southbank.leavetheherdbehind.com Open in urlscan Pro
35.238.2.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://southbank.leavetheherdbehind.com/
Submission: On August 20 via automatic, source certstream-suspicious (August 20th 2021, 3:04:31 pm UTC)

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 55 HTTP transactions. The main IP is 35.238.2.132, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is southbank.leavetheherdbehind.com.
TLS certificate: Issued by R3 on August 20th 2021. Valid for: 3 months.

This is the only time southbank.leavetheherdbehind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.238.2.132 35.238.2.132	15169 (GOOGLE) (GOOGLE)
6	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	13.224.98.48 13.224.98.48	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
15	13.224.196.47 13.224.196.47	16509 (AMAZON-02) (AMAZON-02)
3	104.18.9.127 104.18.9.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:600:1b:4f00:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a04:4e42:200... 2a04:4e42:200::268	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.87.87 13.225.87.87	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.26 151.101.13.26	54113 (FASTLY) (FASTLY)
3	13.225.87.96 13.225.87.96	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:8e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::6815:2e5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.194.186.173 54.194.186.173	16509 (AMAZON-02) (AMAZON-02)
1	34.215.192.98 34.215.192.98	16509 (AMAZON-02) (AMAZON-02)
55	21

1 35.238.2.132 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 132.2.238.35.bc.googleusercontent.com

southbank.leavetheherdbehind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

stores-cdn.cloudwaitress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.98.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-98-48.zrh50.r.cloudfront.net

api.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.224.196.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-47.fra2.r.cloudfront.net

static.cheerfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.9.127 (United States)

ASN13335 (CLOUDFLARENET, US)

jstest.authorize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:600:1b:4f00:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.emergepay.chargeitpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-87.fra2.r.cloudfront.net

cdn.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.26 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-96.fra2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

geo-targetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:8e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:2e5e (United States)

ASN13335 (CLOUDFLARENET, US)

api.cloudwaitress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.186.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-186-173.eu-west-1.compute.amazonaws.com

user.cheerfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.192.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-192-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cheerfy.com static.cheerfy.com user.cheerfy.com	534 KB
7	googleapis.com fonts.googleapis.com maps.googleapis.com	169 KB
7	cloudwaitress.com stores-cdn.cloudwaitress.com api.cloudwaitress.com	985 KB
5	gstatic.com fonts.gstatic.com	97 KB
4	stripe.com js.stripe.com m.stripe.com	67 KB
3	authorize.net jstest.authorize.net	9 KB
2	stripe.network m.stripe.network	20 KB
2	mapbox.com api.mapbox.com	178 KB
1	geo-targetly.com geo-targetly.com	1 KB
1	polyfill.io cdn.polyfill.io	589 B
1	checkout.com cdn.checkout.com	21 KB
1	ucarecdn.com ucarecdn.com	451 KB
1	shopify.com cdn.shopify.com	160 KB
1	jquery.com code.jquery.com	30 KB
1	chargeitpro.com assets.emergepay.chargeitpro.com	12 KB
1	leavetheherdbehind.com southbank.leavetheherdbehind.com	280 KB
55	16

	Domain	Requested by
15	static.cheerfy.com	southbank.leavetheherdbehind.com static.cheerfy.com
6	stores-cdn.cloudwaitress.com	southbank.leavetheherdbehind.com
5	fonts.gstatic.com	fonts.googleapis.com
4	maps.googleapis.com	southbank.leavetheherdbehind.com maps.googleapis.com
3	js.stripe.com	southbank.leavetheherdbehind.com js.stripe.com
3	jstest.authorize.net	southbank.leavetheherdbehind.com jstest.authorize.net
3	fonts.googleapis.com	southbank.leavetheherdbehind.com static.cheerfy.com
2	user.cheerfy.com	static.cheerfy.com user.cheerfy.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	api.mapbox.com	southbank.leavetheherdbehind.com
1	m.stripe.com	m.stripe.network
1	api.cloudwaitress.com	stores-cdn.cloudwaitress.com
1	geo-targetly.com	southbank.leavetheherdbehind.com
1	cdn.polyfill.io	southbank.leavetheherdbehind.com
1	cdn.checkout.com	southbank.leavetheherdbehind.com
1	ucarecdn.com	southbank.leavetheherdbehind.com
1	cdn.shopify.com	southbank.leavetheherdbehind.com
1	code.jquery.com	southbank.leavetheherdbehind.com
1	assets.emergepay.chargeitpro.com	southbank.leavetheherdbehind.com
1	southbank.leavetheherdbehind.com
55	20

This site contains links to these domains. Also see Links.

Domain
leavetheherdbehind.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
southbank.leavetheherdbehind.com R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
stores-cdn.cloudwaitress.com R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
api.mapbox.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.cheerfy.com Amazon	`2020-11-14` - `2021-12-13`	a year	crt.sh
jstest.authorize.net Cloudflare Inc ECC CA-3	`2021-08-08` - `2022-08-07`	a year	crt.sh
*.emergepay.chargeitpro.com Amazon	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
ucarecdn.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.checkout.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-16` - `2021-10-17`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
geo-targetly.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh

This page contains 4 frames:

Primary Page: https://southbank.leavetheherdbehind.com/
Frame ID: 91C3099DD422F5520B240EA1B0B71B9E
Requests: 50 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: 6EEB2CA9E0B176FC7C4409B40997F036
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1A558E6F875EA55E9EBB1D4729CFDB53
Requests: 3 HTTP requests in this frame

Frame: https://user.cheerfy.com/
Frame ID: D6A816588461162210E5A87B2204FB90
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Black Sheep Coffee - Southbank

