account-staging.auraloyalty.ca Open in urlscan Pro
2a03:b0c0:3:d0::d24:5001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://account-staging.auraloyalty.ca/
Submission: On October 09 via automatic, source certstream-suspicious (October 9th 2019, 7:10:43 pm UTC)

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 28 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d24:5001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is account-staging.auraloyalty.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 9th 2019. Valid for: 3 months.

This is the only time account-staging.auraloyalty.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d24:5001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.225.78.23 13.225.78.23	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:204... 2600:9000:2047:b200:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2600:9000:215... 2600:9000:2156:7c00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.183.232.254 35.183.232.254	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
28	14

4 2a03:b0c0:3:d0::d24:5001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

account-staging.auraloyalty.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.23 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.230 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net

8805777.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2047:b200:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:7c00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.183.232.254 (Montreal, Canada)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-183-232-254.ca-central-1.compute.amazonaws.com

wordpress.getstack.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	doubleclick.net 3 redirects 8805777.fls.doubleclick.net stats.g.doubleclick.net	842 B
5	branch.io cdn.branch.io api2.branch.io	23 KB
4	auraloyalty.ca account-staging.auraloyalty.ca	596 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	facebook.net connect.facebook.net	119 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	getstack.ca wordpress.getstack.ca	264 KB
2	facebook.com www.facebook.com	353 B
2	app.link app.link	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	781 B
1	googleapis.com fonts.googleapis.com	749 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	googletagmanager.com www.googletagmanager.com	25 KB
28	14

	Domain	Requested by
4	api2.branch.io	cdn.branch.io
4	8805777.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	account-staging.auraloyalty.ca	account-staging.auraloyalty.ca
3	www.google-analytics.com	1 redirects www.googletagmanager.com account-staging.auraloyalty.ca
3	connect.facebook.net	account-staging.auraloyalty.ca connect.facebook.net
2	fonts.gstatic.com
2	wordpress.getstack.ca	account-staging.auraloyalty.ca
2	www.facebook.com	account-staging.auraloyalty.ca
2	app.link	cdn.branch.io
2	s.amazon-adsystem.com	1 redirects account-staging.auraloyalty.ca
1	fonts.googleapis.com	account-staging.auraloyalty.ca
1	www.google.de	account-staging.auraloyalty.ca
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.branch.io	account-staging.auraloyalty.ca
1	www.googletagmanager.com	account-staging.auraloyalty.ca
28	16

This site contains no links.

Subject Issuer	Validity	Valid
account-staging.auraloyalty.ca Let's Encrypt Authority X3	`2019-10-09` - `2020-01-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2018-12-12` - `2019-12-12`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.getstack.ca Amazon	`2019-07-04` - `2020-08-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://account-staging.auraloyalty.ca/
Frame ID: B3729B1DBC6F949A9B22F8DA76E22920
Requests: 25 HTTP requests in this frame

Frame: https://8805777.fls.doubleclick.net/activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F
Frame ID: 019E42884E46373745062A61A1172235
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000201%3Bp%3D71388CEB-EF5E-E89A-6DEF-45DF099FFC2B&cb=480350990347489600&dcc=t
Frame ID: AA6C1E2F47CA48A6C9F307183605CA90
Requests: 1 HTTP requests in this frame

Frame: https://8805777.fls.doubleclick.net/activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F
Frame ID: A82CBDF80251693A79397662C85E3BD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Netlify/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

14
Domains

16
Subdomains

14
IPs

5
Countries

1078 kB
Transfer

3276 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://8805777.fls.doubleclick.net/activityi;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F HTTP 302
https://8805777.fls.doubleclick.net/activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F

Request Chain 6

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000201%3Bp%3D71388CEB-EF5E-E89A-6DEF-45DF099FFC2B&cb=480350990347489600 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000201%3Bp%3D71388CEB-EF5E-E89A-6DEF-45DF099FFC2B&cb=480350990347489600&dcc=t

