URL: https://plussnow.com/
Submission Tags: sansec.io magecart Search All
Submission: On August 12 via api from US — Scanned from NL

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 113 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is plussnow.com.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.
This is the only time plussnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 188.114.97.3 13335 (CLOUDFLAR...)
3 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.48.14.127 16625 (AKAMAI-AS)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
23 172.67.15.14 13335 (CLOUDFLAR...)
2 2a04:4e42:6f::84 54113 (FASTLY)
7 18.245.46.47 16509 (AMAZON-02)
5 172.67.22.83 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 95.100.65.46 16625 (AKAMAI-AS)
4 23.206.208.183 16625 (AKAMAI-AS)
4 172.217.18.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 157.240.0.6 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 216.58.206.78 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 34.96.122.219 396982 (GOOGLE-CL...)
113 26
Apex Domain
Subdomains
Transfer
27 plussnow.com
plussnow.com
2 MB
23 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 12323
va.tawk.to — Cisco Umbrella Rank: 12027
253 KB
11 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
104 KB
10 elfsight.com
static.elfsight.com — Cisco Umbrella Rank: 20466
core.service.elfsight.com — Cisco Umbrella Rank: 22428
service-reviews-ultimate.elfsight.com — Cisco Umbrella Rank: 24127
396 KB
7 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 26868
106 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
22 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
995 B
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1235
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
309 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
78 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
92 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1417
25 KB
1 mcusercontent.com
mcusercontent.com — Cisco Umbrella Rank: 13258
359 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
41 KB
1 gstatic.com
www.gstatic.com
212 KB
1 list-manage.com
mc.us15.list-manage.com — Cisco Umbrella Rank: 369698
9 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 9111
3 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 5561
65 KB
1 icons8.com
img.icons8.com — Cisco Umbrella Rank: 53568
800 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
113 21
Domain Requested by
27 plussnow.com plussnow.com
18 embed.tawk.to plussnow.com
embed.tawk.to
11 lh3.googleusercontent.com
7 downloads.mailchimp.com chimpstatic.com
downloads.mailchimp.com
5 va.tawk.to embed.tawk.to
5 static.elfsight.com plussnow.com
static.elfsight.com
4 service-reviews-ultimate.elfsight.com static.elfsight.com
4 www.google.com plussnow.com
www.gstatic.com
4 ct.pinterest.com s.pinimg.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com plussnow.com
www.googleoptimize.com
www.googletagmanager.com
3 connect.facebook.net plussnow.com
connect.facebook.net
3 maxcdn.bootstrapcdn.com plussnow.com
maxcdn.bootstrapcdn.com
2 www.facebook.com plussnow.com
2 s.pinimg.com plussnow.com
s.pinimg.com
1 mcusercontent.com
1 cdn.jsdelivr.net embed.tawk.to
1 www.gstatic.com www.google.com
1 mc.us15.list-manage.com downloads.mailchimp.com
1 region1.google-analytics.com www.googletagmanager.com
1 core.service.elfsight.com static.elfsight.com
1 chimpstatic.com plussnow.com
1 www.googleoptimize.com plussnow.com
1 img.icons8.com plussnow.com
1 fonts.googleapis.com plussnow.com
113 25
Subject Issuer Validity Valid
plussnow.com
WE1
2024-07-09 -
2024-10-07
3 months crt.sh
bootstrapcdn.com
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
1004834818.rsc.cdn77.org
E6
2024-06-23 -
2024-09-21
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1
2024-06-28 -
2025-06-28
a year crt.sh
static.elfsight.com
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
tawk.to
WE1
2024-07-24 -
2024-10-22
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-05 -
2025-08-07
a year crt.sh
downloads.mailchimp.com
Amazon RSA 2048 M03
2024-06-24 -
2025-07-22
a year crt.sh
elfsight.com
WE1
2024-08-07 -
2024-11-06
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-22 -
2024-08-20
3 months crt.sh
wildcardsan.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.googleusercontent.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
mcusercontent.com
WR3
2024-07-25 -
2024-10-23
3 months crt.sh

This page contains 10 frames:

Primary Page: https://plussnow.com/
Frame ID: 411EE18DCBF37F0BEA99A84E6FF59261
Requests: 98 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: CD6981A8CD7F2F80D3FDF861715179EF
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: ACA91E1C781D6E162C6F402E49C3EAD6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld3aecUAAAAANrM2EBkrmSVVLKQsiuMQnImMgYS&co=aHR0cHM6Ly9wbHVzc25vdy5jb206NDQz&hl=nl&v=_ZpyzC9NQw3gYt1GHTrnprhx&theme=dark&size=invisible&badge=bottomright&cb=jbcd8f9w9sv2
Frame ID: 151C6A451A76CB93751926C61E9C5ACE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld3aecUAAAAANrM2EBkrmSVVLKQsiuMQnImMgYS&co=aHR0cHM6Ly9wbHVzc25vdy5jb206NDQz&hl=nl&v=_ZpyzC9NQw3gYt1GHTrnprhx&theme=dark&size=invisible&badge=bottomright&cb=gjwurvla59z0
Frame ID: 86153762F29A0B10B45D204406341DDD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld3aecUAAAAANrM2EBkrmSVVLKQsiuMQnImMgYS&co=aHR0cHM6Ly9wbHVzc25vdy5jb206NDQz&hl=nl&v=_ZpyzC9NQw3gYt1GHTrnprhx&theme=dark&size=invisible&badge=bottomright&cb=t844waqtn3oc
Frame ID: A0DE657E8B9254EBBE3B570E3BEB9C12
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 91F198259BB855CB1B9ED3C3A58683AC
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66909c6d5c9/css/min-widget.css
Frame ID: 375F170B76B3FEC2FC70D99DEE1C0268
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66909c6d5c9/css/message-preview.css
Frame ID: 9AD0C3A9E4ADE400D114AE40CF718072
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66909c6d5c9/css/max-widget.css
Frame ID: 8329193EDB3E82789A3BB5341EFAD54A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

😍 Plus Size Snow & Ski Gear Online for Curvy Women and Men

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

113
Requests

100 %
HTTPS

52 %
IPv6

21
Domains

25
Subdomains

26
IPs

4
Countries

4011 kB
Transfer

10505 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

113 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
plussnow.com/
71 KB
16 KB
Document
General
Full URL
https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2587a2bd803bf581a5ef7a11f031b36461bb57ebacadec993494d2557b0fa0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-max-age
1000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store,public,public,proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b23b35d0cfd2c19-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 21:53:53 GMT
expires
Sat, 12 Aug 2023 21:53:52 GMT
fastly-page-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYJgEXQCisYH51OOX%2FQggoab1URBs9m61kY9LiiKHF2Cu4jymg5etgFyJz8XsECBPiB032Pj%2FCsFZe7kxexrmcowQmjkOoUzRRgKcVsuXUvAIoHqAzAUIWQZJe%2FzqX0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8632370
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7a1c9dbc32c16186eedda7c8c11c4540
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b23b3632d8c6910-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,700
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23416fbd762aa416465addcac4875528ee668b216ed107da83a5d4e49fd657ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 21:53:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Aug 2024 21:53:53 GMT
3f56cc438d3000710efcc488256d1535.min.css
plussnow.com/pub/static/version1720453747/_cache/merged/
1 MB
212 KB
Stylesheet
General
Full URL
https://plussnow.com/pub/static/version1720453747/_cache/merged/3f56cc438d3000710efcc488256d1535.min.css
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fdb1a7383e7ac933497c8b8d38e2c526f1f6be6dbcc4777458455629f0aea2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jul 2024 17:06:51 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FjVqkWQjzD%2Fvi5MbTbxt2mXD90roeZqk8NZhZP73XYKGzPl8Yx%2F7ZnIxpxnIsAeDWM9LP4ERh%2FVyheoDkReBV8vT2Eyv4TuGqOdc57C4q1IoQ%2FJLEugvnJMWduqxvN4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, proxy-revalidate
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36309f02c19-FRA
access-control-allow-headers
X-Requested-With
x-frame-options
SAMEORIGIN
expires
Tue, 12 Aug 2025 21:53:53 GMT
styles-l.min.css
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/css/
266 KB
43 KB
Stylesheet
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/css/styles-l.min.css
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62c25b3750adf917a7e51aecbc1f73c865b777ea0c2b822b90ee7d13305e1eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Jul 2024 15:51:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eztDktxnpdJFUdI3GUrNOroh58AbybjLUsGdepHtaRgz6n%2B30yHSiiBPnU0Poi%2FchAMZv1YKOnvQ6CPbGd9Uf7JuUOF8TwItxSOKWVtrZ74bdwGRM9RnI8T43mi%2BwbQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, proxy-revalidate
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36309f42c19-FRA
access-control-allow-headers
X-Requested-With
x-frame-options
SAMEORIGIN
expires
Tue, 12 Aug 2025 21:53:53 GMT
/
plussnow.com/theme_options/css/index/
200 B
1 KB
Stylesheet
General
Full URL
https://plussnow.com/theme_options/css/index/
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce317375c7eaabfa9279b249ebe220dfec4ecc781f97419f688192aaf70a0c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
158
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
fastly-page-cacheable
YES
cache-control
max-age=0, must-revalidate, no-cache, no-store,public,public,proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPc4Hhjupd7S%2FUk2zDr0T%2BsrsY4Bs4XTgamxXzbEUVqe3mRNtf7B7JnOSsjH5BWAyPYogCE%2Fa2ZvOTaQOT0oqqFU1zUTVZPjVKqJEVBXMZAung7Gh%2BuFvabB27dqmjs%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36309f52c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Sat, 12 Aug 2023 20:24:32 GMT
/
plussnow.com/newsletter_popup/css/index/
780 B
1 KB
Stylesheet
General
Full URL
https://plussnow.com/newsletter_popup/css/index/
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73003e9083e79d5ae68e9b7468019eee4c2d3066bfc400e46e038e7a93fe15ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
234
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
fastly-page-cacheable
YES
cache-control
max-age=0, must-revalidate, no-cache, no-store,public,public,proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQttVmxg2T%2F6Al4kZuf9mWBT5S5O6G6rHkriRik3jmfNzFs3Qlbyyv8eUnP4PDpXKEK7K98DYXFunNzErGSqCaqatjh%2Fk1m2R6ZNc9BKGBGqFe0Gu5O2QW3%2FqAbPdHE%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36309f62c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Sat, 12 Aug 2023 20:24:32 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
863
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13151450
cdn-cachedat
02/20/2024 17:37:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
92e0dae6588ed4630f496c7fea8acd89
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b23b3632d8e6910-FRA
cdn-requestpullsuccess
True
travelling_png.webp
plussnow.com/pub/media/amasty/webp/wysiwyg/2024/
17 KB
17 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/wysiwyg/2024/travelling_png.webp
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b1414902c53b5892a3adb6b1303288d70fb448e5d3a8ae6c19020a95dde6a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16918
last-modified
Mon, 20 May 2024 09:33:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fd6HcblGSbpmplq%2FQGT9x8iEl3bzMI2VG21iPBL%2FexyijWcgVucrG3qJZI1DRvVA6mweTbWLzl7rd8ixRwi7FLMru9qAWzOoc3BuJPsNhZRbaM25AZXDK7FhEG3nROU%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b36319fe2c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:53 GMT
plussnow-logo_png.webp
plussnow.com/pub/media/amasty/webp/theme_options/stores/5/
14 KB
14 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/theme_options/stores/5/plussnow-logo_png.webp
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8f4d039e134f2358eef57daae8d3a1d735ff9cdfa0951355a832f7dc30d8a93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13920
last-modified
Mon, 20 May 2024 08:24:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4o%2FXjU9vjwgqY%2F9YGjfUFwHI7yIqaqIfCPGCHGp%2FIRyedPJHs%2BSZ9o3JCfeItXYHqFcEqi4c3VlhQsoBBIHeTtO3J%2Blr1N6Lu8ynhsOZuWwF8tqtIHJJ9Kdk%2BVMnzY%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b3631a042c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:53 GMT
new--v1.png
img.icons8.com/material/24/FA5252/
305 B
800 B
Image
General
Full URL
https://img.icons8.com/material/24/FA5252/new--v1.png
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b07caed1e83c3660afbb69dbfec92df28ec79e5c706d189112045cd4fb3904f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