Page Statistics

55
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

20
Subdomains

21
IPs

4
Countries

3015 kB
Transfer

6619 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://leavetheherdbehind.com/
Title: Southbank

Search URL Search Domain Scan URL

URL: https://www.facebook.com/leavetheherdbehind/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/black_sheep_coffee/

Search URL Search Domain Scan URL

URL: https://twitter.com/leavetheherd

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
southbank.leavetheherdbehind.com/ 280 KB
280 KB 1161ms
873ms Document
text/html 35.238.2.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://southbank.leavetheherdbehind.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.238.2.132 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

132.2.238.35.bc.googleusercontent.com

Software

Resource Hash

c87b83f31b48b2c753f3a559a60ce2898f378056b54e9893b045447e6f1d88fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: southbank.leavetheherdbehind.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
content-length: 286287
etag: "45e4f-2sWaNBrWwxeAuCYfpfFPdyIyR3Q"
date: Fri, 20 Aug 2021 15:04:06 GMT
connection: close

GET
H2 200 reset.css
stores-cdn.cloudwaitress.com/ 1 KB
951 B 67ms
17ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stores-cdn.cloudwaitress.com/reset.css

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

771e226c11b3f37a12bed6bb3092e0d57112cf25dd8b34df129695024b869f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 04:39:14 GMT
etag: W/"525-17aeb68d550"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
x-hw: 1629471847.cds143.am5.hn,1629471847.cds259.am5.c
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 642
x-xss-protection: 1; mode=block

GET
H2 200 svg-with-js.css
stores-cdn.cloudwaitress.com/ 7 KB
2 KB 67ms
17ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stores-cdn.cloudwaitress.com/svg-with-js.css

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

be616edbc8c3aabbac42f5a1af03d4e00abc5a8516d9ef6ae3872f7574ef87fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Dec 2020 11:39:00 GMT
etag: W/"1d1f-176948b8420"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
x-hw: 1629471847.cds143.am5.hn,1629471847.cds280.am5.c
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 1536
x-xss-protection: 1; mode=block

GET
H2 200 main.8532eac8d6cbafe2d296.css
stores-cdn.cloudwaitress.com/ 101 KB
13 KB 68ms
18ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stores-cdn.cloudwaitress.com/main.8532eac8d6cbafe2d296.css

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

82d66bdcf0d15b95356785b3c8fbe6a9e31132ae8eb43d5ae2189b259b5afac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Dec 2020 11:40:31 GMT
etag: W/"19585-176948ce798"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
x-hw: 1629471847.cds143.am5.hn,1629471847.cds257.am5.c
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 12958
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v0.54.0/ 31 KB
8 KB 40ms
12ms Stylesheet
text/css 13.224.98.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v0.54.0/mapbox-gl.css
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.98.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-98-48.zrh50.r.cloudfront.net
Software: / Express
Resource Hash: 024a355f20381b217f25a9d12d6be10d2f43334fb75b7a3750419267f44c0322

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 00:29:11 GMT
Content-Encoding: gzip
Age: 6014096
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu Apr 25 2019 15:32:24 GMT+0000 (Coordinated Universal Time)
ETag: "190b2d4ca8040044e5497f789a7123d8"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: Ad7dmNXgy9e4GLMj6qJ8ucHAd4pgrvf7WnX0vGt861O7YtqicbhW8Q==

GET
H2 200 css
fonts.googleapis.com/ 981 B
505 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton:regular

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77b4a53dfe83fddfeea62c10e0101bff925a490b644ad12867479d9538ecd42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 15:04:07 GMT
server: ESF
date: Fri, 20 Aug 2021 15:04:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 15:04:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
536 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Courier%20Prime:regular,italic,700,700italic

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06a40ce18054a41cd1d9dd7c8b631a67fcaa3917400de605ef7ba9e9ac4578c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 15:04:07 GMT
server: ESF
date: Fri, 20 Aug 2021 15:04:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 15:04:07 GMT

GET
H2 200 cheerfy_cw.css
static.cheerfy.com/integration/ 2 KB
3 KB 61ms
10ms Stylesheet
text/css 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw.css
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5fed0b43fde0c2aa2301fb880fb240d675e1b39ce158d487d5167dbc8014be7

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WAYiNy6JJfNSEMYWhNeU_p4AwFeSI0ud
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jun 2021 09:11:23 GMT
server: AmazonS3
age: 28091
etag: "1664b551eeb7f242b7ecb67c63d480a4"
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 20 Aug 2021 07:15:57 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2458
x-amz-cf-id: cS8Mk3jrz5wM9htYU2-pDDAK5s1PFIWVrWDlxyph2dk-uqv8u-PF3A==

GET
H2 200 cheerfy_cw_card_design.css
static.cheerfy.com/integration/ 5 KB
5 KB 73ms
22ms Stylesheet
text/css 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_card_design.css
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dc2560573246785189308956844fd7421a6651878d45c80cdfe8479b0ed7f0b

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4xnljCdX0RG1IEVpZbccuOfYND8Mrwvx
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 11:41:49 GMT
server: AmazonS3
age: 12992
etag: "fcb3472c693121a969bb77a220d329db"
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 20 Aug 2021 11:27:36 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 5010
x-amz-cf-id: DmOWmvN2c9iOvkwcS6bzM7M0otE2TkgzpAY3CVi7jFl3CrlylRChvQ==

GET
H2 200 cheerfy_cw_scroll_product.css
static.cheerfy.com/integration/ 2 KB
2 KB 68ms
17ms Stylesheet
text/css 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_scroll_product.css
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adf5df64b22094bba0846e20e0dbad1b39bc187a7e713df42af0a1e356d8b4d9

