urlscan.io logo urlscan.io
SecurityTrails logo

truecaremasks.com Open in urlscan Pro
45.55.121.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.76oilerfactoryshippest02.xyz/encompassed-tattooed/ada6gMQ2395WG8z611n97acy_ddeI29kHbHbIvEiDvbDGs4vxfs4xhssgEFI7KQI9Qe97GnI10B...
Effective URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Submission: On March 01 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 13 domains to perform 31 HTTP transactions. The main IP is 45.55.121.131, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is truecaremasks.com.
TLS certificate: Issued by R3 on February 23rd 2022. Valid for: 3 months.
This is the only time truecaremasks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.50.146 13335 (CLOUDFLAR...)
1 3 34.102.156.27 15169 (GOOGLE)
1 45.55.121.131 14061 (DIGITALOC...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 69.16.175.10 20446 (HIGHWINDS3)
15 104.26.1.43 13335 (CLOUDFLAR...)
2 172.67.217.220 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
31 11
1    104.21.50.146 (None, )

ASN13335 (CLOUDFLARENET, US)
www.76oilerfactoryshippest02.xyz
3    34.102.156.27 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 27.156.102.34.bc.googleusercontent.com
www.elanstudionola.com
www.tb42trk.com
1    45.55.121.131 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
truecaremasks.com
3    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
15    104.26.1.43 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.productlistgenie.com
2    172.67.217.220 (United States)

ASN13335 (CLOUDFLARENET, US)
stats.productlistgenie.io
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 productlistgenie.com
cdn.productlistgenie.com
1 MB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 802
61 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 productlistgenie.io
stats.productlistgenie.io
14 KB
2 tb42trk.com
www.tb42trk.com
19 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
348 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 546
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
11 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
64 KB
1 truecaremasks.com
truecaremasks.com
18 KB
1 elanstudionola.com
www.elanstudionola.com
408 B
1 76oilerfactoryshippest02.xyz
www.76oilerfactoryshippest02.xyz
716 B
31 13
Domain Requested by
15 cdn.productlistgenie.com truecaremasks.com
3 unpkg.com truecaremasks.com
2 fonts.gstatic.com fonts.googleapis.com
2 stats.productlistgenie.io truecaremasks.com
stats.productlistgenie.io
2 www.tb42trk.com truecaremasks.com
www.tb42trk.com
2 fonts.googleapis.com truecaremasks.com
1 www.google-analytics.com www.googletagmanager.com
1 code.jquery.com truecaremasks.com
1 cdnjs.cloudflare.com truecaremasks.com
1 www.googletagmanager.com truecaremasks.com
1 truecaremasks.com
1 www.elanstudionola.com 1 redirects
1 www.76oilerfactoryshippest02.xyz 1 redirects
31 13

This site contains no links.

Subject Issuer Validity Valid
truecaremasks.com
R3		 2022-02-23 -
2022-05-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tb42trk.com
Starfield Secure Certificate Authority - G2		 2022-02-15 -
2022-06-09		 4 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Frame ID: 715FBA69B0E0573CBF97BDCFD9335DDD
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Truecare Masks

Page URL History Show full URLs

  1. http://www.76oilerfactoryshippest02.xyz/encompassed-tattooed/ada6gMQ2395WG8z611n97acy_ddeI29kHbHbIvEiDvbDGs4vxfs4xhs... HTTP 302
    https://www.elanstudionola.com/49R9R2/8GND4N/ HTTP 302
    https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