icon-id
84904
x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 21:53:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
icon-format
png
x-77-cache
HIT
x-cache
MISS
x-accel-date
1723252341
content-length
305
x-77-nzt
EggBw7WqEQFBDAGckiEfAff8xQMA
x-accel-expires
@1723554741
x-77-age
247292
not-found-platform
false
icon-size
24
last-modified
Fri, 09 Aug 2024 10:18:11
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
4c1562243318853c7184ba66321a240c
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
version
0.0.29
australia_png.webp
plussnow.com/pub/media/amasty/webp/wysiwyg/2024/
8 KB
8 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/wysiwyg/2024/australia_png.webp
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8996fb740b541adc5effdc01ea5067d72d1fd0c30cc1438e0195acc4111d9198
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7936
last-modified
Tue, 25 Jun 2024 02:11:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ei%2BRyGrOyuV24AJ5UKP9XQiLWZrQkwyy%2FW0vtUB0PBOXrdzj1aW0JtdwcqWoDXTUY7fh6K%2FdkAVrjwEn0cR6JZ1mkdB19VOHY1f38RxxKslq1%2F13KHu5lbijloAvyMw%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b3631a062c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:53 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
email-decode.min.js
plussnow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://plussnow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Aug 2024 09:35:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66b33fdd-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bg66w%2F3m%2BZ67JryuMseRnFBteNx34ZPOdNYOffRpF6r632f50N9wqf5%2BisxUDX3rXYU4pwkFxd6v9eoSZqbBEI8AsHy8g%2F0Ws%2Fp4kzxk9eqL2a6adBDqyhpKDERmKxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b23b3631a092c19-FRA
expires
Wed, 14 Aug 2024 21:53:53 GMT
bcf32d60d656c3c7dd2e626416fd5f56.min.js
plussnow.com/pub/static/version1720453747/_cache/merged/
2 MB
418 KB
Script
General
Full URL
https://plussnow.com/pub/static/version1720453747/_cache/merged/bcf32d60d656c3c7dd2e626416fd5f56.min.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fc6486d30a2615ea451b9b4b37025368266e409671fceaa5d022e5c969748e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jul 2024 17:06:51 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
<customer_origin_domain>
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9GOm4QIWSFm%2BBEX14MDsjNI9bskVxT289Lmp%2FdMoFfRQ7%2ByBmnVdtzqeq1D4weAVn7pD4jCfWIdt3ORzcXt8C4%2FaxFX9bktxf7NWZeB66Mry%2FP9AJgvn85owmRw4bI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, proxy-revalidate
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b3631a0b2c19-FRA
access-control-allow-headers
X-Requested-With
x-frame-options
SAMEORIGIN
expires
Tue, 12 Aug 2025 21:53:53 GMT
optimize.js
www.googleoptimize.com/
180 KB
65 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-P29P9CL
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8959aa901d3a45195e9e4d5f8b0fccf96fe6a49be1d113db2be7b25e5fde65e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66262
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 21:03:24 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 21:53:53 GMT
js
www.googletagmanager.com/gtag/
200 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-178235037-1
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61cdc99ca024d533a762a942b9539380040c000cff95a26123a393021c3b2d66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73878
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 21:53:53 GMT
dc08e988e49cfec7ee34b53aa.js
chimpstatic.com/mcjs-connected/js/users/d9be6e64f1ebbf8bb7b3b457b/
7 KB
3 KB
Script
General
Full URL
https://chimpstatic.com/mcjs-connected/js/users/d9be6e64f1ebbf8bb7b3b457b/dc08e988e49cfec7ee34b53aa.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.14.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-14-127.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
346307c922e4644c71afcc7bfa1773dd364179891ac04fed493e906ec515c7a9

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
112, 102
Date
Mon, 12 Aug 2024 21:53:53 GMT
Content-Encoding
gzip
x-amz-request-id
JGP7Z1Z98A4FHSK8
X-EdgeConnect-MidMile-RTT
0, 0
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
2221
x-amz-id-2
RiP3+94gQ/aJqff7P8xvNTVb7Lew3/Z/W0NKy1ilep+a4+mtayGYc3zaZKs8noa2aKuCKtAF/Tw=
Last-Modified
Fri, 14 Jun 2024 07:10:37 GMT
Server
AmazonS3
ETag
"3464130a111b7a1bc7f3d1bc4dc811d1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1779
Accept-Ranges
bytes
Expires
Mon, 12 Aug 2024 22:23:32 GMT
platform.js
static.elfsight.com/platform/
48 KB
17 KB
Script
General
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000009816f5853648b0a3-006698eb70-5ac52b6e-sfo2a
age
3008
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
server
cloudflare
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
8b23b363af063647-FRA
theme-icons.woff2
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/theme-icons/
6 KB
6 KB
Font
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/theme-icons/theme-icons.woff2
Requested by
Host: plussnow.com
URL: https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/css/styles-l.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea348ae935df8e309fcb0bd3ed083b4ef1074a9e44bfbbc230eeb8cf990f1a0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/css/styles-l.min.css
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5968
last-modified
Mon, 08 Jul 2024 15:52:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
<customer_origin_domain>
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0fm50bKRAFSQzPyVPpgk92FZ6nLsxpPp8crHLeM3LCIb1HJg%2F8TBkncwwHyojug8kYKlT0JAXtEer9kbpX%2BU5cm0JkpC8cRJGSxtcoSTFDaVuW61a%2FMjtljevSepCY%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b36ba90c2c19-FRA
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Aug 2025 21:53:54 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
874
age
298983
cdn-cachedat
06/26/2024 14:42:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:56 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
164acb6449e6c9a002d0f26c237c7d5c
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b23b36bdb199f40-FRA
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
197 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-178235037-1&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-P29P9CL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34443e9887d93d7f4e101d94886dcefe2b3de3e35b42d6a71fb72a6df66588bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72920
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 21:53:54 GMT
gtm.js
www.googletagmanager.com/
183 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5NBW26
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be7c3d60add95532333a05c110d4081987e19427bee8962965ab25cdc861c97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67942
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 21:03:24 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Aug 2024 21:53:54 GMT
js
www.googletagmanager.com/gtag/
291 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PBYVHMWWN1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178235037-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a22b3e33bcc7a6441c9eece14d8541e5f52f4b439d8c601b145448c91773d409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100719
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 12 Aug 2024 21:53:54 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178235037-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Aug 2024 21:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2329
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 12 Aug 2024 23:15:05 GMT
default
embed.tawk.to/5d8315e99f6b7a4457e27394/
2 KB
975 B
Script
General
Full URL
https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa34ca7e8c170455a6426a68de94822a040f58ad1e4c66a1ebd2053580ee3edf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"stable-v4-66909c6d5c9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
8b23b36dab8b4dc4-FRA
alt-svc
h3=":443"; ma=86400
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68a9b1139814e64d611803563a31cd79429fb475f23854db40c5b60e0dcad1e9

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
x-cdn
fastly
etag
"f5609f6f5ab838f822722ce784e4c926"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1880
js-translation.json
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/
2 B
619 B
XHR
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/js-translation.json
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
last-modified
Mon, 08 Jul 2024 15:53:21 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
<customer_origin_domain>
cache-control
public, max-age=31536000,public,public,proxy-revalidate,public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfmlAybQDg2JCfc0j9Z0%2F2C4woI8ivIQVEOjoyLHw6LPSJUFFOA8h8w%2BUkiO425bGUbwyM%2BhOLiqe7WQNaQHJGwtvU6ygNKRv%2BTTHrAWi2N3Pt0qss4ifIENxxRxCuE%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36d7a7c2c19-FRA
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Aug 2025 21:53:54 GMT
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/
226 KB
68 KB
Script
General
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by
Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/d9be6e64f1ebbf8bb7b3b457b/dc08e988e49cfec7ee34b53aa.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d2c0c945c4974e73b969f7011aac63bc2429b0776cc020b613d9c252872d9c9

