9BjsARg%3D%3D--6a2605a152e997d63780c51817609c51b15aade6
			.my-heiq-shopmyshop.referralcandy.com/	1970-01-20 13:26:51	Name: rfcr_fs Value: 41

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
client-assets.referralcandy.com
fonts.gstatic.com
my-heiq-shopmyshop.referralcandy.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.gstatic.com
13.224.189.13
2606:4700:3033::6815:3f36
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:812::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
54.254.130.57
0d68f5016ea64b52d4884788f3a5a1bd6d32db92ad056c93e3c213db4dc37a84
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1928a8f2a6a66976a933c16af4961d18d4ef93f760b3e70c2e03de7af398131d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c2a4c691e4cf8c903e64c13e4040a4d86169ce6d16250df72557ff093649074
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4922081f4858c29568f4990baa87f2b64076df30be35f308101613b82a7608c2
58ee19658dab28722e705335862c18013e8e053e33c0d0b40dec3914b517cad7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4
64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91
7c73f155130f82306b18dd6a417effb110bb065ead22f6a966421994b6ffef8e
847e29e6f7702972e9cea1c64d13bdc0f8d4f7045b18fd54276a8f4949501c04
9916250aee441bea2e0f4ed6c4b17cbf8640658080e96ae67485f29f506ff559
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48