Request Chain 7

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=556963331&t=pageview&_s=1&dl=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F&ul=en-us&de=UTF-8&dt=Aura%20Secure%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=947804043&gjid=986892871&cid=2092665522.1570648223&tid=UA-119036206-3&_gid=1549053234.1570648223&_r=1&gtm=2wga20W7K74LQ&z=528867633 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_gid=1549053234.1570648223&gjid=986892871&_v=j79&z=528867633 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_v=j79&z=528867633 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_v=j79&z=528867633&slf_rd=1&random=193308979

Request Chain 16

https://8805777.fls.doubleclick.net/activityi;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F HTTP 302
https://8805777.fls.doubleclick.net/activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
account-staging.auraloyalty.ca/ 3 KB
2 KB 229ms
158ms Document
text/html 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

c41fac4245c5f5c7a644b95ef9a8ca6851befe9527999a9bfa9cb80ad043e9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: account-staging.auraloyalty.ca
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Wed, 09 Oct 2019 19:10:22 GMT
etag: "cd99a715b1c49173256a6a21dfca73d1-ssl-df"
strict-transport-security: max-age=31536000
content-encoding: gzip
age: 0
server: Netlify
vary: Accept-Encoding
x-nf-request-id: 9aa82d7b-cd82-468a-8cd1-137c9bc6e99f-839988

GET
H2 200 app.js Show response
account-staging.auraloyalty.ca/assets/ 2 MB
573 KB 266ms
265ms Script
application/javascript 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://account-staging.auraloyalty.ca/assets/app.js

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

c4b475d8d4a1ce91eed50279def940f0115a3fa776c1cbc0a8d8c3ebf8231af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: 9aa82d7b-cd82-468a-8cd1-137c9bc6e99f-840144
date: Wed, 09 Oct 2019 19:10:22 GMT
content-encoding: gzip
server: Netlify
age: 2
etag: "4c58a7ba5db140d2e57675614e127594-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
25 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7K74LQ

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d60ca85cc2a42bc8431f12e2470c232f6e7cf8f9c737e83efbb31a916d00e29

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 19:10:22 GMT
content-encoding: br
last-modified: Wed, 09 Oct 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25272
x-xss-protection: 0
expires: Wed, 09 Oct 2019 19:10:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
31 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31625
x-xss-protection: 0
pragma: public
x-fb-debug: ZFxuMDoH9j25QW3NOjPwEW6QWgOZU0QBLgdWbKWfpYGF8S3B3nUSGwZgoT5dMbRfhCACHaR268Q95vDO8kCzBg==
x-fb-trip-id: 344046301
x-frame-options: DENY
date: Wed, 09 Oct 2019 19:10:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 23ms
6ms Script
text/javascript 13.225.78.23
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.23 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a7f6085f7574b224a950a25344ed986dbf084b17edcbd242c49b83ec919a35f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: uPhjiqDbOoA_pLf62CesKJEVgSwpyWgu
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:39:04 GMT
Server: AmazonS3
Age: 42
ETag: "161e0ab9281d23aa5a07943fab4f1b5f"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Wed, 09 Oct 2019 19:09:42 GMT
X-Amz-Cf-Pop: FRA2-C2
Content-Length: 21834
X-Amz-Cf-Id: L0CM4LQXw82_dvmKch5-HCxHEyQT70su5ypkrR-fwjZCK8dqjkfKtA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7K74LQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3616
date: Wed, 09 Oct 2019 18:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 09 Oct 2019 20:10:06 GMT

GET
H2

200

activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%...
8805777.fls.doubleclick.net/ Frame 019E
Redirect Chain

https://8805777.fls.doubleclick.net/activityi;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2...
https://8805777.fls.doubleclick.net/activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Fac...