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 03:47:15 GMT
Content-Encoding
br
Via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 Jun 2024 23:19:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
65982
x-amz-server-side-encryption
AES256
ETag
W/"1c7a1afa382f098cff12d0ec2b5c3fdd"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
dk9ZO1NpxN5rbqRGBp_gol_zaycag9gbMC3B4guo6pgX2WsZgq3XnQ==
/
core.service.elfsight.com/p/boot/
7 KB
4 KB
XHR
General
Full URL
https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fplussnow.com%2F&w=2a85feee-11de-4e83-90cf-5036cac620dd
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3484d746b4881769bd5e97881710200168a34ef55cdcad79062314825836634d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=0
x-dns-prefetch-control
on
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
unsafe-none
etag
W/"1d8d-VZwxF0EOJ/YJ+vl2bvYliD/Shs4"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://plussnow.com
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-apo-via
origin,host
cf-ray
8b23b36dcdc64dcc-FRA
jquery.mb.YTPlayer.min.js
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/Magento_Theme/js/
62 KB
15 KB
Script
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/Magento_Theme/js/jquery.mb.YTPlayer.min.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/pub/static/version1720453747/_cache/merged/bcf32d60d656c3c7dd2e626416fd5f56.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39593980d27d8aacd752117ed54b66e48a93404f3172d122690d4b74b22dcdbc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Jul 2024 15:52:05 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/javascript
access-control-allow-origin
<customer_origin_domain>
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhR3lKGpZU4CHnMGpDAb8hj7nKRBBFoCVXHlrZKdivycagCOgCf6WPlVHerKqaNAkul8IO9wueYEcdEp%2Fv4HX5kDpbRuFWyfLKkjSoLG8i%2FZT02iFc%2Flz9g1RLXrIuQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, proxy-revalidate
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36dfaff2c19-FRA
access-control-allow-headers
X-Requested-With
x-frame-options
SAMEORIGIN
expires
Tue, 12 Aug 2025 21:53:55 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:47:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 12 Aug 2024 22:47:25 GMT
fbevents.js
connect.facebook.net/en_US/
225 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 21:53:54 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
NZE76bhOd66Jpnf/2gIIvRiGSsWckwLO+OyzXLvlCKLTDg61l+e4Ge5krdhZ6MGmtI7q6xV5bGJWThdNObj+xA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PBYVHMWWN1&gtm=45je4880v870128816za200&_p=1723499634748&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=342917995.1723499635&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1723499634&sct=1&seg=0&dl=https%3A%2F%2Fplussnow.com%2F&dt=%F0%9F%98%8D%20Plus%20Size%20Snow%20%26%20Ski%20Gear%20Online%20for%20Curvy%20Women%20and%20Men&en=page_view&_fv=1&_ss=1&tfd=2798
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBYVHMWWN1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 21:53:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plussnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.5f3c66dc.js
s.pinimg.com/ct/lib/
81 KB
23 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.5f3c66dc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:6f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca35424a437fab98e5cfbe32e08d4235aa34167a3218d4685bb89debceaea396

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:54 GMT
content-encoding
br
x-cdn
fastly
etag
"d44a824ad3803bbf1d63544f8eaf99f2"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
23563
form-settings
mc.us15.list-manage.com/subscribe/
14 KB
9 KB
Script
General
Full URL
https://mc.us15.list-manage.com/subscribe/form-settings?u=d9be6e64f1ebbf8bb7b3b457b&id=f5e9486c95&f_id=22770&u=d9be6e64f1ebbf8bb7b3b457b&id=f5e9486c95&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.65.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-65-46.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
91a3ffba541f8ca3087076ae9fcfc48ccb9c8b456e54012fd3f8fa660855bb70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
279, 279
strict-transport-security
max-age=31536000
content-encoding
gzip
x-envoy-decorator-operation
http-interposer-desired-service.mailchimp-cloud-httpinterposer-use2-prd-m2.svc.cluster.local:8090/*
date
Mon, 12 Aug 2024 21:53:55 GMT
x-edgeconnect-midmile-rtt
0, 0
intuit_tid
1-66ba8473-23e47bcd1a7ba85b3057ef07
x-envoy-upstream-service-time
168
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=279, ak_p; desc="1723499634990_1551596212_74180865_28772_12948_25_41_146";dur=1
content-length
6705
x-request-id
1-66ba8473-23e47bcd1a7ba85b3057ef07
x-ua-compatible
IE=edge,chrome=1
x-spanid
f95e2f42-0265-18f5-9671-dfb947cfb531
referrer-policy
same-origin
server
istio-envoy
x-amzn-trace-id
Root=1-66ba8473-23e47bcd1a7ba85b3057ef07
vary
Accept-Encoding
content-type
application/json;charset=utf-8
cache-control
max-age=266
expires
Mon, 12 Aug 2024 21:58:21 GMT
collect
www.google-analytics.com/j/
1 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=85375153&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fplussnow.com%2F&ul=nl-nl&de=UTF-8&dt=%F0%9F%98%8D%20Plus%20Size%20Snow%20%26%20Ski%20Gear%20Online%20for%20Curvy%20Women%20and%20Men&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAACAAI~&jid=1265237742&gjid=423990118&cid=342917995.1723499635&tid=UA-178235037-1&_gid=1227657059.1723499635&_r=1&gtm=457e4880za200&gcd=13l3l3l2l2&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&z=1481521098
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 21:53:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plussnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/
320 B
720 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613648029269&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1723499634955&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5f3c66dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.ded5ce17.1723499635.75ef6ac
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=600
content-length
186
x-pinterest-rid
3588958859955559
pin-unauth
dWlkPU0yVm1ZamhoTmpndE5tTmtOaTAwWVRJMExXRm1OemN0TTJZeFpUVmpOalJoT1RFNQ
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://plussnow.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
e7612ecc563e3ac4cba47f0911bb75db84784aa2
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
497 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?tid=2613648029269&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fplussnow.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225f3c66dc%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1723499634956
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5f3c66dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 21:53:55 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ded5ce17.1723499635.75ef6b2
content-type
image/gif
access-control-allow-origin
https://plussnow.com
pinterest-version
e7612ecc563e3ac4cba47f0911bb75db84784aa2
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
content-length
35
x-pinterest-rid
1399008748730018
expires
Sat, 01 Jan 2000 00:00:00 GMT
340798843851266
connect.facebook.net/signals/config/
70 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/340798843851266?v=2.9.164&r=stable&domain=plussnow.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39f6a9ad11420e6a5ff3f369eee58a72b754874f6063825d01b5e040335864db
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 21:53:55 GMT
document-policy
force-load-at-top
x-fb-server-load
20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=63, mss=1297, tbw=64426, tp=-1, tpl=-1, uplat=184, ullat=0
pragma
public
x-fb-debug
F2gKdlCrDj86hh+bPIEnPXzZwa1KsEzfegGRogu1Xds8EU/dPbI16E+jiVAUqYeuzwEBX/hyLwMl//jgTAl/mw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader-1.gif
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/images/
10 KB
10 KB
Image
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/images/loader-1.gif
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3383b6eced84fe5c180954edef24ed094868c253fd0edca5f66b1143b3f173eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9966
last-modified
Mon, 08 Jul 2024 15:51:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FYZKtsW%2BNcR%2BioDoHTK%2F2bZzYx%2BI0aXdY8JMsCQDSPurfApvOLVqcJQYsiBJPHpJSWDiWUP0GKK%2Fv5ivXytyuHtYH%2FxHKUIehMGeQ9ywJDTirOWRd0gXBFBQaczudc%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b36f8c7f2c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Tue, 12 Aug 2025 21:53:55 GMT
/
plussnow.com/amasty_fpc/reports/
0
1 KB
XHR
General
Full URL
https://plussnow.com/amasty_fpc/reports/?ttfb=988&_=1723499634784
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://plussnow.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
cache-control
max-age=0, must-revalidate, no-cache, no-store,public,public,proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRhqQycwIpxMuer6mQ8Y8uyBNyymqLoskRQuA8Pj0Dqj%2FkyCan3mxNYzY6sox1zF8lSFZsIHZBspVuDPJJChzS2ScXdajp1Oem4F3adjctYIcoL5QWC3y%2BTtFI5mSVY%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b36f8c872c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Sat, 12 Aug 2023 21:53:55 GMT
api.js
www.google.com/recaptcha/
1 KB
995 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
47e30419caab6c17e6be020c300d53bdbd9bab6709d8bc10696b1998cb47d3f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 21:53:55 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/
534 KB
212 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33da58f7b4901d6faaa4700111d100d637dbfcdac23a6e4eaf27b38352339184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:12:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216531
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 00:43:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Aug 2025 16:12:58 GMT
3616966435011899
connect.facebook.net/signals/config/
22 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3616966435011899?v=2.9.164&r=stable&domain=plussnow.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C130%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C123%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
ef901cbf4affe214fbfacfa146d3283cbb1efd1352e0dd2df44f08175f8ee809
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Aug 2024 21:53:55 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4334, tp=9, tpl=0, uplat=139, ullat=0
pragma
public
x-fb-debug
TXI6dv1AjzSMWV0svo8+zz7KpZhImaWXRwY3R+LRLbRSZRh94SRjTzCixY7aAUYH6w9s7IXJHpkxk1OT5pUMEA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=340798843851266&ev=PageView&dl=https%3A%2F%2Fplussnow.com%2F&rl=&if=false&ts=1723499635266&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723499635264.502358280181056237&cs_est=true&ler=empty&cdl=API_unavailable&it=1723499635041&coo=false&rqm=GET
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1297, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Aug 2024 21:53:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=340798843851266&ev=PageView&dl=https%3A%2F%2Fplussnow.com%2F&rl=&if=false&ts=1723499635266&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723499635264.502358280181056237&cs_est=true&ler=empty&cdl=API_unavailable&it=1723499635041&coo=false&rqm=FGET
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 12 Aug 2024 21:53:55 GMT
document-policy
force-load-at-top
x-fb-server-load
21
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402374567173676927", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=3112, tp=-1, tpl=-1, uplat=123, ullat=0
pragma
no-cache
x-fb-debug
amEJgtT5U65EmxjpF/tbkv2QOyGNg3oJYj+Q6ofM4gToyfPF6ccM+4KlCu/a1nvQpEkUDpN+ufiniqrufUKMnA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402374567173676927"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
googleReviews.js
static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/
1 MB
315 KB
Script
General
Full URL
https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.js
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b637b729cc29c4f0047a92c2853d7958b62b7213ee8cfdb9696db5afb14cfd1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000a205e757db1ba80-0066b4a1ca-5ad5d8b6-sfo2a
age
347
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 08 Aug 2024 10:43:04 GMT
server
cloudflare
etag
W/"c996a3c07a178bef9a208fd5eb98e101"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
8b23b370fe633647-FRA
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/38d3020ee67bdafdc3231e2272e1fa0689108cda/
112 KB
31 KB
Script
General
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/38d3020ee67bdafdc3231e2272e1fa0689108cda/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac2703bdccf412e09b63cf5fce781a258a9b8548ba8a314330c8e5a5b8e9fa5b