13
Subdomains

11
IPs

3
Countries

1814 kB
Transfer

2364 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.76oilerfactoryshippest02.xyz/encompassed-tattooed/ada6gMQ2395WG8z611n97acy_ddeI29kHbHbIvEiDvbDGs4vxfs4xhssgEFI7KQI9Qe97GnI10BM5GjsMv HTTP 302
    https://www.elanstudionola.com/49R9R2/8GND4N/ HTTP 302
    https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
truecaremasks.com/
Redirect Chain
  • http://www.76oilerfactoryshippest02.xyz/encompassed-tattooed/ada6gMQ2395WG8z611n97acy_ddeI29kHbHbIvEiDvbDGs4vxfs4xhssgEFI7KQI9Qe97GnI10BM5GjsMv
  • https://www.elanstudionola.com/49R9R2/8GND4N/
  • https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
118 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.121.131 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
d3a8456b7c690807a8b4b49cd5dfeb53e5f8cf626aacd8a71f8324f5fe9515ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 01 Mar 2022 07:55:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
Express
access-control-allow-origin
*
etag
W/"1d78a-T/ZHVQmK/tIZAQBHxTAYCF/Gu5w"
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 01 Mar 2022 07:55:16 GMT
content-type
text/html; charset=utf-8
content-length
136
location
https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
vary
Origin
x-eflow-request-id
88e46114-9104-41a5-a4e1-9fafa88a41c8
via
1.1 google
alt-svc
clear
libphonenumber-max.js
unpkg.com/libphonenumber-js@1.7.30/bundle/ 		193 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/libphonenumber-js@1.7.30/bundle/libphonenumber-max.js
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35e0da2259324aa245a1259a3d4dae1853eaeb3d63aceb93a97e5000261deb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
108186
fly-request-id
01FWZ0E9CBRF1BNPRTVNDAMXV6-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3058d-yRrLdFhKJ3Ne06wdL1yftogD2vk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e505459185d0211-ZRH
css
fonts.googleapis.com/ 		3 KB
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 06:25:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Mar 2022 07:55:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Mar 2022 07:55:17 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZDPLYD5YHY
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b49d8e527cbb4734d30611642a2cdb1207b29e98627d5de6bf81fd968fe9245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65341
x-xss-protection
0
expires
Tue, 01 Mar 2022 07:55:18 GMT
everflow.js
www.tb42trk.com/scripts/sdk/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tb42trk.com/scripts/sdk/everflow.js
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.156.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
27.156.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc2435f6eed67aeeeee3f1d9e667cc1568422a743df496fb746d0c2354b9bd69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
text/javascript
content-encoding
gzip
cache-control
max-age=14400
x-eflow-request-id
2df87c60-d140-499a-98a3-6c9baa1a7081
alt-svc
clear
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5357b007302b22cb32ef200c5d4290006816dbb1d3520dd93c87a082cb501402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 06:46:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 01 Mar 2022 07:55:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Mar 2022 07:55:17 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://truecaremasks.com/
Origin
https://truecaremasks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7639046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10391
timing-allow-origin
*
last-modified
Wed, 15 Jul 2020 18:15:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f0f47d3-e637"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2rSM39u3pYE6TINPzaILnUyrofaEKv2JbaKOquJTjF%2FZyfJMQOLmPHeKG6rENxogs2PF03FafXzI3O%2B2q7zN6QIDFKe0bTCJnHF5qGI9Tdi8LKJbs3iYfuIcYxa56rhGyUDpe9ScWARifZpJwlEkdHD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5054592a4a2373-ZRH
expires
Sun, 19 Feb 2023 07:55:17 GMT
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
26988069
fly-request-id
01F3XXS94VJP6KGT96TWFGGN5S
content-encoding
br
vary
Accept-Encoding
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e50545918590211-ZRH
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
26625267
fly-request-id
01F48QS4FTRA1QG27FG082BXHT
content-encoding
br
vary