0
0

65ms
64ms

Document
text/html

172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://8805777.fls.doubleclick.net/activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7K74LQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8805777.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://account-staging.auraloyalty.ca/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://account-staging.auraloyalty.ca/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 09 Oct 2019 19:10:22 GMT
expires: Wed, 09 Oct 2019 19:10:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 362
x-xss-protection: 0
set-cookie: IDE=AHWqTUlcjLaWYDeiVnseAOOEpBz_W8uRDg2gukWRht66EPcnwAjT4D7FNeRlcmRz; expires=Mon, 02-Nov-2020 19:10:22 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 09 Oct 2019 19:10:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8805777.fls.doubleclick.net/activityi;dc_pre=CPSRlsvwj-UCFYS_dwodigQEEQ;src=8805777;type=getst0;cat=getst0;ord=1;num=4273785743764;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Oct-2019 19:25:22 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

Cookie set iu3
s.amazon-adsystem.com/ Frame AA6C
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000...

0
0

114ms
114ms

Document
text/html

72.21.206.140
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000201%3Bp%3D71388CEB-EF5E-E89A-6DEF-45DF099FFC2B&cb=480350990347489600&dcc=t
Requested by: Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://account-staging.auraloyalty.ca/
Accept-Encoding: gzip, deflate, br
Cookie: ad-id=A5d2l_nh1E34p0gjfci1TZc|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://account-staging.auraloyalty.ca/

Response headers

Server: Server
Date: Wed, 09 Oct 2019 19:10:23 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 345
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A5d2l_nh1E34p0gjfci1TZc; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 19:10:23 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 19:10:23 GMT; Path=/; HttpOnly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Wed, 09 Oct 2019 19:10:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D71388ceb-ef5e-e89a-6def-45df099ffc2b%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.getstack.ca/&ex-hargs=v%3D1.0%3Bc%3D6257700000201%3Bp%3D71388CEB-EF5E-E89A-6DEF-45DF099FFC2B&cb=480350990347489600&dcc=t
Set-Cookie: ad-id=A5d2l_nh1E34p0gjfci1TZc|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 19:10:23 GMT; Path=/; HttpOnly
Vary: User-Agent

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=556963331&t=pageview&_s=1&dl=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F&ul=en-us&de=UTF-8&dt=Aura%20Secure%20Account&sd=24-bit&sr=1600x1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_gid=1549053234.1570648223&gjid=986892871&_v=j79&z=528867633
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_v=j79&z=528867633
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_v=j79&z=528867633&slf_rd=1&random=193308979

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_v=j79&z=528867633&slf_rd=1&random=193308979

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 19:10:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Oct 2019 19:10:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-119036206-3&cid=2092665522.1570648223&jid=947804043&_v=j79&z=528867633&slf_rd=1&random=193308979
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1055927784571285 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 131ms
130ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1055927784571285?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bebad12008f3e01440754df6ff6b2bce51ff33d8c0b67369e9e9ea78ebc30a35

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id: 344046301
pragma: public
x-fb-debug: VZayhlkMjVnpqYnD39TPl8GUz5B4uXQtLuvlg87aWsRJggcGRCF91gwR0mIq/1vEJGdZFF+3YyWGIvnrjq1C4A==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Wed, 09 Oct 2019 19:10:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
730 B 321ms
304ms Script
text/javascript 2600:9000:2047:b200:19:9934:6a80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.52.0&branch_key=key_live_cpBwk2CCAUKE8GCd735sWbcjzBdd7c7a&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:b200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

5c2416bcaf9bfd640cd97276e140237bca551e9773261a4860b960a9c1f1d9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 19:10:23 GMT
Via: 1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA53
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-tXS1su53scI4YBe7OatkO8AnxMY"
X-Amz-Cf-Id: ctQyM4mBcqzAGl2-dic6nVSFAmOWP47MiWjB2uOM81AnmLfr242InQ==