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 15:30:09 GMT
Content-Encoding
br
Via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
23027
x-amz-server-side-encryption
AES256
ETag
W/"a1391b4f56369883b0b9a4e7cd122028"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
k_tccxRIAg2pnYmUiXflvmb4XLXhAHHBt8mAYLc5qF0_N2YAVJwMuA==
common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame CD69
10 KB
3 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 10:24:59 GMT
Content-Encoding
br
Via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
66414
x-amz-server-side-encryption
AES256
ETag
W/"22d453e74fdbe5b73dac8b53e669122e"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
E_KgN2tSSEv6o7tNI4v8UtgYrmkGJ_JhvS-0VAzy8LOSN-xJhdQAJw==
banner.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame CD69
813 B
1 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 01:42:43 GMT
Via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jun 2024 16:58:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
72673
x-amz-server-side-encryption
AES256
ETag
"03dc514068214f6d7d052c91c8492206"
Vary
Accept-Encoding, Origin
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
813
X-Amz-Cf-Id
RDYDbS4DkR0UZaX4vWdHJxaC80yCEjyMISgKn1b1gcNJZpVmY4t5QA==
common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame ACA9
10 KB
0
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 10:24:59 GMT
Content-Encoding
br
Via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
66414
x-amz-server-side-encryption
AES256
ETag
W/"22d453e74fdbe5b73dac8b53e669122e"
Vary
Accept-Encoding, Origin
X-Cache
Hit from cloudfront
Content-Type
text/css
X-Amz-Cf-Id
E_KgN2tSSEv6o7tNI4v8UtgYrmkGJ_JhvS-0VAzy8LOSN-xJhdQAJw==
layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame ACA9
1 KB
929 B
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/layout-2.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c398b4ce94e2b1e42a4eb77ec66dfd228fcff631fdd9c0c74f8cce047d12072