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: d0R2UVSfLNDo1fje5v2cMszjfpGbbEEM
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Fri, 05 Feb 2021 20:10:59 GMT
server: AmazonS3
age: 19738
etag: "9191adbdbae0ce551c1c0a75cab44572"
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 20 Aug 2021 09:35:10 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1680
x-amz-cf-id: jIJzaoAurYYd2U2vvHkFtn9UKxuGoa9UJfOEKC0xk3AAkIz8jjQJbQ==

GET
H2 200 Accept.js Show response
jstest.authorize.net/v1/ 4 KB
2 KB 79ms
33ms Script
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jstest.authorize.net/v1/Accept.js

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f5462b2ccec78d8749981a52df4f9739c6955f40a40008274f3d24218639ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2019 19:36:09 GMT
server: cloudflare
age: 488
etag: W/"c89cac53a169d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 681c83281e812169-DUS
expires: Wed, 25 Aug 2021 15:04:07 GMT

GET
H2 200 cip-hosted-url.js Show response
assets.emergepay.chargeitpro.com/ 44 KB
12 KB 102ms
18ms Script
application/javascript 2600:9000:20eb:600:1b:4f00:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.emergepay.chargeitpro.com/cip-hosted-url.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:600:1b:4f00:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0586332823c084d41a4af6d82f46ed2d30ef47bad90f026915bcbcba2c78b09

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 23:33:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "f02fc5f3091c26c4bb6085df6385d8c9"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 11834
x-amz-cf-id: VmeH1r9za1AhsTZVxUzHCNPOQ0Dz4HEGEJsd5ClGoPG-bCPMDtCMOA==

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 32ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1629471847.dop142.fr8.t,1629471847.cds281.fr8.hn,1629471847.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 logo_cream_use.png
cdn.shopify.com/s/files/1/0013/8530/0032/files/ 159 KB
160 KB 194ms
194ms Image
image/webp 2a04:4e42:200::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0013/8530/0032/files/logo_cream_use.png?v=1616520348

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19149-FRA /

Resource Hash

7c963c577c25c864098aa8bab40e66238312ffa1e518d4af259d775b31dacdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
content-length: 162968
x-xss-protection: 1; mode=block
x-request-id: 067682dcc642eb8a3f0152067e37d2fe22fc9847f9d66dc27cb6b6743e606a8b
x-served-by: cache-lga13621-LGA, cache-fra19149-FRA
last-modified: Thu, 29 Jul 2021 06:59:26 GMT
server: cache-fra19149-FRA
x-timer: S1629471848.652678,VS0,VE188
date: Fri, 20 Aug 2021 15:04:07 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 29 Jul 2022 06:59:25 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0013/8530/0032/files/logo_cream_use.png>; rel="canonical"
x-cache-hits: 1, 0

GET
H3-29 200 icon
fonts.googleapis.com/ 568 B
365 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.cheerfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 15:04:07 GMT
server: ESF
date: Fri, 20 Aug 2021 15:04:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 15:04:07 GMT

GET
H2 200 AcceptCore.js Show response
jstest.authorize.net/v1/ 9 KB
3 KB 31ms
31ms Script
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jstest.authorize.net/v1/AcceptCore.js

Requested by

Host: jstest.authorize.net
URL: https://jstest.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
age: 488
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 681c83286f252169-DUS
expires: Wed, 25 Aug 2021 15:04:07 GMT

GET
H2 200 AcceptCore.js Show response
jstest.authorize.net/v1/ 9 KB
3 KB 4250ms
4220ms XHR
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jstest.authorize.net/v1/AcceptCore.js

Requested by

Host: jstest.authorize.net
URL: https://jstest.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 681c83288b928749-DUS
expires: Wed, 25 Aug 2021 15:04:08 GMT

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 056d00be1429e645203a6f3b1897806162612a0631057b2baa873585748bdb25

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cheerfy-copy.jpg
ucarecdn.com/426a95bd-021e-46c3-bcb6-b79c92dc5a94/-/format/auto/-/progressive/yes/ 450 KB
451 KB 397ms
371ms Image
image/webp 2a02:26f0:6c00::210:ba09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/426a95bd-021e-46c3-bcb6-b79c92dc5a94/-/format/auto/-/progressive/yes/cheerfy-copy.jpg
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60ec7656e23da55c596ac0c83f54ece88fc8aa4850382c105c33ee01e2b14bb2

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:08 GMT
x-image-width: 4000
server: nginx
content-disposition: inline; filename=cheerfy-copy.jpg
etag: "488b520c31e3fe0a4007be789d3b0a6a"
vary: Accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height
cache-control: public, max-age=24184137
x-image-height: 1053
content-length: 460760

GET
H2 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v15/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v15/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Anton:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a2662060f5b17fafc19b885c79eadab873724355fe308f45c2e730475d67b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://southbank.leavetheherdbehind.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:26:29 GMT
x-content-type-options: nosniff
age: 333458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17064
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 21:14:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:26:29 GMT

GET
H3-29 200 u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2
fonts.gstatic.com/s/courierprime/v2/ 18 KB
18 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v2/u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courier%20Prime:regular,italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f857186527a5ad90fa24311947966582bdbdfcfcc8373e60a203f95f5b2b6ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://southbank.leavetheherdbehind.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:57:40 GMT
x-content-type-options: nosniff
age: 119187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18764
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:47:51 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 05:57:40 GMT

GET
H3-29 200 u-4k0q2lgwslOqpF_6gQ8kELY7pMT-Dfqw.woff2
fonts.gstatic.com/s/courierprime/v2/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v2/u-4k0q2lgwslOqpF_6gQ8kELY7pMT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courier%20Prime:regular,italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447f59a9c87be6c7611397efdd4dd3b4245f562e63140713a2046821d6008b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://southbank.leavetheherdbehind.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:56:57 GMT
x-content-type-options: nosniff
age: 328030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19416
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:49:03 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 19:56:57 GMT

GET
H3-29 200 u-4i0q2lgwslOqpF_6gQ8kELawRR4-Lvqdns.woff2
fonts.gstatic.com/s/courierprime/v2/ 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v2/u-4i0q2lgwslOqpF_6gQ8kELawRR4-Lvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courier%20Prime:regular,italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

249730a85539b99b86ed483ca240128c7689e4ef71f347463cd12c3392c7f9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://southbank.leavetheherdbehind.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:13:10 GMT
x-content-type-options: nosniff
age: 334257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22108
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:50:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:13:10 GMT

GET
H2 200 framesv2.min.js Show response
cdn.checkout.com/js/ 56 KB
21 KB 71ms
9ms Script
application/javascript 13.225.87.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.checkout.com/js/framesv2.min.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-87.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 0aa9a844ab06452dc479f3b6904cfe5f15e446872172ce0458f383e8e6b1c0a4

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:02:17 GMT
content-encoding: gzip
server: nginx
age: 131689
etag: W/"deb9-hmp6uEqrC0xImD0/aV27YTHDGVw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 3hxhply_pMMFLqnNIKmVlnkGMUWFpsXtG2OdEfG2s9YeOh2fSkjULw==
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
589 B 46ms
21ms Script
text/javascript 151.101.13.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en-GB

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.26 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1931488
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 28 Jul 2021 20:34:45 GMT
date: Fri, 20 Aug 2021 15:04:11 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
js.stripe.com/v3/ 235 KB
64 KB 100ms
40ms Script
application/javascript 13.225.87.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-96.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a756773b693ded1566a8f2c8bb1a800c4c4fa47058dabbfd14016397ff54c8be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:02:53 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 79
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 6DB2GTXDRPWWW188
x-amz-id-2: l+iqCyqwisPgfV17hQyTp5L7N8Kxr5hzEZn5GZdmjDAwNImiLZ1Teix7oZDa4zuocZfS06WhBxs=
last-modified: Thu, 19 Aug 2021 22:39:57 GMT
server: AmazonS3
etag: W/"980d01d7df16148077e39e2d18a454f7"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: tHftb0PEInrNwQVEkTOaNgDXSx5b_7zGgIPalXbo9zRcOXHmSqYZFw==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 146 KB
47 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAc_6JJnBdHbKjXGeoKIznTE22-YaRRuSA&libraries=geometry,places

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

19908ea134ce6ca74eaabde288b31071f66386a55f93ce22538aed24c70843e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:11 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48255
x-xss-protection: 0
expires: Fri, 20 Aug 2021 15:34:11 GMT

GET
H/1.1 200
OK mapbox-gl.js Show response
api.mapbox.com/mapbox-gl-js/v0.54.0/ 666 KB
170 KB 23ms
20ms Script
application/javascript 13.224.98.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v0.54.0/mapbox-gl.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.98.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-98-48.zrh50.r.cloudfront.net
Software: / Express
Resource Hash: 1e8d37aa129076389ff1ac3107cac72419ae0f4fb465eadb4d5d6079ee87c06d

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 21:57:10 GMT
Content-Encoding: gzip
Age: 21661621
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu Apr 25 2019 15:20:28 GMT+0000 (Coordinated Universal Time)
ETag: "8e9037b8c7bfeeab385f6330fa42a97f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 7-vCcV1s8JDFgOJyG1QGHdREvWLv4krJIKUdBCPHrv945VMKbohcUA==

GET
H2 200 runtime.7d33acd2d581bce0ea28.js Show response
stores-cdn.cloudwaitress.com/ 2 KB
943 B 21ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stores-cdn.cloudwaitress.com/runtime.7d33acd2d581bce0ea28.js

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

997d898bffbf1cdac1d77119314eb59d21ef3867cf5f30e29256ff31ead28741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 08:34:15 GMT
etag: W/"614-17ac8337b58"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
x-hw: 1629471851.cds143.am5.hn,1629471851.cds257.am5.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 776
x-xss-protection: 1; mode=block

GET
H2 200 vendors.03373296235d5023d752.js Show response
stores-cdn.cloudwaitress.com/ 2 MB
816 KB 22ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stores-cdn.cloudwaitress.com/vendors.03373296235d5023d752.js

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

6e58d3ec624888e04e7be7cc02da998ef4588cee76ec2fd3e53065ebfef32626

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 05:23:05 GMT
etag: W/"27ee80-17b33aa02a8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
x-hw: 1629471851.cds143.am5.hn,1629471851.cds078.am5.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 835117
x-xss-protection: 1; mode=block

GET
H2 200 main.c7a6c70ed0915ffe5c85.js Show response
stores-cdn.cloudwaitress.com/ 651 KB
144 KB 43ms
40ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stores-cdn.cloudwaitress.com/main.c7a6c70ed0915ffe5c85.js

Requested by

Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

828d1b071bb9dae9dde37afb3d5e0fda1a23a211b3ac620a0a665034f2b8d6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 05:25:33 GMT
etag: W/"a2bc0-17b57b8c8c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
x-hw: 1629471851.cds143.am5.hn,1629471851.cds080.am5.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 146791
x-xss-protection: 1; mode=block

GET
H2 200 geolocation Show response
geo-targetly.com/ 6 KB
1 KB 150ms
121ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo-targetly.com/geolocation?id=-LmPAwNYDW-KdLZGoGKA
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: e24af171e5f0ebec8303aac74436c5f2f95a67b9989d0d3786471650c054e79c

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:11 GMT
content-encoding: gzip
etag: W/"178e-A82OFJuZb9QDkrBr+yX0jbXoWMU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 google
x-cloud-trace-context: 11f23e4889e014edba3c0a8666f16672/2868902847412305394;o=0
cache-control: private, no-cache, no-store, must-revalidate

GET
H2 200 cheerfy_cw.js Show response
static.cheerfy.com/integration/ 69 KB
69 KB 18ms
15ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecf26947839e8373bedc17fe50264da45230fc654724f86e489268c65adabb8c

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3LhxAxDt6PEJ7rXahmoLz_Q_h22FqVyW
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 16:14:06 GMT
server: AmazonS3
age: 12995
etag: "0d45543831d678407897e1e5f8d2d5d8"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 11:27:37 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 70482
x-amz-cf-id: CYPy1a2VlOC9AXuet5qSGxDXzTj5q9NNq4_xBK609G24JgThPKLUOQ==

GET
H2 200 cheerfy_cw_remove_category_all.js Show response
static.cheerfy.com/integration/ 724 B
1 KB 25ms
22ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_remove_category_all.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94daa09b47008e1a353a240042b64c40b5dbb580bfc7cc5ef537679590d194e9

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qfY_CAtMAQorYFozXntsa1gNrj9arYyw
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "ca9d52b95a045df9e7b0b1e541c5867f"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 15:04:11 GMT
accept-ranges: bytes
content-length: 724
x-amz-cf-id: bbKbJ62Eq9PvKdWH3fnlDMUdfUCodrH6C33iq9awnby33DNiTmY6vw==

GET
H2 200 cheerfy_cw_display_only_menu_type.js Show response
static.cheerfy.com/integration/ 7 KB
7 KB 17ms
15ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_display_only_menu_type.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a11b0dfe9df3a7d3959a83353f6638b326ba4dc464ddbef8cd9187e8c6a37246

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: atZU2gt4E0owHwYdVEJw5WcRyzNHbX8i
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "4d97c507c56a5aea673cd88abc4ea3e6"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 15:04:11 GMT
accept-ranges: bytes
content-length: 7174
x-amz-cf-id: _Pc2yeN2SPX0aFA-7bRXhHcXOLU2sPzGTwcQZ3PTqLifDLpbj65qjA==

GET
H2 200 cheerfy_cw_card_design.js Show response
static.cheerfy.com/integration/ 3 KB
3 KB 19ms
17ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_card_design.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c4ac22dc4af48a5ec1d9004c0fea7f0f28aa75f43998eb208eb4b2a2e395d9f

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Y9CvbKUWMBk_h_bYhn39rcQ.GmdPGS2N
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 11:41:49 GMT
server: AmazonS3
age: 12995
etag: "22b6c46b3e8157e1f8fc922858a4e6c3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 11:27:37 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3034
x-amz-cf-id: 5U-CV9EQYUyDLgry5pNLRBXF4zeeplkL0uQMRFHouee3YbAN5TTXoQ==

GET
H2 200 cheerfy_cw_scroll_product.js Show response
static.cheerfy.com/integration/ 18 KB
19 KB 13ms
10ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_scroll_product.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef06e0a7e34793348cf169b21db317593bd488eeedf54600644a28395e741542

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:22:59 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:18:40 GMT
server: AmazonS3
age: 74473
etag: "1a2553098be6431cf589a23cfc1932c7"
x-cache: Hit from cloudfront
x-amz-version-id: iIcgDQL8VcEsIGiyCDnjLqgEaVn73bcQ
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 18856
x-amz-cf-id: yZwW8KBiYNYw0b9BuXZZtIr3XS6DYRPqQbEbjCqgd4wAsr5togIrgQ==

GET
H2 200 cheerfy_cw_refresh_status_page.js Show response
static.cheerfy.com/integration/ 2 KB
2 KB 12ms
10ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/cheerfy_cw_refresh_status_page.js
Requested by: Host: southbank.leavetheherdbehind.com
URL: https://southbank.leavetheherdbehind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d0476cc1d4ab67ca5e2bed7f647b830994fc0a10e4eb4aac3e708763b510c10

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 19:11:29 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 30 Jun 2021 08:34:38 GMT
server: AmazonS3
age: 71563
etag: "636ec5864e04edca5e4038fcc6a4f793"
x-cache: Hit from cloudfront
x-amz-version-id: dfUBIz.OO2LJO.R6E0RJg2_smyPI26V0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1637
x-amz-cf-id: G_TZhVyVUwN-CKN50cQ6BJnOcit7fm5zRaoC0Cg68-UsaFblxaAQzg==

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response
js.stripe.com/v3/ Frame 6EEB 215 B
951 B 23ms
22ms Document
text/html 13.225.87.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-96.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://southbank.leavetheherdbehind.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://southbank.leavetheherdbehind.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: 81rXAvpmmTm7S0Ll+YglK3B4aIroGEVB7eQ+HwMtSoNPxDlcigs0aWpJzBzzL6vfNciSw7xFry4=
x-amz-request-id: TCK67PAPFZHREZ3W
last-modified: Tue, 29 Jun 2021 17:25:38 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Fri, 20 Aug 2021 15:00:41 GMT
cache-control: public, max-age=300
etag: "5564a2ae650989ada0dc7f7250ae34e9"
x-cache: Hit from cloudfront
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _SpTFo2jT9TQKX0yZIRV1N_KnkhcHxArGRSAqiBdpUO9oeG3dIGwIA==
age: 212

GET
H2 200 m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6EEB 1 KB
1 KB 27ms
27ms Script
application/javascript 13.225.87.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-96.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"78581b5abad6c4e7b59c0f8ee45a8134"
age: 163
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: JQMT9GG7VXDWY013
x-amz-id-2: i3PzSK18JmoIUQuChuqAMzgJG6ZrIBgyxPdViuETl1oXBDFS/uOcMRKey6ZzxFm/knYxevRk1Rk=
last-modified: Tue, 29 Jun 2021 17:25:39 GMT
server: AmazonS3
date: Fri, 20 Aug 2021 15:01:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 1g_zcxfU6xwMaEeWE4jWy0ujMdTzEfKpYf-Qw01zyf7tfzRnEPt7NA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1A55 932 B
1 KB 43ms
12ms Document
text/html 2600:9000:20eb:8e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:8e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Fri, 20 Aug 2021 15:00:49 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0_WNPKJQzVrxWbYQuR8P5ZLj4c9t5-8f80fFT_FuvLuL50xN4bQM5g==
age: 204

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 1A55 85 KB
19 KB 16ms
15ms Script
application/x-javascript 2600:9000:20eb:8e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:8e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 146
x-cache: Hit from cloudfront
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
date: Fri, 20 Aug 2021 15:01:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: te9D9JTnW_W_esFyJQa36oYJz0LYFwlIw2cJOwZQrl34mGgAvThNWA==

GET
H2 200 translation Show response
api.cloudwaitress.com/intl/ 26 KB
9 KB 568ms
538ms XHR
application/json 2606:4700:3036::6815:2e5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cloudwaitress.com/intl/translation?language=en

Requested by

Host: stores-cdn.cloudwaitress.com
URL: https://stores-cdn.cloudwaitress.com/vendors.03373296235d5023d752.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2e5e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027e9da33dce810df966e86668374258010a14a856cb4ccc1483c4348117dc02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKEe3Fz557VzOjyUDoZ1jLJBUGEsqH8S62dPQFBY5OTH8EMJAqKHRu%2BZ1eF8TVQlkTHaJ5F9r%2BD5LeUfPoikJG4%2BguW%2BSt9p8y54lTKDC3VK3F%2ByEpC1Dpyzo8ZUj%2BUfmlx8l%2FLbFR9myx2Ux29qs0BtRuk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"68e4-2SjF4zUQ6+1l7UlFBUtiOFv8gsc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 681c834b48ddd6f5-FRA

GET
H2 200 intlTelInput.js Show response
static.cheerfy.com/integration/intl-tel-input/js/ 86 KB
86 KB 16ms
14ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/intl-tel-input/js/intlTelInput.js
Requested by: Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c573e35253bc6f57ecae80f09e27268f1de15dc9b5ec049dfacd3947479e2827

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S55IjKToS3oBV_vcllfOQG8Al0gZoCew
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
age: 12995
etag: "406825e287f0f944a0278baeeb2b1456"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 11:27:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 87566
x-amz-cf-id: piTPCVHUlvcVS1RRsAwyx2Af0ZQQ65PFVVerQ_WLcU9QPN-ZhQwMsg==

GET
H2 200 utils.js Show response
static.cheerfy.com/integration/intl-tel-input/js/ 239 KB
240 KB 15ms
14ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/intl-tel-input/js/utils.js
Requested by: Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zLn7PSQs2AmDkYmiadbKQRagwFyw.fMv
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
age: 19741
etag: "8f3a2154b225b6257161c4dfc9b89c9c"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 09:35:13 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 245184
x-amz-cf-id: 0zYAy8_ZEKiZ8dOTl39k7IZW9Cf5M9PGXSG-PcnBbFsANcz3eF_yIw==

GET
H2 200 intlTelInput.css
static.cheerfy.com/integration/intl-tel-input/css/ 25 KB
25 KB 13ms
12ms Stylesheet
text/css 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/intl-tel-input/css/intlTelInput.css
Requested by: Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:23:01 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
age: 74473
etag: "a69aa970266649e0b08c2cb4bc166568"
x-cache: Hit from cloudfront
x-amz-version-id: SPkg5cuYzJPA0IcLH6k2s5bUnOuQPq.H
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
content-length: 25254
x-amz-cf-id: dzjozhuJPDEIES5jY7YaWPP3mGcMJZbuzR5i4joqgSOc1SCTY0FNmQ==

GET
H2 200 moment.min.js Show response
static.cheerfy.com/integration/moment/ 57 KB
58 KB 24ms
23ms Script
application/javascript 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/moment/moment.min.js
Requested by: Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LXS.iJWWFwI6T8ZCSxWU6lO0mlKILWkY
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
age: 12995
etag: "5c158b940513c7dc2ebd901455e9b63d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 20 Aug 2021 11:27:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 58862
x-amz-cf-id: 7SYWeEmOOlwndJyQDJIvo95PaMZ_c-p5EYxykBQJ_0qy3u69bRO6Uw==

GET
H2 200 cheerfy-shop.css
static.cheerfy.com/integration/icons/css/ 3 KB
3 KB 13ms
13ms Stylesheet
text/css 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/icons/css/cheerfy-shop.css
Requested by: Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d720df5e069a2e6fa6378d1df4b11c2bcbee90aa0aa3229318428675f803a7a2

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 19:11:31 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
age: 71563
etag: "c9fa99887d8a43643250ad12b1d87366"
x-cache: Hit from cloudfront
x-amz-version-id: QxgkQl2wmgv5vRsvykimnk5krEoL.Av5
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
content-length: 2904
x-amz-cf-id: hFhC1v0UWE-_84jxpZS4BmYJfRm2SOoha-0zxY1PkHATwEaSaCrfiw==

GET
H/1.1 200
OK / Show response
user.cheerfy.com/ Frame D6A8 282 B
625 B 147ms
53ms Document
text/html 54.194.186.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://user.cheerfy.com/

Requested by

Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/cheerfy_cw.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.194.186.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-186-173.eu-west-1.compute.amazonaws.com

Software

nginx/1.10.3 /

Resource Hash

11054bef3261a79621568bdc12d45d362b38235ae715c8542474d87d2544e1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Host: user.cheerfy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://southbank.leavetheherdbehind.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://southbank.leavetheherdbehind.com/

Response headers

Server: nginx/1.10.3
Date: Fri, 20 Aug 2021 15:04:13 GMT
Content-Type: text/html
Last-Modified: Mon, 21 Jun 2021 13:17:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60d09162-11a"
Strict-Transport-Security: max-age=2592000; includeSubdomains
X-Real-IP: 195.181.174.89
X-Forwarded-Proto: https
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H3-29 200 u-4n0q2lgwslOqpF_6gQ8kELawRZWMf6.woff2
fonts.gstatic.com/s/courierprime/v2/ 21 KB
21 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v2/u-4n0q2lgwslOqpF_6gQ8kELawRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courier%20Prime:regular,italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6865f90cbbc99ae0711dc265dabb33c78d8480b9b3b47f4286998ef5c131bc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://southbank.leavetheherdbehind.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:08:29 GMT
x-content-type-options: nosniff
age: 320144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21620
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:42:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 22:08:29 GMT

GET
H2 200 cheerfy-shop.woff2
static.cheerfy.com/integration/icons/font/ 7 KB
8 KB 187ms
147ms Font
binary/octet-stream 13.224.196.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cheerfy.com/integration/icons/font/cheerfy-shop.woff2?34537529
Requested by: Host: static.cheerfy.com
URL: https://static.cheerfy.com/integration/icons/css/cheerfy-shop.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe5818cbd1c866788594fcc9185af159856757d8344711a8649d7aafa136153e

Request headers

Origin: https://southbank.leavetheherdbehind.com
Referer: https://static.cheerfy.com/integration/icons/css/cheerfy-shop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 15:04:14 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 7300
last-modified: Wed, 27 Jan 2021 23:02:50 GMT
server: AmazonS3
etag: "004f3114cbfcf56a7b5471d79736654c"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD, DELETE
x-amz-version-id: qOPwc44psxF0e79FvbtErTL1DiUVHAZM
access-control-allow-origin: *
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: edyyAjer6cFJk01KdH4Bysf__3lssx15lBJW3GItSV7fJSCpqQbKnw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 1A55 156 B
517 B 511ms
171ms XHR
text/plain 34.215.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-192-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

23b60c2055e2beb94ee94744abce6ec3e5c02e8deee948f4c89c43c7e05d02fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Aug 2021 15:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK embeddedDispatcher.js Show response
user.cheerfy.com/ Frame D6A8 2 KB
2 KB 29ms
29ms Script
application/javascript 54.194.186.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user.cheerfy.com/embeddedDispatcher.js
Requested by: Host: user.cheerfy.com
URL: https://user.cheerfy.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.194.186.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-186-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: d33c6ea83f2695ed0b4d16a4f72f371b04a90fc66220db38e984d0b19d01a36c

Request headers

Referer: https://user.cheerfy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 15:04:14 GMT
Last-Modified: Mon, 21 Jun 2021 13:17:22 GMT
Server: nginx/1.10.3
ETag: "60d09162-621"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=30, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1569
Expires: Fri, 20 Aug 2021 15:04:44 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/1/ 87 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/1/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAc_6JJnBdHbKjXGeoKIznTE22-YaRRuSA&libraries=geometry,places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82c40d20ddd554d6df644a2dbaf3cc57d33583cd380556b4e4636a8370a99989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 08:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32231
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 20:40:44 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 08:22:44 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/1/ 289 KB
89 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/1/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAc_6JJnBdHbKjXGeoKIznTE22-YaRRuSA&libraries=geometry,places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d109a1be178487629ed3fd50fa1431912642bd2682c7d99eda876da6cb18d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90584
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 20:40:44 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 11:55:08 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
84 B 20ms
20ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsouthbank.leavetheherdbehind.com%2F&4sAIzaSyAc_6JJnBdHbKjXGeoKIznTE22-YaRRuSA&callback=_xdc_._2ysx0n&key=AIzaSyAc_6JJnBdHbKjXGeoKIznTE22-YaRRuSA&token=80925

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/1/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

79f2d43d473bc77305cdf07b31f99e584649a802d1cbbdc21cb5eb5d7ee610bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://southbank.leavetheherdbehind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 15:04:17 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://stores-cdn.cloudwaitress.com/vendors.03373296235d5023d752.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cloudwaitress.com
api.mapbox.com
assets.emergepay.chargeitpro.com
cdn.checkout.com
cdn.polyfill.io
cdn.shopify.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
geo-targetly.com
js.stripe.com
jstest.authorize.net
m.stripe.com
m.stripe.network
maps.googleapis.com
southbank.leavetheherdbehind.com
static.cheerfy.com
stores-cdn.cloudwaitress.com
ucarecdn.com
user.cheerfy.com
104.18.9.127
13.224.196.47
13.224.98.48
13.225.87.87
13.225.87.96
151.101.13.26
151.139.128.11
2001:4860:4802:38::15
2001:4de0:ac18::1:a:1b
2600:9000:20eb:600:1b:4f00:3240:93a1
2600:9000:20eb:8e00:19:7d10:bd80:93a1
2606:4700:3036::6815:2e5e
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200a
2a02:26f0:6c00::210:ba09
2a04:4e42:200::268
34.215.192.98
35.238.2.132
54.194.186.173
024a355f20381b217f25a9d12d6be10d2f43334fb75b7a3750419267f44c0322
027e9da33dce810df966e86668374258010a14a856cb4ccc1483c4348117dc02
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
056d00be1429e645203a6f3b1897806162612a0631057b2baa873585748bdb25
06a40ce18054a41cd1d9dd7c8b631a67fcaa3917400de605ef7ba9e9ac4578c2
0aa9a844ab06452dc479f3b6904cfe5f15e446872172ce0458f383e8e6b1c0a4
11054bef3261a79621568bdc12d45d362b38235ae715c8542474d87d2544e1b3
19908ea134ce6ca74eaabde288b31071f66386a55f93ce22538aed24c70843e8
1d109a1be178487629ed3fd50fa1431912642bd2682c7d99eda876da6cb18d37
1e8d37aa129076389ff1ac3107cac72419ae0f4fb465eadb4d5d6079ee87c06d
20f5462b2ccec78d8749981a52df4f9739c6955f40a40008274f3d24218639ab
23b60c2055e2beb94ee94744abce6ec3e5c02e8deee948f4c89c43c7e05d02fa
249730a85539b99b86ed483ca240128c7689e4ef71f347463cd12c3392c7f9cc
2a2662060f5b17fafc19b885c79eadab873724355fe308f45c2e730475d67b50
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
447f59a9c87be6c7611397efdd4dd3b4245f562e63140713a2046821d6008b60
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
60ec7656e23da55c596ac0c83f54ece88fc8aa4850382c105c33ee01e2b14bb2
6865f90cbbc99ae0711dc265dabb33c78d8480b9b3b47f4286998ef5c131bc0f
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6c4ac22dc4af48a5ec1d9004c0fea7f0f28aa75f43998eb208eb4b2a2e395d9f
6d0476cc1d4ab67ca5e2bed7f647b830994fc0a10e4eb4aac3e708763b510c10
6e58d3ec624888e04e7be7cc02da998ef4588cee76ec2fd3e53065ebfef32626
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
771e226c11b3f37a12bed6bb3092e0d57112cf25dd8b34df129695024b869f3d
77b4a53dfe83fddfeea62c10e0101bff925a490b644ad12867479d9538ecd42e
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
79f2d43d473bc77305cdf07b31f99e584649a802d1cbbdc21cb5eb5d7ee610bd
7c963c577c25c864098aa8bab40e66238312ffa1e518d4af259d775b31dacdcd
828d1b071bb9dae9dde37afb3d5e0fda1a23a211b3ac620a0a665034f2b8d6e8
82c40d20ddd554d6df644a2dbaf3cc57d33583cd380556b4e4636a8370a99989
82d66bdcf0d15b95356785b3c8fbe6a9e31132ae8eb43d5ae2189b259b5afac1
94daa09b47008e1a353a240042b64c40b5dbb580bfc7cc5ef537679590d194e9
997d898bffbf1cdac1d77119314eb59d21ef3867cf5f30e29256ff31ead28741
9dc2560573246785189308956844fd7421a6651878d45c80cdfe8479b0ed7f0b
a11b0dfe9df3a7d3959a83353f6638b326ba4dc464ddbef8cd9187e8c6a37246
a756773b693ded1566a8f2c8bb1a800c4c4fa47058dabbfd14016397ff54c8be
acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
adf5df64b22094bba0846e20e0dbad1b39bc187a7e713df42af0a1e356d8b4d9
b0586332823c084d41a4af6d82f46ed2d30ef47bad90f026915bcbcba2c78b09
be616edbc8c3aabbac42f5a1af03d4e00abc5a8516d9ef6ae3872f7574ef87fe
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c573e35253bc6f57ecae80f09e27268f1de15dc9b5ec049dfacd3947479e2827
c87b83f31b48b2c753f3a559a60ce2898f378056b54e9893b045447e6f1d88fa
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d33c6ea83f2695ed0b4d16a4f72f371b04a90fc66220db38e984d0b19d01a36c
d5fed0b43fde0c2aa2301fb880fb240d675e1b39ce158d487d5167dbc8014be7
d720df5e069a2e6fa6378d1df4b11c2bcbee90aa0aa3229318428675f803a7a2
e24af171e5f0ebec8303aac74436c5f2f95a67b9989d0d3786471650c054e79c
ecf26947839e8373bedc17fe50264da45230fc654724f86e489268c65adabb8c
ef06e0a7e34793348cf169b21db317593bd488eeedf54600644a28395e741542
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f857186527a5ad90fa24311947966582bdbdfcfcc8373e60a203f95f5b2b6ccf
fe5818cbd1c866788594fcc9185af159856757d8344711a8649d7aafa136153e

southbank.leavetheherdbehind.com Open in urlscan Pro 35.238.2.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

55 Requests

100 %HTTPS

50 %IPv6

16 Domains

20 Subdomains

21 IPs

4 Countries

3015 kBTransfer

6619 kBSize

0 Cookies

4 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

southbank.leavetheherdbehind.com Open in urlscan Pro
35.238.2.132 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

20
Subdomains

21
IPs

4
Countries

3015 kB
Transfer

6619 kB
Size

0
Cookies

55 HTTP transactions
2 data transactions