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: Wz0h1d2iP7tQPyGCx51gwfc0JF1gL6X1Whg+zGhlWGm07Zb57mCvZMrzpLt1eF0Q+Xfbhc7RPQfskm5H+/WeHA==
x-fb-trip-id: 344046301
x-frame-options: DENY
date: Wed, 09 Oct 2019 19:10:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1055927784571285&ev=PageView&dl=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F&rl=&if=false&ts=1570648223125&sw=1600&sh=1200&v=2.9.4&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1570648223124.1705702151&it=1570648222962&coo=false&rqm=GET

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 19:10:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 09 Oct 2019 19:10:23 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 272 B
559 B 183ms
167ms XHR
application/json 2600:9000:2156:7c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 6014efa435a2a8bf7ee6f678708941fd95f3d7eceb2ba941be8d9108cb009bfb

Request headers

Sec-Fetch-Mode: cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Oct 2019 19:10:23 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 272
x-amz-cf-id: 6iqJHo0e00EHBuZx7Y_Zhr29CNlgIs-CSi4gzPmqmXsym1-WX1doIg==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
362 B 332ms
332ms XHR
application/json 2600:9000:2156:7c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Sec-Fetch-Mode: cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Oct 2019 19:10:23 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 29
x-amz-cf-id: QJ0K4VMWpeJa335TxNL39YCY8GDPg-K_s6wvuXLqIq05zC70RN1JRA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
103 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1055927784571285&ev=Microdata&dl=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F&rl=&if=false&ts=1570648223627&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Aura%20Secure%20Account%22%2C%22meta%3Adescription%22%3A%22Aura%20Secure%20Account%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Aura%20Secure%20Account%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Aura%20Secure%20Account%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1570648223124.1705702151&it=1570648222962&coo=false&es=automatic&rqm=GET

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 19:10:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 09 Oct 2019 19:10:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
749 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600|Quicksand:500&display=swap

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/assets/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4d89603f3903318070a90f1c7b1315346231c86ed561539e4a0f429326747a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 09 Oct 2019 19:10:27 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 09 Oct 2019 19:10:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 09 Oct 2019 19:10:27 GMT

GET
H2

200

activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%...
8805777.fls.doubleclick.net/ Frame A82C
Redirect Chain

https://8805777.fls.doubleclick.net/activityi;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2...
https://8805777.fls.doubleclick.net/activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Fac...

0
0

22ms
22ms

Document
text/html

172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://8805777.fls.doubleclick.net/activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7K74LQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8805777.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://account-staging.auraloyalty.ca/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlcjLaWYDeiVnseAOOEpBz_W8uRDg2gukWRht66EPcnwAjT4D7FNeRlcmRz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://account-staging.auraloyalty.ca/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 09 Oct 2019 19:10:27 GMT
expires: Wed, 09 Oct 2019 19:10:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 360
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 09 Oct 2019 19:10:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8805777.fls.doubleclick.net/activityi;dc_pre=CLirls3wj-UCFdWXdwodmiILgA;src=8805777;type=getst0;cat=getst0;ord=1;num=5361422913370;gtm=2wga20;auiddc=307592143.1570648223;u1=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F;u2=%2F;u3=undefined;u4=undefined;~oref=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 collect
www.google-analytics.com/ 35 B
104 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=556963331&t=pageview&_s=1&dl=https%3A%2F%2Faccount-staging.auraloyalty.ca%2F&ul=en-us&de=UTF-8&dt=Aura%20Secure%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=&gjid=&cid=2092665522.1570648223&tid=UA-119036206-3&_gid=1549053234.1570648223&gtm=2wga20W7K74LQ&z=219674928

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 13:06:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21820
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pages Show response
wordpress.getstack.ca//wp-json/wp/v2/ 259 KB
260 KB 562ms
327ms XHR
application/json 35.183.232.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://wordpress.getstack.ca//wp-json/wp/v2/pages?per_page=100