Accept-Encoding
last-modified
Thu, 17 May 2018 22:11:13 GMT
server
cloudflare
etag
W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e505459185c0211-ZRH
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://truecaremasks.com/
Origin
https://truecaremasks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:17 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1646121317.dop149.fr8.t,1646121317.cds288.fr8.hn,1646121317.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
1630599721811logo---home.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630599721811logo---home.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
791881106fc11ae528ff472a0405df9aab04193974f5eaf5c99dfdf14d8a9157
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1yFbEFE9kdN0UzuPW34vW3nSJlnR5%2F8aYnZDNssukuNOTHn5414iyI%2FLPkuq6VobXeUv1q9GeQ688W3MWJJnSdnku2cIUl%2FARMW%2BFFMJpmlpXwh66XIoOAfXD6tRiL9XMgaCrVzfUKPLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cddd6945-FRA
1630599900390product_hero.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630599900390product_hero.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d5ab7ac43563274cd7f72171a4617b82e225e9a04d4932ed4aada5abad231feb
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxEk9E7GOXRVMycsF%2B2r6YjpEsac8QIzYInZ0PiX2NNsPDBHdgnU6s%2BS7ieFGpoCEADoA1npIoMBnPR3S55fnTftepq4WH%2BGlRMDla%2Fkl4Aizvr3RImNoqbiYkcaEJa7t4iCEQ8CHBOh2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cddf6945-FRA
1630602136468product_hero.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630602136468product_hero.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d5ab7ac43563274cd7f72171a4617b82e225e9a04d4932ed4aada5abad231feb
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXMt231bK082jHjRyAB1VMVlrEiJadmnEjTMzwVN44fJd0uiX1niuEejwbAXsFktmS7JicFXTvxMlxqczaMCnkuJj4XhEbkduYlhMz36JeTMt37gzcTjw5KSsYeiqQMnVt%2F557G3fvCKqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461ddf66945-FRA
1630600745127icon_1.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		890 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630600745127icon_1.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f1f6d3e370af6fecdebe6a8637ece130642fc7ae78a1b2e962a0b6dda60b64c4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuU3fQhTqBRo2DkUnEMmq7cnJ4FRXTCfEv4Zl%2FpMs7gUBSTqXll4duYRvLh9FW%2FFTIzsLqmGwxx56uQkKjh%2ByuIIhTQlJjYIBH9gBIgOp1PmpPQX6oVQQPDRyquV%2BQpfVrwVq3W%2BsdnaAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cde26945-FRA
1630600752414icon_2.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630600752414icon_2.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2710f5840d8ef839dc7358182beb734ba41b10a27c511155a281452e842ca5c6
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJuRl3v%2B9NS4dnL5WtYINOnTUmlOebcB%2Bq1Kv2pfRY46kE%2FE22No8HXcuv5E1iO6skrvO3CWF0JPyQDk14a1BJgzci4TbPKPYeAOMq3StUxsVwAVXdLozx0UxMdwaobVOSzb%2Foa28lqDAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cde56945-FRA
1630600758493icon_3.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630600758493icon_3.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bb69854606611a3f232d628f42b1ec6f25ed63ccf069dd4a5c3cdc1764c0e0db
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C81GrArrChL%2Fyq6VkOvNM%2BFlp%2Ba2FoyvaXLB9Bb3F%2F%2FVaXmVnzsni2FN%2BeqiBQd5cEf3ZeVyWaUTcZx4uCWi6QWy6P6fvqXVbAoDme5cni97ICbmXv0zbY1PdyPwO%2FooTorm%2Fq4CtAJdCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cde36945-FRA
1630600765176icon_4.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630600765176icon_4.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9ffe7c772259393c4eba7a2c81d42f14476f420beac7ba65f4418da7a1b357e3
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFiPQYEDIAMasr6WFFHJ1BffGg9zZVAAR6QDC6dH585u7myemhC1QLAe9IUCVvuncVpl0fly72EOau%2Fa%2Bn%2F%2FBScYj8bLLDh%2BNHDcIhplDhFaYdetekynmDIlCRvL3i8jHAuBO%2FPbOO7mwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cde96945-FRA
1630600927686hero-product-gradient.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630600927686hero-product-gradient.jpg
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3edb7a5328b2146905d94e0f8ff70180951ad34567896f6f81e0d25e7827bfa9
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDUR1oY3v6jDc0wfp1MYoH%2FqxI9yTFpU9CiWr311MebN%2BxEEANwynmScq4%2F9A1pCiUsVn5QzvxhY9jcIMyqWiHnrMEvDgnte6CaSykfA1OaLMeIug5eU3G%2BjSrAaza0zRg6gWl7nUNNN7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cde76945-FRA
cf-bgj
h2pri
1630601605297icon_shopping.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630601605297icon_shopping.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3dcdd6af9e6a12a6c005a998e693baba0c083a1e9aa3f385f83368e5a8d5dc75
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yhs7jJm33qTMfGX1PxHqQvEO2ij9xMRT4iu7YWptrDTK%2F76JgvAIoh0n%2F5XLW%2Bgbn0FYuKNFTlM1NjU3I2vo9IXsHFc%2FuUtnRAkF1UvDyizgAyQwaEIN4mq3yTcQYXrQTdZe5fJdhDKnZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e5054627f166945-FRA
1630601591466icon_school.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630601591466icon_school.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
21ce410840a4b17de904af7570c9b95c2669617ba2aada0abbd8c08f1f7c570c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgnCcyg7OxhCf6CL%2Fu1Q1BipAAuzZA3fj5CFeb31n%2FfPWKBK%2BMGjAksDRYM0dpeGnBRa%2Bu0ogiZtgU0VqzXwzpy4hzYGEFWPFCmo0dWQ%2BsPx7DyXaBBjPvevpVGpUq0DKqTvZ8LeztqXvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e5054627f186945-FRA
1630601574360icon_high-density.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		965 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630601574360icon_high-density.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3a218b7cb2d591c32b76235edefd91fa92d817132b9084b409197d3f2f86623e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYskez35DdJwya2Hrohn7heLJTAicusI0bUhJPoddeIChvtQxIv2qnw4jv4UmdJCIpJK8GZAbPRU9wfgfos4pBhystLpUcOElh04bPcMczBl9%2BT8MsP%2BrkHCEh1eymh0Ch5cpI4ToaLbEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e5054627f196945-FRA
1630601619137product-_lower.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630601619137product-_lower.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
878af11ab318e7bcabc60b8822ed5c9fae8c7bbc949169c7ada7b64c5bfddbd1
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDpW9WSy63rPqiUVNeEIogaf4ENOwHm6yWFe8QugDZbUL%2BZX0wvNuX70e5k79%2BtpJ87edxraVDEu2Va9FhemcHuMyMD%2FZq4HfHYQK0cHPVdClsveSnPDZp0m4dSMfOQD0paB3LuiwG%2BQDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e5054627f1c6945-FRA
1630601858679logo-footer-thankyou.png
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630601858679logo-footer-thankyou.png
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bfef5d3a8bafdbf5b52236751ea7cec1f978c59d87e4594193e8d89db5dd553a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39lr3lhItk%2BlFuhR5yZcBBhlB7aw1R%2FkolVECZsQzP7OZHB7RZ%2BSGKtRKwqsOTasfTJ6pvQ%2FZSyEyI94MDWa%2Big3EC0hmAscjXeG1qggf5jv1TiXXXHiSVmjO4EBd5DLjATL6lRDfEH%2F8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e5054627f1d6945-FRA
plg.min.js
stats.productlistgenie.io/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.productlistgenie.io/plg.min.js?123
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.217.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d66946970c026c563550bcba8b8c863b1b8d4b1068aa870d3b407900434adfe0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 06 Nov 2021 19:36:46 GMT
server
cloudflare
etag
W/"8efb-17cf6c0dc60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lxHRBnEhGAct0UGDWogU9PDbJHnpT4dQMEo%2BPexZt8K8pomnKkW8l3WKnPw%2B8MyJnVyaRUJwuKPYw2%2FZy64iumP9Kxp0YFGDtMqLjBNlcjvv1IZR%2FA8K4QR3p4t%2BRn0jeTyN5kEzy7WpWk%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6e50545e4e091636-WAW
collect
www.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDPLYD5YHY&gtm=2oe2s0&_p=291223839&_z=ccd.B&cid=2097525278.1646121318&ul=en-us&sr=1600x1200&_s=1&sid=1646121318&sct=1&seg=0&dl=https%3A%2F%2Ftruecaremasks.com%2F%3F__ef_tid%3D861ed3f43bef44c8b1bd41fb86c336d5%26oid%3D151%26affid%3D73%26sub1%3D%26sub2%3D&dt=Truecare%20Masks&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDPLYD5YHY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Mar 2022 07:55:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://truecaremasks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1630599863063hero-bg.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		607 KB
608 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630599863063hero-bg.jpg
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
17d2f1ea2e9d5913405fcd5ad3642e191d934a3170e2eca0321bc4f77565b8df
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUh7i2a69%2Fb4u24a6FFJOAcPNX8OBMy41QwoEBQk1H99FWk7pEJyLUj2d43Ce6dHaTmMZ3OwqMKFDBN7aSafHd5Mt3TbyI2vmwTjQg5DtcuuHjFrcAwGzffQ182m0b5a7lZZHCDCIW78%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e505461cdd86945-FRA
cf-bgj
h2pri
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://truecaremasks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 09:58:52 GMT
x-content-type-options
nosniff
age
338186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 25 Feb 2023 09:58:52 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://truecaremasks.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 11:55:47 GMT
x-content-type-options
nosniff
age
590371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 11:55:47 GMT
1630601208074blue-bg.jpg
cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/ 		426 KB
426 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productlistgenie.com/images/NWMyZTMwYjZlNzIxNjc3NThjNjllNzI0/1630601208074blue-bg.jpg
Requested by
Host: truecaremasks.com
URL: https://truecaremasks.com/?__ef_tid=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&sub1=&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3a50590b1f9f21b6360a78873f04345133fd0d82daba27cea77678450770868f
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Mar 2022 06:37:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6o4R6OJkODK3GUZACJFiLeqgYysbyJxmOAAKCKisyMy0i275lr91Pq%2BqqJ5J8tLlK5zUwwBU8vTzYhL1GHr%2FxhVJ0p%2Ffnk0by2v6cvFx6pl%2FtMEPf%2B%2Fje%2Fwk%2BwiL%2FRjXzTUdQyfhgQ1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
cf-ray
6e5054627f1f6945-FRA
cf-bgj
h2pri
click
www.tb42trk.com/sdk/ 		87 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.tb42trk.com/sdk/click?effp=ecd13449875b0e6db4db61556004937e&_ef_transaction_id=861ed3f43bef44c8b1bd41fb86c336d5&oid=151&affid=73&__cc=&async=json&sub1=&sub2=
Requested by
Host: www.tb42trk.com
URL: https://www.tb42trk.com/scripts/sdk/everflow.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.156.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
27.156.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2815a180471ed445bef9f93af0bdcdf86929986e0c9db72d4e02e702a1a38ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:18 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://truecaremasks.com
access-control-allow-credentials
true
x-eflow-request-id
52e5af8d-a246-49b9-9d25-d5f5fb88d82c
alt-svc
clear
content-length
87
eyJndHlwZSI6InBhZ2VkYXRhIiwicGF5bG9hZCI6eyJiZWhhdmlvclBhZ2VJRCI6ImY4ZjA3M2Y3ZTJhNTQxOWQ0OGJlNWQ0MmFmZTVmYjE0NjEzMGU4OGE2MzlhNGIzY2UwMWFjMTMxIiwicGFnZVR5cGUiOiJjaGVja291dCIsInNlc3Npb25JRCI6ImY4ZjA3M...
stats.productlistgenie.io/data/ 		2 B
579 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats.productlistgenie.io/data/eyJndHlwZSI6InBhZ2VkYXRhIiwicGF5bG9hZCI6eyJiZWhhdmlvclBhZ2VJRCI6ImY4ZjA3M2Y3ZTJhNTQxOWQ0OGJlNWQ0MmFmZTVmYjE0NjEzMGU4OGE2MzlhNGIzY2UwMWFjMTMxIiwicGFnZVR5cGUiOiJjaGVja291dCIsInNlc3Npb25JRCI6ImY4ZjA3M2Y3ZTJhNTQxOWQ0OGJlNWQ0MmFmZTVmYjE0IiwiY3JlYXRvcklEIjoiVTJGc2RHVmtYMS9Od05FSE81bUVwS3VrY3lmVlNiQmdOU21vdEhjd0dacU1HdUIyMzMzeFhGbEZKbmZ3dDFnTSIsInBhZ2VJRCI6IjYxMzBlODhhNjM5YTRiM2NlMDFhYzEzMSIsImZ1bm5lbElEIjoiNjEzMGU4OGE2MzlhNGIzY2UwMWFjMTI4IiwiZnVubmVsTmFtZSI6InRydWVjYXJlLW1hc2tzIiwiZGV2aWNlIjoiZGVza3RvcCIsInBhZ2VVUkwiOiJodHRwczovL3RydWVjYXJlbWFza3MuY29tLyJ9fQ==
Requested by
Host: stats.productlistgenie.io
URL: https://stats.productlistgenie.io/plg.min.js?123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.217.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://truecaremasks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 07:55:20 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3nzxEEO7SnPzF0myLIqjWVlt4FY1Z9hBnYdhqbF47zYO5QK4FSf2t6oQNJzTx2Th6DhQY4Um232dkhz4%2BiC5J0cP8BBzXZ0wyH%2Ffdkc36fHCFmd2fcqTtSZkiRT0uc7sOc83b%2Fd4ZXYOgHW"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
6e50546c0c8f5012-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone string| sourcePR function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| EF object| AOS function| $ function| jQuery boolean| isShowed function| addAbandonmentEvent boolean| isMobile undefined| header undefined| sticky undefined| stickyFunction object| modalContainer object| closeButton string| sessionID object| urlParams function| PLGSession function| send undefined| isScrolledIntoViews object| libphonenumber function| onYouTubeIframeAPIReady