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 15:30:11 GMT
Content-Encoding
br
Via
1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
23025
x-amz-server-side-encryption
AES256
ETag
W/"689415cef3fb916a12beabcfa7ff4244"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
pxTMPGrSG22pbRr8Mg3J3mKzq7WGMsxoLU0FkIpAADmVUbvwx16Exw==
modal.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/
3 KB
1 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/modal.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 01:42:44 GMT
Content-Encoding
br
Via
1.1 e5482755d4e937d4018ce72cd23b55c4.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jun 2024 16:58:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
Age
72671
x-amz-server-side-encryption
AES256
ETag
W/"bb442b187fc78727105fd57962ce4b14"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
x-LCG61fFUDMLIV_q1izj8rgcKvepGkQy78IkJLjgZsD-MtLN2D8ug==
anchor
www.google.com/recaptcha/api2/ Frame 151C
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld3aecUAAAAANrM2EBkrmSVVLKQsiuMQnImMgYS&co=aHR0cHM6Ly9wbHVzc25vdy5jb206NDQz&hl=nl&v=_ZpyzC9NQw3gYt1GHTrnprhx&theme=dark&size=invisible&badge=bottomright&cb=jbcd8f9w9sv2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9zCBDebC7XU7KlddXDOJAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plussnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9zCBDebC7XU7KlddXDOJAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 21:53:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 8615
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld3aecUAAAAANrM2EBkrmSVVLKQsiuMQnImMgYS&co=aHR0cHM6Ly9wbHVzc25vdy5jb206NDQz&hl=nl&v=_ZpyzC9NQw3gYt1GHTrnprhx&theme=dark&size=invisible&badge=bottomright&cb=gjwurvla59z0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_FlCDCjmeOkPLZ99X6LR4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plussnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_FlCDCjmeOkPLZ99X6LR4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 21:53:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame A0DE
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld3aecUAAAAANrM2EBkrmSVVLKQsiuMQnImMgYS&co=aHR0cHM6Ly9wbHVzc25vdy5jb206NDQz&hl=nl&v=_ZpyzC9NQw3gYt1GHTrnprhx&theme=dark&size=invisible&badge=bottomright&cb=t844waqtn3oc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_ZpyzC9NQw3gYt1GHTrnprhx/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KsdW0HVYiPjCdKQKcHP3iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plussnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KsdW0HVYiPjCdKQKcHP3iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 21:53:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sources
service-reviews-ultimate.elfsight.com/data/ Frame
0
0
Preflight
General
Full URL
https://service-reviews-ultimate.elfsight.com/data/sources?uris%5B%5D=ChIJoXrEkx1B1moRzAfZDij3pX4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-widget-token
Access-Control-Request-Method
GET
Origin
https://plussnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-WIDGET-TOKEN
access-control-allow-methods
GET
access-control-allow-origin
https://plussnow.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8b23b372fa2c37d1-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 21:53:56 GMT
server
cloudflare
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
reviews
service-reviews-ultimate.elfsight.com/data/ Frame
0
0
Preflight
General
Full URL
https://service-reviews-ultimate.elfsight.com/data/reviews?uris%5B%5D=ChIJoXrEkx1B1moRzAfZDij3pX4&with_text_only=1&min_rating=5&page_length=100&order=date
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-widget-token
Access-Control-Request-Method
GET
Origin
https://plussnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-WIDGET-TOKEN
access-control-allow-methods
GET
access-control-allow-origin
https://plussnow.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8b23b372fa2837d1-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 21:53:56 GMT
server
cloudflare
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
googleReviews.996.chunk.js
static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/
110 KB
33 KB
Script
General
Full URL
https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.996.chunk.js
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7af0c15ed1b1fc7a158fb2b46c84696c78d52635fcc35aa65d83db7023baed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000009429b3bf2b0b15ba-0066b4a1cb-5ad5d87f-sfo2a
age
2720
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 08 Aug 2024 10:43:04 GMT
server
cloudflare
etag
W/"a5b738ca2da57c6d216c1e044fdd224c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
8b23b372b8423647-FRA
app-all-in-one-reviews-logos-google-logo-multicolor.svg
static.elfsight.com/icons/
2 KB
1 KB
XHR
General
Full URL
https://static.elfsight.com/icons/app-all-in-one-reviews-logos-google-logo-multicolor.svg
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804e7edeba9edfbc93197c63f79ca0c010e4cbf66c6ae3ffd944ae4c8fd3f4cb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
tx000007a3bb612e370201d-006698f891-5ac52b6e-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Jul 2024 14:56:28 GMT
server
cloudflare
etag
W/"f00de7a516c9395a83efce98e5e1c760"
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray
8b23b3731af29b22-FRA
sources
service-reviews-ultimate.elfsight.com/data/
393 B
556 B
Fetch
General
Full URL
https://service-reviews-ultimate.elfsight.com/data/sources?uris%5B%5D=ChIJoXrEkx1B1moRzAfZDij3pX4
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006dd46d12be854ba789402d1ab32c3aa8d1f0934a7b2d5929e9c6a716f016de
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-widget-token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoiUFVCTElDIiwid2lkZ2V0UGlkIjoiMmE4NWZlZWUtMTFkZS00ZTgzLTkwY2YtNTAzNmNhYzYyMGRkIiwid2lkZ2V0UmV2aXNpb25QaWQiOiI1ZDRlN2ZmMS03OGRiLTQ3YzQtYjcwYy05YzIxODYzMGM0MTgiLCJhY2NvdW50UGlkIjoiZmJhMDVjYzUtY2Q2Yy00MTZiLTgwZTQtOTU5YjhiZDAwZDZlIiwic3ViIjoiMmE4NWZlZWUtMTFkZS00ZTgzLTkwY2YtNTAzNmNhYzYyMGRkIiwidmVyIjoiNWQ0ZTdmZjEtNzhkYi00N2M0LWI3MGMtOWMyMTg2MzBjNDE4IiwiaWF0IjoxNzIzNDk5NTIxLCJleHAiOjE3MjM1MDY3MjF9.hpKwhySr9Rb2cx6cpkcf5wFF4ScISJPppIlQZ3m1g8wS6l8_ndofzKQHejYUZy3kVpJdGfMNtVzZ9irYTnEdQNl6wK48eBTlqePNP4VBM6kAZXaPu24iUp1ip5YsexhIRCGuR1EtlfR-mLXbCFE59cxkxNkZpTWTc7Q7L6B26j91_kMI5XbmOVN2W9mEToLXnYj0fYYhKb3R9yjhWhlPth-yA_zXg5-3VXfth6eALWDTZT0KaGQ69AF4Qgb9Vi5CXUYwWRMZpJoP0ngXrwVaRlxIQwGOs9CPnF5OaYOkaK-pNpIttTko_i0eEcOtn-zTu8cXTb_O-IUNFbmAwrilQhd4i70xmal3KZxBCT6X0ln4Z7ts1BsYWJkDEjCzz4el4Z4Bv83-iUnELpXXp70YSpmrojgWorJ8mkFg1YdwSOIehi31i4SNDPRk4PxcqdGvPbMJswtHd8a7NDnvRWHJWs4oTl6VN0hF7IpBo5ghIvQKbDwftcaANI3VU6lHrStR9nUY3hXrcr9ti-PXbIUUsPcoA8AWlw9WwiErNnlOjJSNVKc3rtt6bKoKfoLEC_NJHXHe-rMGE0AXC5H5zROMvaEuyDCHzLiHyzCt9ufaGhBh4B9Dp5GUNPTqgzUPbJ4d3lDMWgysFh1C9moYiS9Jn5ilYOVfgFWCGYXq-dRxIGs
Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
strict-transport-security
max-age=0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Aug 2024 21:53:56 GMT
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://plussnow.com
cache-control
private, no-store
cf-apo-via
origin,host
cf-ray
8b23b3761f5637d1-FRA
reviews
service-reviews-ultimate.elfsight.com/data/
87 KB
26 KB
Fetch
General
Full URL
https://service-reviews-ultimate.elfsight.com/data/reviews?uris%5B%5D=ChIJoXrEkx1B1moRzAfZDij3pX4&with_text_only=1&min_rating=5&page_length=100&order=date
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
641031614b9b82a7cfcc66627a26096f04879893ac9022e6699986dd982fbb04
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-widget-token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoiUFVCTElDIiwid2lkZ2V0UGlkIjoiMmE4NWZlZWUtMTFkZS00ZTgzLTkwY2YtNTAzNmNhYzYyMGRkIiwid2lkZ2V0UmV2aXNpb25QaWQiOiI1ZDRlN2ZmMS03OGRiLTQ3YzQtYjcwYy05YzIxODYzMGM0MTgiLCJhY2NvdW50UGlkIjoiZmJhMDVjYzUtY2Q2Yy00MTZiLTgwZTQtOTU5YjhiZDAwZDZlIiwic3ViIjoiMmE4NWZlZWUtMTFkZS00ZTgzLTkwY2YtNTAzNmNhYzYyMGRkIiwidmVyIjoiNWQ0ZTdmZjEtNzhkYi00N2M0LWI3MGMtOWMyMTg2MzBjNDE4IiwiaWF0IjoxNzIzNDk5NTIxLCJleHAiOjE3MjM1MDY3MjF9.hpKwhySr9Rb2cx6cpkcf5wFF4ScISJPppIlQZ3m1g8wS6l8_ndofzKQHejYUZy3kVpJdGfMNtVzZ9irYTnEdQNl6wK48eBTlqePNP4VBM6kAZXaPu24iUp1ip5YsexhIRCGuR1EtlfR-mLXbCFE59cxkxNkZpTWTc7Q7L6B26j91_kMI5XbmOVN2W9mEToLXnYj0fYYhKb3R9yjhWhlPth-yA_zXg5-3VXfth6eALWDTZT0KaGQ69AF4Qgb9Vi5CXUYwWRMZpJoP0ngXrwVaRlxIQwGOs9CPnF5OaYOkaK-pNpIttTko_i0eEcOtn-zTu8cXTb_O-IUNFbmAwrilQhd4i70xmal3KZxBCT6X0ln4Z7ts1BsYWJkDEjCzz4el4Z4Bv83-iUnELpXXp70YSpmrojgWorJ8mkFg1YdwSOIehi31i4SNDPRk4PxcqdGvPbMJswtHd8a7NDnvRWHJWs4oTl6VN0hF7IpBo5ghIvQKbDwftcaANI3VU6lHrStR9nUY3hXrcr9ti-PXbIUUsPcoA8AWlw9WwiErNnlOjJSNVKc3rtt6bKoKfoLEC_NJHXHe-rMGE0AXC5H5zROMvaEuyDCHzLiHyzCt9ufaGhBh4B9Dp5GUNPTqgzUPbJ4d3lDMWgysFh1C9moYiS9Jn5ilYOVfgFWCGYXq-dRxIGs
Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
strict-transport-security
max-age=0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 12 Aug 2024 21:53:56 GMT
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://plussnow.com
cache-control
private, no-store
cf-apo-via
origin,host
cf-ray
8b23b3761f4737d1-FRA
print.min.css
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/css/print.min.css
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1325fbbd83887b4b56f821607648184ecaf3f1ee716363657064055fece579b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 08 Jul 2024 15:52:04 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FazQslVUYaU6z7T1GVagd5DIMPKw6s0Jbh%2BdOSUgF19WO%2Bt8WcQfbZH%2FTxgdcFL555q8y0Npqg68677tBX8pcmwI%2FS8VMDA%2BMyOIFYBlk9fnoMU5iLSaSFQElnirGY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, proxy-revalidate
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b373f8ec2c19-FRA
access-control-allow-headers
X-Requested-With
x-frame-options
SAMEORIGIN
expires
Tue, 12 Aug 2025 21:53:56 GMT
fonts_3f56cc438d3000710efcc488256d1535.min.css
plussnow.com/pub/static/version1720453747/_cache/merged/
7 KB
3 KB
Stylesheet
General
Full URL
https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Requested by
Host: plussnow.com
URL: https://plussnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6d3d7460edb977008a05185c178bea15850e5c7beee61983b2ea272ba1329ee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jul 2024 17:06:51 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIY9Z4dRJlCS53DjQcWZEHrEa2qWXRwv822sVLemzQEkdM9%2B%2FAq75OZy3EuQXwXM%2FLbFocJd1eFDPk0Yfc3HCVhbUbrexpKPdnSrTMjaAawOVK86M6FAMI1ZS%2B%2BSmok%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, proxy-revalidate
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
cf-ray
8b23b373f8ed2c19-FRA
access-control-allow-headers
X-Requested-With
x-frame-options
SAMEORIGIN
expires
Tue, 12 Aug 2025 21:53:56 GMT
Plussnow.com_jpg.webp
plussnow.com/pub/media/amasty/webp/wysiwyg/2024/
24 KB
25 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/wysiwyg/2024/Plussnow.com_jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61831e526e525ae4c74db182e2674347ab4bcc11808794038c78ae6bd6e607c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
24974
last-modified
Mon, 20 May 2024 09:32:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=celuPg%2BoGR%2FOE8cK8TsFYuny7JnYgSZxjdqo8WZE6aSZjcoVpfB2v5CLH7RA4Yy2X6qhygeelnXhn2o1W9a9%2B0HGbWd2Iorz6rgaTjcRFPuV%2Fi3M9Exdy7HAftF5BJ0%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b373f8f42c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:56 GMT
Get_the_support_your_need_for_plus-size_snow_shopping_jpg.webp
plussnow.com/pub/media/amasty/webp/wysiwyg/2023/
47 KB
48 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/wysiwyg/2023/Get_the_support_your_need_for_plus-size_snow_shopping_jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21109ad7e5eadc2a5f64f1bf929685df582acf4a612d21f659efa44aad047af9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
48552
last-modified
Mon, 20 May 2024 09:29:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XT0eS9HSgxdjJTQWJgRunAMJxIqQJktZMiug8To2TIIMMWTjGtpz8wQh%2BIlZ%2F3tJNmdeo066PdlPiJu3EB9UBHJ9hRp1xjMu5PSNLs0J7KMREIeUp7M8titKc4SLjfU%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b373f8f72c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:56 GMT
Shipping_your_gear_with_DHL_Express_jpg.webp
plussnow.com/pub/media/amasty/webp/wysiwyg/2023/
71 KB
72 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/wysiwyg/2023/Shipping_your_gear_with_DHL_Express_jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d1085265f4c2160763a8505e9161fcada36e7088ab970ed47213bbe4d463e7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
73006
last-modified
Mon, 20 May 2024 09:32:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNQBpJ%2BM5t1itp8zuN2t6oEVWlVbUl%2FcPhaCuPr4pdp4%2BQFyVMsbFdB1rXICNfyP5W%2F9CzzcGOetLvMl0muq4j4wXa%2BA7a3DkjSAIKgw87XyyEKYagSHTR%2Fl%2Bxo617U%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b373f8f92c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:56 GMT
Plus-size_ski_pants_for_ski_bums_png.webp
plussnow.com/pub/media/amasty/webp/wysiwyg/2022/
26 KB
26 KB
Image
General
Full URL
https://plussnow.com/pub/media/amasty/webp/wysiwyg/2022/Plus-size_ski_pants_for_ski_bums_png.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a95210011bd43bf69aeb41930e0f8f6b770c6c65031e58e9a45294e16a9c278
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
26264
last-modified
Mon, 20 May 2024 09:29:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qL%2BerjIsLZPN0Ua3C%2BKCLAgdngWZR9gzU9vX8IODRbuoIalRIEtomdAVEzsjLtH7AQg3Rd8iY6iFpj4v4u5NlZeobIci9lV1J1dspC2WmcBBpDCvmVloEkMI25rkjIY%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b373f8fb2c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Mon, 19 Aug 2024 21:53:56 GMT
token_create.js
ct.pinterest.com/static/ct/
4 KB
2 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5f3c66dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.ded5ce17.1723499635.75efff2
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
content-length
2108
ct.html
ct.pinterest.com/ Frame 91F1
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5f3c66dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://plussnow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-grn
0.ded5ce17.1723499635.75f00e7
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 21:53:55 GMT
pinterest-version
e7612ecc563e3ac4cba47f0911bb75db84784aa2
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
3972999660638806
twk-main.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
121 B
342 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
content-encoding
br
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b373fb8a4dc4-FRA
alt-svc
h3=":443"; ma=86400
twk-vendor.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
81 KB
32 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
cf-cache-status
MISS
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b373fb8b4dc4-FRA
alt-svc
h3=":443"; ma=86400
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
212 KB
71 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
cf-cache-status
MISS
etag
W/"77a40166698f808a0942865537165b0f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b373fb8d4dc4-FRA
alt-svc
h3=":443"; ma=86400
twk-chunk-common.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
222 KB
62 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d5d3565eaefe455bca4ace3e83c37cda7815373cdac3ba3f45f0680a079ac19
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
cf-cache-status
MISS
etag
W/"69549fdedf7a66967bca1cff84df561e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b373fb904dc4-FRA
alt-svc
h3=":443"; ma=86400
twk-runtime.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237b4750dad3793da8e8632bb02d1d60ac1651bd0e9aebcebdbf0f9b83dae835
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
cf-cache-status
MISS
etag
W/"dca0ffe47071fb33643cea7919ce6e58"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b373fb934dc4-FRA
alt-svc
h3=":443"; ma=86400
twk-app.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
151 B
366 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8315e99f6b7a4457e27394/default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:55 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
content-encoding
br
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b373fb954dc4-FRA
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=85375153&t=timing&_s=2&dl=https%3A%2F%2Fplussnow.com%2F&ul=nl-nl&de=UTF-8&dt=%F0%9F%98%8D%20Plus%20Size%20Snow%20%26%20Ski%20Gear%20Online%20for%20Curvy%20Women%20and%20Men&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3704&pdt=249&dns=11&rrt=1&srt=949&tcp=28&dit=2677&clt=2680&_gst=2646&_gbt=2786&_u=aGBAAUIhAAAAACAAI~&jid=&gjid=&cid=342917995.1723499635&tid=UA-178235037-1&_gid=1227657059.1723499635&gtm=457e4880za200&gcd=13l3l3l2l2&dma_cps=syphamo&dma=1&tag_exp=0&z=1280784588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 12:58:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32117
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
widget-settings
va.tawk.to/v1/
3 KB
2 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5d8315e99f6b7a4457e27394&widgetId=default&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843e3010f16f750513e9b2de983cbc5aa7833ab5186e05a95e617f6dcc380c46
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-wpnn
server
cloudflare
etag
W/"2-84-0"
access-control-max-age
3600
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
vary
Accept-Encoding
cf-ray
8b23b3769fb94dc4-FRA
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/