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/assets/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.183.232.254 Montreal, Canada, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-183-232-254.ca-central-1.compute.amazonaws.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

fce1282c4f48966c1a0462a64e2c6820375c32583e8b4e2a8f6c398e6a6ec9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Oct 2019 19:10:27 GMT
x-content-type-options: nosniff
status: 200
vary: Origin
access-control-allow-headers: Authorization, Content-Type
server: Apache/2.4.18 (Ubuntu)
x-wp-totalpages: 1
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://account-staging.auraloyalty.ca
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-wp-total: 40
access-control-allow-credentials: true
x-robots-tag: noindex
link: <https://wordpress.getstack.ca/wp-json/>; rel="https://api.w.org/"

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
730 B 321ms
321ms Script
text/javascript 2600:9000:2047:b200:19:9934:6a80:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.52.0&_t=710557026443643109&branch_key=key_live_cpBwk2CCAUKE8GCd735sWbcjzBdd7c7a&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:b200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

5c2416bcaf9bfd640cd97276e140237bca551e9773261a4860b960a9c1f1d9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 19:10:27 GMT
Via: 1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA53
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-tXS1su53scI4YBe7OatkO8AnxMY"
X-Amz-Cf-Id: sHDSbb0O9xqs6O47NyAl0UGGNB3i-AGlCU60wovKx1UM3z6wBIo1ZA==

GET
H2 200 key_live_cpBwk2CCAUKE8GCd735sWbcjzBdd7c7a Show response
api2.branch.io/v1/has-app/ 4 B
358 B 173ms
173ms XHR
application/json 2600:9000:2156:7c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/has-app/key_live_cpBwk2CCAUKE8GCd735sWbcjzBdd7c7a?browser_fingerprint_id=710557026443643109

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:7c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Oct 2019 19:10:27 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 4
etag: W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-amz-cf-id: nQ6L_8tQnZyPbgZibBAqtB40tXW7hIkjsm9h-8u8RobmgJDPed74lg==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
360 B 175ms
175ms XHR
application/json 2600:9000:2156:7c00:11:f728:3040:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Sec-Fetch-Mode: cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Oct 2019 19:10:27 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 29
x-amz-cf-id: eEutnJxgP27fkKTBb3oJtjgEJFOWW0k6aOBWntub571XrjC-arL3Hg==

GET
H2 200 options Show response
wordpress.getstack.ca//wp-json/acf/v3/options/ 3 KB
4 KB 222ms
222ms XHR
application/json 35.183.232.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://wordpress.getstack.ca//wp-json/acf/v3/options/options

Requested by

Host: account-staging.auraloyalty.ca
URL: https://account-staging.auraloyalty.ca/assets/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.183.232.254 Montreal, Canada, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-183-232-254.ca-central-1.compute.amazonaws.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

f6422eec16d87bf32db58940050f235bf8586af51efb225c5cd26ce33aa41ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Oct 2019 19:10:28 GMT
x-content-type-options: nosniff
server: Apache/2.4.18 (Ubuntu)
access-control-allow-headers: Authorization, Content-Type
status: 200
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://account-staging.auraloyalty.ca
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
access-control-allow-credentials: true
link: <https://wordpress.getstack.ca/wp-json/>; rel="https://api.w.org/"
x-robots-tag: noindex
allow: GET
content-length: 3570

GET
H2 200 27cf32fa6c583e8b85598a027a013dfd.gif
account-staging.auraloyalty.ca/assets/ 18 KB
18 KB 152ms
152ms Image
image/gif 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-staging.auraloyalty.ca/assets/27cf32fa6c583e8b85598a027a013dfd.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

4eaccdad82a4db2b28eded3dc99bcee393147a0f4c7f291d40a3403cd1091185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: 9aa82d7b-cd82-468a-8cd1-137c9bc6e99f-845165
date: Wed, 09 Oct 2019 19:10:28 GMT
server: Netlify
age: 0
etag: "12249a930068e29f946c6961343035e4-ssl"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 18797