11 Cookies

Domain/Path Name / Value
www.elanstudionola.com/ Name: uniqueClick_8GND4N
Value: ad948de2-85ef-4ba6-92d7-55d6bce7bcbf:1646121316
www.elanstudionola.com/ Name: transaction_id
Value: 861ed3f43bef44c8b1bd41fb86c336d5
truecaremasks.com/ Name: loc_iso2
Value: SE
truecaremasks.com/ Name: loc_iso3
Value: SWE
truecaremasks.com/ Name: client
Value: 217.64.151.5
.truecaremasks.com/ Name: _ga_ZDPLYD5YHY
Value: GS1.1.1646121318.1.0.1646121318.0
.truecaremasks.com/ Name: _ga
Value: GA1.1.2097525278.1646121318
www.tb42trk.com/ Name: uniqueClick
Value: b6652748-ad52-4484-b44c-c2ea7fa52327:1646121318
www.tb42trk.com/ Name: transaction_id
Value: 861ed3f43bef44c8b1bd41fb86c336d5
truecaremasks.com/ Name: ef_tid_c_o_151
Value: 861ed3f43bef44c8b1bd41fb86c336d5
truecaremasks.com/ Name: ef_tid_c_a_2
Value: 861ed3f43bef44c8b1bd41fb86c336d5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.productlistgenie.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
stats.productlistgenie.io
truecaremasks.com
unpkg.com
www.76oilerfactoryshippest02.xyz
www.elanstudionola.com
www.google-analytics.com
www.googletagmanager.com
www.tb42trk.com
104.21.50.146
104.26.1.43
172.67.217.220
2606:4700::6810:135e
2606:4700::6810:7eaf
2a00:1450:4001:803::200e
2a00:1450:4001:808::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
34.102.156.27
45.55.121.131
69.16.175.10
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17d2f1ea2e9d5913405fcd5ad3642e191d934a3170e2eca0321bc4f77565b8df
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
21ce410840a4b17de904af7570c9b95c2669617ba2aada0abbd8c08f1f7c570c
2710f5840d8ef839dc7358182beb734ba41b10a27c511155a281452e842ca5c6
2815a180471ed445bef9f93af0bdcdf86929986e0c9db72d4e02e702a1a38ae6
3a218b7cb2d591c32b76235edefd91fa92d817132b9084b409197d3f2f86623e
3a50590b1f9f21b6360a78873f04345133fd0d82daba27cea77678450770868f
3dcdd6af9e6a12a6c005a998e693baba0c083a1e9aa3f385f83368e5a8d5dc75
3edb7a5328b2146905d94e0f8ff70180951ad34567896f6f81e0d25e7827bfa9
4c0088d08089d4ecfd95333d9db3b56ac6a3b9af2374e083680b39391f7a75ca
5357b007302b22cb32ef200c5d4290006816dbb1d3520dd93c87a082cb501402
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
791881106fc11ae528ff472a0405df9aab04193974f5eaf5c99dfdf14d8a9157
7b49d8e527cbb4734d30611642a2cdb1207b29e98627d5de6bf81fd968fe9245
878af11ab318e7bcabc60b8822ed5c9fae8c7bbc949169c7ada7b64c5bfddbd1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9ffe7c772259393c4eba7a2c81d42f14476f420beac7ba65f4418da7a1b357e3
b35e0da2259324aa245a1259a3d4dae1853eaeb3d63aceb93a97e5000261deb8
bb69854606611a3f232d628f42b1ec6f25ed63ccf069dd4a5c3cdc1764c0e0db
bfef5d3a8bafdbf5b52236751ea7cec1f978c59d87e4594193e8d89db5dd553a
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cc2435f6eed67aeeeee3f1d9e667cc1568422a743df496fb746d0c2354b9bd69
d3a8456b7c690807a8b4b49cd5dfeb53e5f8cf626aacd8a71f8324f5fe9515ac
d5ab7ac43563274cd7f72171a4617b82e225e9a04d4932ed4aada5abad231feb
d66946970c026c563550bcba8b8c863b1b8d4b1068aa870d3b407900434adfe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1f6d3e370af6fecdebe6a8637ece130642fc7ae78a1b2e962a0b6dda60b64c4
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d