1 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b682bfdf2a46293dbdf9bafc0dd2c8eb5d2e2066344724a9cf55cb98a581bb0b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-119x
server
cloudflare
access-control-max-age
3600
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://plussnow.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
8b23b377afbc4d3a-FRA
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://plussnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://plussnow.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8b23b3769fbb4dc4-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 21:53:56 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-tlbf
Montserrat-Regular.woff2
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/Montserrat/Regular/
87 KB
87 KB
Font
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/Montserrat/Regular/Montserrat-Regular.woff2
Requested by
Host: plussnow.com
URL: https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329622b39b0743628824776ffd95c8eba5c6cac6ef694f97676845ac8023a10d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
88584
last-modified
Mon, 08 Jul 2024 15:52:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
<customer_origin_domain>
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FQMqPaA9foFjejpcyyei2Z99GVFXfj0sLCIn%2FOtCAOjrz9xtfvdGOWRSOGOFcNENxPlMhNzk1HBWvw90F8WvdM%2BtvrwSPv3scpxZUoBa29dqPfHdsZk%2BgYeHCU892o%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b3776c572c19-FRA
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Aug 2025 21:53:56 GMT
Montserrat-Bold.woff2
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/Montserrat/Bold/
86 KB
87 KB
Font
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/Montserrat/Bold/Montserrat-Bold.woff2
Requested by
Host: plussnow.com
URL: https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
144bc3bf1032ff3447386db5be8461170a735d46b4bc52008fe291ff4a033f48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
88204
last-modified
Mon, 08 Jul 2024 15:52:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
<customer_origin_domain>
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NM2YW8JQ5kxxVo4hwaQfBp02gO%2BLmweo5z8n6qGDpeOQbLNI4XolV6z055clerzNNGEzC5bhwMeSXYLhAuqdgJHGw%2FxeYQh8kUJOLdrck55OCToPGZRzZlR44DNkqs%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b3776c5b2c19-FRA
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Aug 2025 21:53:56 GMT
fontawesome-webfont.woff2
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/Magedelight_Megamenu/css/font-awesome/fonts/
181 KB
182 KB
Font
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/Magedelight_Megamenu/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: plussnow.com
URL: https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d48a402a969e86397b1c70b0e284704e02b0838e10b31c0b59dc9cf7e89f06
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
185808
last-modified
Mon, 08 Jul 2024 15:51:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
<customer_origin_domain>
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjn6cHs2epSUBbKrPcS%2FuIJxSjgim7J2TJGFBq%2F36136ZQAksivsGOry3qinevPHm%2FgiryWPwpN7TijnKGClRXjARUnVFsYO956SrL9I9ZImWIli7vqKPovG%2Bc1m7ro%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b3776c5d2c19-FRA
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Aug 2025 21:53:56 GMT
app-all-in-one-reviews-icons-google-multicolor-stroke.svg
static.elfsight.com/icons/
1 KB
760 B
XHR
General
Full URL
https://static.elfsight.com/icons/app-all-in-one-reviews-icons-google-multicolor-stroke.svg
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/google-reviews/stable/48da07c9d17022cb23a408d5eacbe69aab4a78a9/app/googleReviews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9a1fd396f727db8017685080d790d824738c9e1c81080ef0ed9b74ac549c0a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
tx00000ef1b82abb1d54f78-006698f892-5cc45812-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Jul 2024 14:56:25 GMT
server
cloudflare
etag
W/"8e7fcebe25e9e39be4d97d98a35b9b96"
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray
8b23b377fee09b22-FRA
Montserrat-SemiBold.woff2
plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/Montserrat/SemiBold/
86 KB
87 KB
Font
General
Full URL
https://plussnow.com/pub/static/version1720453747/frontend/Zemez/theme_plussnow/en_AU/fonts/Montserrat/SemiBold/Montserrat-SemiBold.woff2
Requested by
Host: plussnow.com
URL: https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a2ab4b5138359930701069c68e0de09fcc6dd3340fdb05509b45fddf471bad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/pub/static/version1720453747/_cache/merged/fonts_3f56cc438d3000710efcc488256d1535.min.css
Origin
https://plussnow.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
88068
last-modified
Mon, 08 Jul 2024 15:52:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/font-woff2
access-control-allow-origin
<customer_origin_domain>
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwwPkRagCxxiej5T%2FlkeN%2FPrGsvssQf2Kdgc2acqfVDu1wPSB3vyRtj42ghuF4kys4xnlEUEMI%2Fft65zvJfcMT9Wb3Vmr75D3nRz2I5i%2FRzvA3V%2BT7abKl38ioi9JHg%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b3788d6b2c19-FRA
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Aug 2025 21:53:56 GMT
ALV-UjVW5lBy2-RIPSYZBPt3vgN4X4z3NMkyi1oYVA8ZH9WuVfaruBw=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/
26 KB
26 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a-/ALV-UjVW5lBy2-RIPSYZBPt3vgN4X4z3NMkyi1oYVA8ZH9WuVfaruBw=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
52acb16a8aa7f3c1b95914467b95612af5c70c5b724e492831422ffa9755c1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v14"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26391
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:57 GMT
ACg8ocLrU6uqflhhhXNBxO19xqHW6Mxkd83oBppeemoeoZA9TeRbaQ=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocLrU6uqflhhhXNBxO19xqHW6Mxkd83oBppeemoeoZA9TeRbaQ=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7204474a380a6bfdb883d71bc0f2737855a4068fc4b296d61547ca5f9afe6095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4131
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ACg8ocK_4-ZNvT23hoyuXwza_4nC9ROokoXrfJDPMvYR2sViRtqIwg=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocK_4-ZNvT23hoyuXwza_4nC9ROokoXrfJDPMvYR2sViRtqIwg=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f87358be5cf55cff3f3398d8918f3e9aa7557dc27a2c6a71dfd3545a2eedde3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4008
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ACg8ocKM9dRcwG-koIEdjlgu1ulhu9DxNN19sUj8-iLdQhntSdPK3Q=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
3 KB
3 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocKM9dRcwG-koIEdjlgu1ulhu9DxNN19sUj8-iLdQhntSdPK3Q=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
882e03d9ea70b174caf7b6de682181649a2c7302ebf22facbdeba925e880d1af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3233
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ALV-UjWsRseGlpcSmatk7KgvNKfwjqpKEJ8kUxfguBb-kr5cJ73WVk4=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/
25 KB
25 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a-/ALV-UjWsRseGlpcSmatk7KgvNKfwjqpKEJ8kUxfguBb-kr5cJ73WVk4=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b168b3e420d7602a8a06dcb0a324c00c32a68a8d65bb76b9de14b4020e4e9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25398
x-xss-protection
0
server
fife
etag
"v18"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Aug 2024 21:53:56 GMT
ALV-UjVL59XFS9IA-Hyke4GGzZ_vK0QijsO3sXoi1sCriBcqzjqb0iKBMQ=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/
22 KB
22 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a-/ALV-UjVL59XFS9IA-Hyke4GGzZ_vK0QijsO3sXoi1sCriBcqzjqb0iKBMQ=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c49135f915d17fcda0c0997623a8901642f1cbdad338bc9b07dc987105a99c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v7722"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22157
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:57 GMT
ACg8ocK58Eu_OQJjWuVOBtPUFSOgZ4ZZUDDG_6ekN3Zv8iv7hl5elw=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
4 KB
5 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocK58Eu_OQJjWuVOBtPUFSOgZ4ZZUDDG_6ekN3Zv8iv7hl5elw=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4d3c9c6ca0677621ba1078ff2fa987966c55ebf74c0a56509fffba058d096235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4552
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ACg8ocIIsVQNRKhun2ghLni_eoErHLxjcxYcn3sUs0WbjRa5MAzlfQ=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIIsVQNRKhun2ghLni_eoErHLxjcxYcn3sUs0WbjRa5MAzlfQ=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
19389b1aed6e3b2d183a7de696e0ea23b9f5191766ad1400386b1fb154fac839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3830
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ACg8ocK88X6qnfPMK-VgGfbEN2v0lybKf5GmGnFQE03i7XR6725ADQ=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocK88X6qnfPMK-VgGfbEN2v0lybKf5GmGnFQE03i7XR6725ADQ=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8d318864214c0b93b160a43279c36ce79e4d8bdcbec2d251b40a60bead4304ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4448
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ACg8ocIEgBeXOX3800Tp9uilXz7hOB1_4ATBqIUVMDEfEoX8GMj1aA=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
3 KB
3 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocIEgBeXOX3800Tp9uilXz7hOB1_4ATBqIUVMDEfEoX8GMj1aA=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2ad9115e66c3a06500ff3bf37e79c5b0333310f18aa90fe0de51067ab2e1b850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3198
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
ACg8ocJlkqCyd9R1C8fsSwWn9AWXtMGfvOE8LH4lQGsmOzLtTCEq5g=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/a/ACg8ocJlkqCyd9R1C8fsSwWn9AWXtMGfvOE8LH4lQGsmOzLtTCEq5g=s120-c-rp-mo-br100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bdf4579a1aa18c172181532dc07ae4d9cef4c7af9173e1732c2e50d96b1c8540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3928
x-xss-protection
0
expires
Tue, 13 Aug 2024 21:53:56 GMT
en.js
embed.tawk.to/_s/v4/app/66909c6d5c9/languages/
17 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
150130
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"2fea0481da1baa4eac07e95e0f9af8a1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b378d8fa4d3a-FRA
twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
10 KB
3 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-bf24a88e.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
148972
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"c96127c9a0429d69fecbeb73fd410443"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37939604d3a-FRA
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
18 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-71978bb6.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55444be0a2c969ca3accbac48942e208c1b2526b61a653fa35256e5e843ea68e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
150128
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"0e3b7dc45d3d9727ba7db3c7b664f972"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37939624d3a-FRA
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
5 KB
2 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-7c2f6ba4.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5121123f0bf146df5fc5fc960ab3cbbc0c54fff23d2a267b154f7b179b7cec
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
150130
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"c2408935ebf139a4896476d8445dc09c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37939644d3a-FRA
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
19 KB
6 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a094bb74cec9e651867f28346b00a90ca37253ec1646ecae637c9a6c11912850
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
150128
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"e6eb580618b6c362a26f4de889298ce1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37939654d3a-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
906 B
661 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
150130
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37939684d3a-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
535 B
573 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
150130
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"c506281367048d4a134c9affbc68c8c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37939694d3a-FRA
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/
117 KB
30 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af0a695939c408bada33442f21377635c9aab0b07d73d57fd2e16d45ecc8f1a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
150130
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 12 Jul 2024 03:01:26 GMT
server
cloudflare
etag
W/"98e4ef09a2123bdee25dd85c434ed59e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b379396b4d3a-FRA
min-widget.css
embed.tawk.to/_s/v4/app/66909c6d5c9/css/ Frame 375F
24 KB
5 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
150128
cf-polished
origSize=24809
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jul 2024 03:01:25 GMT
server
cloudflare
etag
W/"2d7f176b563b25833791f4844819b5ee"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b37999c64d3a-FRA
message-preview.css
embed.tawk.to/_s/v4/app/66909c6d5c9/css/ Frame 9AD0
41 KB
8 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
150127
cf-polished
origSize=42291
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jul 2024 03:01:25 GMT
server
cloudflare
etag
W/"471037caa670344edd2ca8e96bbc2125"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b379a9d74d3a-FRA
max-widget.css
embed.tawk.to/_s/v4/app/66909c6d5c9/css/ Frame 8329
78 KB
15 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/66909c6d5c9/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df786a80d1610bb44dd11f3ae5785e34fb4e97e721a4ddc24d1cd842978ab44e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:56 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
150128
cf-polished
origSize=79618
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 12 Jul 2024 03:01:25 GMT
server
cloudflare
etag
W/"723e419e84738507cad9c170c4f9051b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b23b379b9ee4d3a-FRA
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/
295 KB
41 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Aug 2024 21:53:56 GMT
age
1637897
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41275
x-served-by
cache-fra-etou8220140-FRA, cache-mad22083-MAD
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
v3
va.tawk.to/log-performance/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://plussnow.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://plussnow.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8b23b37c8f7f4dc4-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 21:53:57 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-r0cs
v3
va.tawk.to/log-performance/
5 B
280 B
Fetch
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 12 Aug 2024 21:53:57 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-tlbf
server
cloudflare
access-control-max-age
3600
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://plussnow.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
8b23b37de9704dc4-FRA
access-control-allow-headers
content-type,x-tawk-token
snowflake-only-PNG.png
plussnow.com/pub/media/favicon/websites/5/
544 KB
545 KB
Other
General
Full URL
https://plussnow.com/pub/media/favicon/websites/5/snowflake-only-PNG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f09dbe1a12e3c894a4f47c2959e552dc644a55df6ab4a794dc6655f6899247
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
557333
last-modified
Thu, 03 Sep 2020 03:29:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9EOJz6dut3iEIVJyO6zU7CpsmIbrOoWPLwGW6rTF84BnQUyY4gh24VkD2ZC9j%2F%2Fet76Zj6MVXvLl5sz%2Baoeid5RLTm6F6vViJ6%2Fmzunb%2FiaWtN6kuOuPRW51GFVzZ4%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b37fbbb22c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Tue, 12 Aug 2025 21:53:58 GMT
snowflake-only-PNG.png
plussnow.com/pub/media/favicon/websites/5/
544 KB
0
Other
General
Full URL
https://plussnow.com/pub/media/favicon/websites/5/snowflake-only-PNG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f09dbe1a12e3c894a4f47c2959e552dc644a55df6ab4a794dc6655f6899247
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:53:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
557333
last-modified
Thu, 03 Sep 2020 03:29:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, proxy-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9EOJz6dut3iEIVJyO6zU7CpsmIbrOoWPLwGW6rTF84BnQUyY4gh24VkD2ZC9j%2F%2Fet76Zj6MVXvLl5sz%2Baoeid5RLTm6F6vViJ6%2Fmzunb%2FiaWtN6kuOuPRW51GFVzZ4%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
access-control-max-age
1000
accept-ranges
bytes
cf-ray
8b23b37fbbb22c19-FRA
access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, X-Accept-Charset,X-Accept
expires
Tue, 12 Aug 2025 21:53:58 GMT
cccf9c0c-54b4-09b5-b726-9964fa34de07.png
mcusercontent.com/d9be6e64f1ebbf8bb7b3b457b/images/ Frame ACA9
358 KB
359 KB
Image
General
Full URL
https://mcusercontent.com/d9be6e64f1ebbf8bb7b3b457b/images/cccf9c0c-54b4-09b5-b726-9964fa34de07.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
285d820192cb4e0addb8b54db5d88e977490e9ada32a2daeaef28dc21131e9a9

Request headers

Referer
https://plussnow.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:54:00 GMT
age
0
x-guploader-uploadid
AHxI1nO8f3S2pYJNGAQY5eOQF9rkm_zpApUSRhb97OGKB6IiXiHdbWkwQhPcV-oVY_W38t3MjMs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
366806
last-modified
Thu, 27 Jun 2024 06:28:08 GMT
server
UploadServer
etag
"e6240ce749a9ef337f79dce32e49da03"
x-goog-generation
1719469688035946
x-goog-hash
crc32c=SrtwGw==, md5=5iQM50mp7zN/edzjLknaAw==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
366806
accept-ranges
bytes
expires
Mon, 12 Aug 2024 22:54:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 string| LOCALE string| BASE_URL function| require function| requirejs function| define object| storageShim object| google_tag_manager object| google_tag_data object| dataLayer function| gtag number| compareProductAddAjax string| GoogleAnalyticsObject function| ga object| cookiesConfig object| checkout string| animation_time object| authenticationPopup object| Tawk_API object| Tawk_LoadStart function| pintrk function| amlazy function| amlazycallback function| loadDeferredStyles function| jQuery object| $mcSite object| __core-js_shared__ object| core object| eapps object| device object| Cookies object| cookieStorage function| mediaCheck function| RDParallax_autoinit function| tinycolor function| _ function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData function| fbq function| _fbq function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm function| fb function| globalOnRecaptchaOnLoadCallback string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_883436 object| ytp function| iOSversion string| nAgt function| isTouchSupported function| getOS number| verOffset number| ix function| uncamel function| setUnit function| setFilter object| webpackChunkgoogleReviews function| eappsGoogleReviews object| googleReviews object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

27 Cookies

Domain/Path Name / Value
plussnow.com/ Name: X-Magento-Vary
Value: 636206c657786c691d96df622d7b71445b7708f1
.plussnow.com/ Name: PHPSESSID
Value: fd50ff87accf98ef8d3e89ba940012e7
.plussnow.com/ Name: _gid
Value: GA1.2.1227657059.1723499635
.plussnow.com/ Name: _ga_PBYVHMWWN1
Value: GS1.1.1723499634.1.0.1723499634.0.0.0
.plussnow.com/ Name: _ga
Value: GA1.1.342917995.1723499635
.plussnow.com/ Name: _gat_gtag_UA_178235037_1
Value: 1
plussnow.com/ Name: form_key
Value: fY3VuETNaeQTmvid
plussnow.com/ Name: mage-cache-storage
Value: {}
plussnow.com/ Name: mage-cache-storage-section-invalidation
Value: {}
plussnow.com/ Name: mage-cache-sessid
Value: true
.pinterest.com/ Name: ar_debug
Value: 1
plussnow.com/ Name: mage-messages
Value:
.plussnow.com/ Name: _pin_unauth
Value: dWlkPU0yVm1ZamhoTmpndE5tTmtOaTAwWVRJMExXRm1OemN0TTJZeFpUVmpOalJoT1RFNQ
plussnow.com/ Name: recently_viewed_product
Value: {}
plussnow.com/ Name: recently_viewed_product_previous
Value: {}
plussnow.com/ Name: recently_compared_product
Value: {}
plussnow.com/ Name: recently_compared_product_previous
Value: {}
plussnow.com/ Name: product_data_storage
Value: {}
.plussnow.com/ Name: _fbp
Value: fb.1.1723499635264.502358280181056237
core.service.elfsight.com/ Name: elfsight_viewed_recently
Value: 1
.list-manage.com/ Name: _abck
Value: 1AC2CAF00C86891295CC2985256E3490~-1~YAAQtHp7XKzUIkWRAQAAhWKVSAwqHZJKb4BQiHHgKtiA9btEn3GhTV+X7nKtm2ctzI+5eD2G5gFIxC02n5/8g8D+e/SJ1ijjz+CTF6F60xew1Xez309pSHawDkAKzdC3kIi0uusPBHTSTiek+Sux3SLHBfcd1HFrp6zXaZ2EPddHc1eA6Kyx9lrycznaHkpvPy9rczJeLUHN6NXhCPwmgCBEWgauyvhdluFQla/qNjSDB/QrdQMJQNlJyhu/+heNBK7k8Jg1nDmHM3wukTRaYrmsc4REU/SHFv9tPTxWfRPoBM8Fh575+5MjWfa0tOCRpJ+jWMDeshjacmXtAoLvutDaNrHZRjkpcADq6Zj8M7lAxEWUmt4Aa/i3l+nSMklh~-1~-1~-1
.us15.list-manage.com/ Name: ak_bmsc
Value: E5B90FF49BF275820AA611CBC99CCC94~000000000000000000000000000000~YAAQtHp7XK3UIkWRAQAAhWKVSBhOnOeaqQF1HZyE1e3ICCWSC0nmMSJJVgdFDViYf/bjtBQ0AU9P0HEU8iMxmLukq6J8RnBowgYg5qzUMpVlG35jrRp6OeV8oudwWKREWNr54pGovMQv9mblM6iuO8rC41PnV9OCv3mgjUo01/AUCbdu0e6xweMH/Gg7/1Uz+LroJ6kMo9MPrRkbficwSwIAxJ6nPkrjmc/RSfWv3k0exiVPfUkRHG1kRcd0Yr59goD3dpTDZrVys0f9RoDDhD6SQZR8291xrDEd2hGf7qnuY14iRNFJ5PdkwEDEIH4ooG4VeOQB1wo+XBoujyyORWu7AHpCdId3IdSZyEQPkzUO9IKvUMnf05kYfDBPwZRUIP2H6PyDEphfyuuFCEpvAHloNwo=
.list-manage.com/ Name: bm_sz
Value: DAC8B1FDBB0A52C7E835F59EBD274BE3~YAAQtHp7XK7UIkWRAQAAhWKVSBiOZby4x5ZzHw8N/8L3cpBC4ZnGZXqUsX/9SmB+4MEQukZhkMgG86fJpqCMB63Q0bMr2osSu3nmTPYTwMqEUW7cuUYncX0+AZYBGESvXqejGRNsfzHFKDi90tD98JolJpcvZbXrIk1rY44ai8uBlr108ZQsk07zEwIfNb5B98GoAOctEkw70FR2qX1DvHRA9itAIO1/k7o0STi0m7Zu0+S2PBs0V4af27uBF+X445yA8Z/VQ1RkTUpAMsW8QEd3iv8NRGMoCuoWGO6PIpmIMMmY0jAjpHgCtaiUT5ZWJIKQBls88whmhVPenB/lyW/eb6iJV9jbgeZFD4ZxV2o3ulth00U6Sd8ZbHk=~3360066~3683907
.plussnow.com/ Name: form_key
Value: fY3VuETNaeQTmvid
plussnow.com/ Name: twk_idm_key
Value: vyTMZMumTtQPAJBulocq1
plussnow.com/ Name: TawkConnectionTime
Value: 0
.plussnow.com/ Name: twk_uuid_5d8315e99f6b7a4457e27394
Value: %7B%22uuid%22%3A%221.Swu9IAjvffSP3IKDEzIgn82HIwbEtSoM0L1Yygyu32lBuHG3YqFDH0Shg1H1FyEYorkLBgHLL8uQQTaEF9dWbuHnHBDLx2jMwSbJdtZ77ItpaDvPdkq12%22%2C%22version%22%3A3%2C%22domain%22%3A%22plussnow.com%22%2C%22ts%22%3A1723499636667%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
chimpstatic.com
connect.facebook.net
core.service.elfsight.com
ct.pinterest.com
downloads.mailchimp.com
embed.tawk.to
fonts.googleapis.com
img.icons8.com
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
mc.us15.list-manage.com
mcusercontent.com
plussnow.com
region1.google-analytics.com
s.pinimg.com
service-reviews-ultimate.elfsight.com
static.elfsight.com
va.tawk.to
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
104.18.10.207
157.240.0.6
172.217.18.100
172.67.15.14
172.67.22.83
18.245.46.47
188.114.97.3
2001:4860:4802:32::36
216.58.206.78
23.206.208.183
23.48.14.127
2606:4700:10::6816:445f
2a00:1450:4001:806::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
2a02:6ea0:c700::19
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:6f::84
34.96.122.219
95.100.65.46
006dd46d12be854ba789402d1ab32c3aa8d1f0934a7b2d5929e9c6a716f016de
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843
1325fbbd83887b4b56f821607648184ecaf3f1ee716363657064055fece579b4
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
144bc3bf1032ff3447386db5be8461170a735d46b4bc52008fe291ff4a033f48
19389b1aed6e3b2d183a7de696e0ea23b9f5191766ad1400386b1fb154fac839
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1b168b3e420d7602a8a06dcb0a324c00c32a68a8d65bb76b9de14b4020e4e9a9
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
1f7af0c15ed1b1fc7a158fb2b46c84696c78d52635fcc35aa65d83db7023baed
21109ad7e5eadc2a5f64f1bf929685df582acf4a612d21f659efa44aad047af9
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492
23416fbd762aa416465addcac4875528ee668b216ed107da83a5d4e49fd657ad
237b4750dad3793da8e8632bb02d1d60ac1651bd0e9aebcebdbf0f9b83dae835
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
285d820192cb4e0addb8b54db5d88e977490e9ada32a2daeaef28dc21131e9a9
2ad9115e66c3a06500ff3bf37e79c5b0333310f18aa90fe0de51067ab2e1b850
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
329622b39b0743628824776ffd95c8eba5c6cac6ef694f97676845ac8023a10d
3383b6eced84fe5c180954edef24ed094868c253fd0edca5f66b1143b3f173eb
33da58f7b4901d6faaa4700111d100d637dbfcdac23a6e4eaf27b38352339184
34443e9887d93d7f4e101d94886dcefe2b3de3e35b42d6a71fb72a6df66588bc
346307c922e4644c71afcc7bfa1773dd364179891ac04fed493e906ec515c7a9
3484d746b4881769bd5e97881710200168a34ef55cdcad79062314825836634d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39593980d27d8aacd752117ed54b66e48a93404f3172d122690d4b74b22dcdbc
39f6a9ad11420e6a5ff3f369eee58a72b754874f6063825d01b5e040335864db
3d5d3565eaefe455bca4ace3e83c37cda7815373cdac3ba3f45f0680a079ac19
43a2ab4b5138359930701069c68e0de09fcc6dd3340fdb05509b45fddf471bad
47e30419caab6c17e6be020c300d53bdbd9bab6709d8bc10696b1998cb47d3f6
4af0a695939c408bada33442f21377635c9aab0b07d73d57fd2e16d45ecc8f1a
4d3c9c6ca0677621ba1078ff2fa987966c55ebf74c0a56509fffba058d096235
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52acb16a8aa7f3c1b95914467b95612af5c70c5b724e492831422ffa9755c1e8
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
55444be0a2c969ca3accbac48942e208c1b2526b61a653fa35256e5e843ea68e
58d1085265f4c2160763a8505e9161fcada36e7088ab970ed47213bbe4d463e7
5d2c0c945c4974e73b969f7011aac63bc2429b0776cc020b613d9c252872d9c9
5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b
61831e526e525ae4c74db182e2674347ab4bcc11808794038c78ae6bd6e607c0
61cdc99ca024d533a762a942b9539380040c000cff95a26123a393021c3b2d66
641031614b9b82a7cfcc66627a26096f04879893ac9022e6699986dd982fbb04
66d48a402a969e86397b1c70b0e284704e02b0838e10b31c0b59dc9cf7e89f06
68a9b1139814e64d611803563a31cd79429fb475f23854db40c5b60e0dcad1e9
6a95210011bd43bf69aeb41930e0f8f6b770c6c65031e58e9a45294e16a9c278
6b637b729cc29c4f0047a92c2853d7958b62b7213ee8cfdb9696db5afb14cfd1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7204474a380a6bfdb883d71bc0f2737855a4068fc4b296d61547ca5f9afe6095
73003e9083e79d5ae68e9b7468019eee4c2d3066bfc400e46e038e7a93fe15ed
76f09dbe1a12e3c894a4f47c2959e552dc644a55df6ab4a794dc6655f6899247
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a5121123f0bf146df5fc5fc960ab3cbbc0c54fff23d2a267b154f7b179b7cec
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
804e7edeba9edfbc93197c63f79ca0c010e4cbf66c6ae3ffd944ae4c8fd3f4cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843e3010f16f750513e9b2de983cbc5aa7833ab5186e05a95e617f6dcc380c46
882e03d9ea70b174caf7b6de682181649a2c7302ebf22facbdeba925e880d1af
8959aa901d3a45195e9e4d5f8b0fccf96fe6a49be1d113db2be7b25e5fde65e7
8996fb740b541adc5effdc01ea5067d72d1fd0c30cc1438e0195acc4111d9198
8c398b4ce94e2b1e42a4eb77ec66dfd228fcff631fdd9c0c74f8cce047d12072
8d318864214c0b93b160a43279c36ce79e4d8bdcbec2d251b40a60bead4304ed
91a3ffba541f8ca3087076ae9fcfc48ccb9c8b456e54012fd3f8fa660855bb70
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94b1414902c53b5892a3adb6b1303288d70fb448e5d3a8ae6c19020a95dde6a3
94fdb1a7383e7ac933497c8b8d38e2c526f1f6be6dbcc4777458455629f0aea2
9b9a1fd396f727db8017685080d790d824738c9e1c81080ef0ed9b74ac549c0a
a094bb74cec9e651867f28346b00a90ca37253ec1646ecae637c9a6c11912850
a22b3e33bcc7a6441c9eece14d8541e5f52f4b439d8c601b145448c91773d409
a2587a2bd803bf581a5ef7a11f031b36461bb57ebacadec993494d2557b0fa0e
a8fc6486d30a2615ea451b9b4b37025368266e409671fceaa5d022e5c969748e
aa34ca7e8c170455a6426a68de94822a040f58ad1e4c66a1ebd2053580ee3edf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac2703bdccf412e09b63cf5fce781a258a9b8548ba8a314330c8e5a5b8e9fa5b
aea348ae935df8e309fcb0bd3ed083b4ef1074a9e44bfbbc230eeb8cf990f1a0
b07caed1e83c3660afbb69dbfec92df28ec79e5c706d189112045cd4fb3904f7
b682bfdf2a46293dbdf9bafc0dd2c8eb5d2e2066344724a9cf55cb98a581bb0b
bdf4579a1aa18c172181532dc07ae4d9cef4c7af9173e1732c2e50d96b1c8540
be7c3d60add95532333a05c110d4081987e19427bee8962965ab25cdc861c97e
c49135f915d17fcda0c0997623a8901642f1cbdad338bc9b07dc987105a99c8c
c6d3d7460edb977008a05185c178bea15850e5c7beee61983b2ea272ba1329ee
c8f4d039e134f2358eef57daae8d3a1d735ff9cdfa0951355a832f7dc30d8a93
ca35424a437fab98e5cfbe32e08d4235aa34167a3218d4685bb89debceaea396
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce317375c7eaabfa9279b249ebe220dfec4ecc781f97419f688192aaf70a0c6c
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df786a80d1610bb44dd11f3ae5785e34fb4e97e721a4ddc24d1cd842978ab44e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
ef901cbf4affe214fbfacfa146d3283cbb1efd1352e0dd2df44f08175f8ee809
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f62c25b3750adf917a7e51aecbc1f73c865b777ea0c2b822b90ee7d13305e1eb
f87358be5cf55cff3f3398d8918f3e9aa7557dc27a2c6a71dfd3545a2eedde3d
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84