GET
H2 200 1ee0157c5ef34ac17d15dbce57608f73.svg
account-staging.auraloyalty.ca/assets/ 7 KB
3 KB 442ms
442ms Image
image/svg+xml 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-staging.auraloyalty.ca/assets/1ee0157c5ef34ac17d15dbce57608f73.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

bedab019f88c644bd77bdf6a7404d1bbd943e987616f013e0d4dbbc2e549c523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://account-staging.auraloyalty.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: 9aa82d7b-cd82-468a-8cd1-137c9bc6e99f-845166
date: Wed, 09 Oct 2019 19:10:28 GMT
content-encoding: gzip
server: Netlify
age: 0
etag: "8508ef5a80c1a925d40a3c6b622d156e-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2714

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,600|Quicksand:500&display=swap
Origin: https://account-staging.auraloyalty.ca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 16:11:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 10767
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13464
x-xss-protection: 0
expires: Thu, 08 Oct 2020 16:11:01 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-xDwxUD2GFw.woff
fonts.gstatic.com/s/quicksand/v15/ 17 KB
17 KB 8ms
7ms Font
font/woff 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v15/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-xDwxUD2GFw.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5444570defcb4e1049cebeac9b22119bf679dc3107ffe701695a62e31885e510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,600|Quicksand:500&display=swap
Origin: https://account-staging.auraloyalty.ca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Sep 2019 23:37:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 22:27:34 GMT
server: sffe
age: 1107194
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17092
x-xss-protection: 0
expires: Fri, 25 Sep 2020 23:37:14 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 1055927784571285.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8805777.fls.doubleclick.net
account-staging.auraloyalty.ca
api2.branch.io
app.link
cdn.branch.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
s.amazon-adsystem.com
stats.g.doubleclick.net
wordpress.getstack.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.225.78.23
172.217.21.230
2600:9000:2047:b200:19:9934:6a80:93a1
2600:9000:2156:7c00:11:f728:3040:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c0a::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:b0c0:3:d0::d24:5001
35.183.232.254
72.21.206.140
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
4d89603f3903318070a90f1c7b1315346231c86ed561539e4a0f429326747a1e
4eaccdad82a4db2b28eded3dc99bcee393147a0f4c7f291d40a3403cd1091185
5444570defcb4e1049cebeac9b22119bf679dc3107ffe701695a62e31885e510
5c2416bcaf9bfd640cd97276e140237bca551e9773261a4860b960a9c1f1d9a6
6014efa435a2a8bf7ee6f678708941fd95f3d7eceb2ba941be8d9108cb009bfb
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21
8d60ca85cc2a42bc8431f12e2470c232f6e7cf8f9c737e83efbb31a916d00e29
9a7f6085f7574b224a950a25344ed986dbf084b17edcbd242c49b83ec919a35f
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bebad12008f3e01440754df6ff6b2bce51ff33d8c0b67369e9e9ea78ebc30a35
bedab019f88c644bd77bdf6a7404d1bbd943e987616f013e0d4dbbc2e549c523
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c41fac4245c5f5c7a644b95ef9a8ca6851befe9527999a9bfa9cb80ad043e9f2
c4b475d8d4a1ce91eed50279def940f0115a3fa776c1cbc0a8d8c3ebf8231af4
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6422eec16d87bf32db58940050f235bf8586af51efb225c5cd26ce33aa41ec3
fce1282c4f48966c1a0462a64e2c6820375c32583e8b4e2a8f6c398e6a6ec9e7

account-staging.auraloyalty.ca Open in urlscan Pro 2a03:b0c0:3:d0::d24:5001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

75 %IPv6

14 Domains

16 Subdomains

14 IPs

5 Countries

1078 kBTransfer

3276 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

account-staging.auraloyalty.ca Open in urlscan Pro
2a03:b0c0:3:d0::d24:5001 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

75 %
IPv6

14
Domains

16
Subdomains

14
IPs

5
Countries

1078 kB
Transfer

3276 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions