qhbwql.click Open in urlscan Pro
2606:4700:3031::6815:2781 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://qhbwql.click/
Submission: On October 13 via api (October 13th 2023, 4:45:56 pm UTC) from US — Scanned from US

Summary HTTP 166 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 29 domains to perform 166 HTTP transactions. The main IP is 2606:4700:3031::6815:2781, located in United States and belongs to CLOUDFLARENET, US. The main domain is qhbwql.click.

This is the only time qhbwql.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3031::6815:2781	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 49	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:6c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
9	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.249.38.183 13.249.38.183	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26c... 2600:9000:26c1:ae00:19:5216:dc40:21	16509 (AMAZON-02) (AMAZON-02)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:18b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
5	23.62.164.202 23.62.164.202	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700:10:... 2606:4700:10::ac43:592	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:32f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.108.97.97 104.108.97.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.218.42.3 52.218.42.3	16509 (AMAZON-02) (AMAZON-02)
3	52.71.154.118 52.71.154.118	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:250... 2600:9000:2501:e400:7:6365:89c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f00... 2a03:2880:f003:c07:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:24f... 2600:9000:24f2:ae00:16:9033:f200:21	16509 (AMAZON-02) (AMAZON-02)
1	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::93	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3036::6815:2528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3034::ac43:cbba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
166	34

15 2606:4700:3031::6815:2781 (United States)

ASN13335 (CLOUDFLARENET, US)

qhbwql.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 23.227.38.74 (Ottawa, Canada) 8 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.madduckposters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:6c12 (United States)

ASN13335 (CLOUDFLARENET, US)

ro.boldapps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.38.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-38-183.iad89.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26c1:ae00:19:5216:dc40:21 (United States)

ASN16509 (AMAZON-02, US)

d5zu2f4xvqanl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:18b::1931 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.62.164.202 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-202.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:592 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:32f5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.97.97 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-97-97.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.42.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.71.154.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-154-118.compute-1.amazonaws.com

app.marsello.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2501:e400:7:6365:89c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f003:c07:face:b00c:0:2 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

socialplugin.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f2:ae00:16:9033:f200:21 (United States)

ASN16509 (AMAZON-02, US)

d2pkcwbsyjj2rs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3036::6815:2528 (United States)

ASN13335 (CLOUDFLARENET, US)

public.powrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cbba (United States)

ASN13335 (CLOUDFLARENET, US)

www.powrcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	madduckposters.com 8 redirects www.madduckposters.com	2 MB
33	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 957	387 KB
15	qhbwql.click qhbwql.click	120 KB
13	powrcdn.com public.powrcdn.com — Cisco Umbrella Rank: 45104 www.powrcdn.com — Cisco Umbrella Rank: 67984	588 KB
9	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2460	315 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 965	4 KB
4	powr.io 1 redirects www.powr.io — Cisco Umbrella Rank: 17069 vcdn.powr.io — Cisco Umbrella Rank: 52907	26 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187 socialplugin.facebook.net — Cisco Umbrella Rank: 82287	191 KB
4	boldapps.net ro.boldapps.net — Cisco Umbrella Rank: 91299	117 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	37 KB
3	pushowl.com cdn.pushowl.com — Cisco Umbrella Rank: 18180	25 KB
3	marsello.com app.marsello.com — Cisco Umbrella Rank: 153632	16 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	2 KB
3	gstatic.com fonts.gstatic.com	48 KB
2	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 6377	9 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 178 www.google.com — Cisco Umbrella Rank: 2	707 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 980	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	amazonaws.com u0altfd679.execute-api.us-west-2.amazonaws.com Failed s3-eu-west-1.amazonaws.com	96 KB
2	cloudfront.net d5zu2f4xvqanl.cloudfront.net d2pkcwbsyjj2rs.cloudfront.net	7 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 248	490 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 456	11 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183	17 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	17 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	87 KB
1	shop.app shop.app — Cisco Umbrella Rank: 4906	2 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 6353	1 KB
0	shoptimally.com Failed api1.shoptimally.com Failed
166	29

	Domain	Requested by
49	www.madduckposters.com	8 redirects qhbwql.click www.madduckposters.com
33	static.xx.fbcdn.net	socialplugin.facebook.net static.xx.fbcdn.net
15	qhbwql.click	qhbwql.click ro.boldapps.net www.madduckposters.com
12	public.powrcdn.com	www.powr.io public.powrcdn.com
9	cdn.shopify.com	qhbwql.click
5	ct.pinterest.com	www.madduckposters.com qhbwql.click s.pinimg.com
4	ro.boldapps.net	qhbwql.click ro.boldapps.net
3	cdn.pushowl.com	qhbwql.click cdn.pushowl.com
3	app.marsello.com	qhbwql.click app.marsello.com
3	www.powr.io	1 redirects www.powr.io
3	connect.facebook.net	qhbwql.click www.madduckposters.com connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	qhbwql.click client public.powrcdn.com
2	s3-eu-west-1.amazonaws.com	qhbwql.click
2	chimpstatic.com	qhbwql.click
2	stats.g.doubleclick.net	www.madduckposters.com www.googletagmanager.com
2	s.pinimg.com	www.madduckposters.com s.pinimg.com
2	www.google-analytics.com	www.madduckposters.com
1	bam.nr-data.net	js-agent.newrelic.com
1	www.powrcdn.com	public.powrcdn.com
1	js-agent.newrelic.com	www.powr.io
1	maxcdn.bootstrapcdn.com	www.powr.io
1	www.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	vcdn.powr.io	www.madduckposters.com
1	www.googleadservices.com	chimpstatic.com
1	d2pkcwbsyjj2rs.cloudfront.net	app.marsello.com
1	socialplugin.facebook.net	connect.facebook.net
1	analytics.google.com	www.googletagmanager.com
1	www.facebook.com	qhbwql.click
1	www.googletagmanager.com	www.madduckposters.com
1	shop.app	www.madduckposters.com
1	d5zu2f4xvqanl.cloudfront.net	qhbwql.click
1	cdn-images.mailchimp.com	qhbwql.click
1	ajax.googleapis.com	qhbwql.click
0	api1.shoptimally.com Failed	www.madduckposters.com
0	u0altfd679.execute-api.us-west-2.amazonaws.com Failed	www.madduckposters.com
166	37

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
app.marsello.com

Subject Issuer	Validity	Valid
boldapps.net Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
cdn.shopify.com E1	`2023-09-10` - `2023-12-09`	3 months	crt.sh
www.madduckposters.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
shop.app E1	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-05-31`	a year	crt.sh
*.marsello.com Amazon RSA 2048 M01	`2023-07-20` - `2024-08-17`	a year	crt.sh
ik.imagekit.io R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.socialplugin.facebook.net DigiCert SHA2 High Assurance Server CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
powrcdn.com GTS CA 1P5	`2023-09-27` - `2023-12-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://qhbwql.click/
Frame ID: D6F0799824E4858AF1D5B15ADE891F11
Requests: 111 HTTP requests in this frame

Frame: http://qhbwql.click/wpm@c17768fdw9ca797f2p09ffbf64m6f3c9c0f/web-pixel-shopify-custom-pixel@0567/sandbox/modern/
Frame ID: A4E42018ABB1CC4DFE9E80C3870782FD
Requests: 1 HTTP requests in this frame

Frame: https://socialplugin.facebook.net/v3.0/send_to_messenger.php?app_id=369783430202516&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3265b1f0b121a%26domain%3Dqhbwql.click%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fqhbwql.click%252Ff25ae4adf9c3cdc%26relation%3Dparent.parent&color=blue&container_width=0&cta_text=SEND_TO_MESSENGER&locale=en_US&messenger_app_id=369783430202516&page_id=524354171059792&ref=OPT_IN_FROM_SEND_TO_MESSENGER%3Aatc_popup%3Aaa95b3586c174a56aa15b7a4452a12e0&sdk=joey&size=xlarge
Frame ID: 256F556E99E4ED00F99372BCAED8B565
Requests: 34 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 6272934A34E7BC7B8A89309F5DD25526
Requests: 1 HTTP requests in this frame

Frame: https://www.powr.io/countdown-timer/u/9689c988_1541871999
Frame ID: 1BF81F7A842967327CF643D672E0B136
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Limited Edition Fine Art Prints, Screen Print Movie Posters, & More!– Mad Duck Posters

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Amazon Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<meta id="amazon-payments

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css
chimpstatic\.com/mcjs-connected

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

PushOwl (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.pushowl\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

61 %
HTTPS

68 %
IPv6

29
Domains

37
Subdomains

34
IPs

3
Countries

4552 kB
Transfer

9752 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MadDuckPosters

Search URL Search Domain Scan URL

URL: https://twitter.com/madduckposters

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/MadDuckPosters

Search URL Search Domain Scan URL

URL: https://www.instagram.com/madduckposters/

Search URL Search Domain Scan URL

URL: https://app.marsello.com/Portal/Custom/Welcome/5bd61adf811f9e0da8cba346?aProvId=5bd61ad1811f9e0da8cba2ff
Title: Check rewards

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002

Request Chain 1

http://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603

Request Chain 3

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js HTTP 307
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Request Chain 4

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906 HTTP 307
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Request Chain 5

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js HTTP 307
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Request Chain 7

http://www.madduckposters.com/cdn/shop/t/53/assets/bold-helper-functions.js?v=130879166784491613001497551854 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/bold-helper-functions.js?v=130879166784491613001497551854

Request Chain 8

http://www.madduckposters.com/cdn/shop/t/53/assets/bold.css?v=67727555385224282771497552387 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/bold.css?v=67727555385224282771497552387

Request Chain 10

http://www.madduckposters.com/cdn/shop/t/53/assets/modernizr.min.js?v=137617515274177302221497382438 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/modernizr.min.js?v=137617515274177302221497382438

Request Chain 11

http://www.madduckposters.com/cdn/shop/t/53/assets/owlCarousel.js?v=75813715580695946121497382438 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/owlCarousel.js?v=75813715580695946121497382438

Request Chain 12

http://www.madduckposters.com/cdn/shop/t/53/assets/crowdfunder.scss.css?v=10186879449654909231531698842 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/crowdfunder.scss.css?v=10186879449654909231531698842

Request Chain 13

http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884 HTTP 301
https://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Request Chain 14

http://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988 HTTP 307
https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988

Request Chain 15

http://www.madduckposters.com/cdn/shop/products/HoU_Def_V1_760x.jpg?v=1675562147%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/HoU_Def_V1_760x.jpg?v=1675562147%27

Request Chain 16

http://www.madduckposters.com/cdn/shop/products/Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg?v=1632153725%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg?v=1632153725%27

Request Chain 17

http://www.madduckposters.com/cdn/shop/products/CK-Reg-Ruth_760x.jpg?v=1671391578%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/CK-Reg-Ruth_760x.jpg?v=1671391578%27

Request Chain 18

http://www.madduckposters.com/cdn/shop/products/CK-reg-notext_760x.jpg?v=1672243601 HTTP 307
https://www.madduckposters.com/cdn/shop/products/CK-reg-notext_760x.jpg?v=1672243601

Request Chain 19

http://www.madduckposters.com/cdn/shop/products/BV-Reg-KT_760x.jpg?v=1579062085%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/BV-Reg-KT_760x.jpg?v=1579062085%27

Request Chain 20

http://www.madduckposters.com/cdn/shop/products/cthulu_reg_2_760x.jpg?v=1582692332%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/cthulu_reg_2_760x.jpg?v=1582692332%27

Request Chain 21

http://www.madduckposters.com/cdn/shop/products/Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg?v=1646093678%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg?v=1646093678%27

Request Chain 22

http://www.madduckposters.com/cdn/shop/products/KILLER-KLOWNS-2-print-TM_760x.jpg?v=1591762922%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/KILLER-KLOWNS-2-print-TM_760x.jpg?v=1591762922%27

Request Chain 23

http://www.madduckposters.com/cdn/shop/products/PHIBES_REG_760x.jpg?v=1642791166%27 HTTP 307
https://www.madduckposters.com/cdn/shop/products/PHIBES_REG_760x.jpg?v=1642791166%27

Request Chain 24

http://www.madduckposters.com/cdn/shop/collections/Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg?v=1644106021 HTTP 307
https://www.madduckposters.com/cdn/shop/collections/Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg?v=1644106021

Request Chain 25

http://www.madduckposters.com/cdn/shop/collections/b_400x_crop_top.jpg?v=1497412095 HTTP 307
https://www.madduckposters.com/cdn/shop/collections/b_400x_crop_top.jpg?v=1497412095

Request Chain 26

http://www.madduckposters.com/cdn/shop/collections/vincent-price-logo_400x_crop_top.jpg?v=1565220595 HTTP 307
https://www.madduckposters.com/cdn/shop/collections/vincent-price-logo_400x_crop_top.jpg?v=1565220595

Request Chain 27

http://www.madduckposters.com/cdn/shop/collections/Horror_400x_crop_top.jpg?v=1509411527 HTTP 307
https://www.madduckposters.com/cdn/shop/collections/Horror_400x_crop_top.jpg?v=1509411527

Request Chain 34

http://www.madduckposters.com/cdn/shop/t/53/assets/fastclick.min.js?v=29723458539410922371497382436 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/fastclick.min.js?v=29723458539410922371497382436

Request Chain 35

http://www.madduckposters.com/cdn/shop/t/53/assets/plugins.js?v=18066946422561744651497382439 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.js?v=18066946422561744651497382439

Request Chain 36

http://www.madduckposters.com/cdn/shop/t/53/assets/instafeed.js?v=35928806501095949951497382438 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/instafeed.js?v=35928806501095949951497382438

Request Chain 37

http://www.madduckposters.com/cdn/shop/t/53/assets/timber.js?v=143008408085071213351498226221 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/timber.js?v=143008408085071213351498226221

Request Chain 38

http://www.madduckposters.com/cdn/shop/t/53/assets/custom.js?v=71080177595013124251497382441 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/custom.js?v=71080177595013124251497382441

Request Chain 39

http://www.madduckposters.com/cdn/s/javascripts/currencies.js HTTP 307
https://www.madduckposters.com/cdn/s/javascripts/currencies.js

Request Chain 40

http://www.madduckposters.com/cdn/shop/t/53/assets/jquery.currencies.min.js?v=175057760772006623221497382438 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/jquery.currencies.min.js?v=175057760772006623221497382438

Request Chain 41

http://www.madduckposters.com/cdn/shop/t/53/assets/handlebars.min.js?v=79044469952368397291497382437 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/handlebars.min.js?v=79044469952368397291497382437

Request Chain 42

http://www.madduckposters.com/cdn/shop/t/53/assets/ajax-cart.js?v=9688690642230510491497552004 HTTP 307
https://www.madduckposters.com/cdn/shop/t/53/assets/ajax-cart.js?v=9688690642230510491497552004

Request Chain 48

http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js HTTP 307
https://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js

Request Chain 49

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js HTTP 307
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Request Chain 51

http://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988 HTTP 307
https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988

Request Chain 90

http://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com HTTP 301
https://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com

Request Chain 100

http://www.madduckposters.com/cdn/shop/files/combine_images_24_2000x.jpg?v=1689364650 HTTP 307
https://www.madduckposters.com/cdn/shop/files/combine_images_24_2000x.jpg?v=1689364650

166 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
qhbwql.click/ 179 KB
34 KB 952ms
718ms Document
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21fda898a8879dbd4f8b83b6864220c699221f205e9fcac0eb592691fed3e5fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81590e14d8990f87-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rd0h1Y5WAPGnJJnI8%2BTbyS6MXmPAJrY8VL%2Fv3m51FhHWTKhxnz7cG6Amxwi8pwfDhPP8cGwAxvd5X3H3AbUcDvLEYK2DVUgM7UyJYrYYSr8qZzJnys1zZkZqJ%2BhHgE7%2FIWt2QLz2slVbaA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2

200

plugins.css
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002
https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002

140 KB
29 KB

140ms
64ms

Stylesheet
text/css

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d7344e74172e06ef21dd248e8b278aea120e466d63d75efda3eaf29e7a3402bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 101284
content-encoding: br
server-timing: imagery;dur=72.156, imageryFetch;dur=51.771, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: b9bb1224-c815-46de-bd4b-55459d5efd9e
last-modified: Thu, 12 Oct 2023 09:30:39 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTYzkPdkVZedjmZE8U9DI2Gxmy%2B%2FcjEi3AFNPUmMKS8nWHz6j%2BD5nYfT9OwUsW%2FFdg8UBA0%2FeQJ7NpmFxRKmofA%2FNz%2Bx06Bt2wQwxOqW9WzkRBbvuuadtkNQHoI%2FEClcJu2W6QV6A2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3642d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/plugins.css>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uk2KccrpTGXVHZ3al%2BjIoP3ikfay8ryiXc6FbwBwA9xXC%2FWg1d%2Fn1AjVaw7EMo2Fv35xPP8Ar4Xtg6RCz%2BlEd12UEkgkh70yb65KiQxe5hNngqiZ0D%2BHF0Yq7eFnswT70kBi41slDDw%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=8.000135
CF-RAY: 81590e19cf0fc425-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H2

200

timber.scss.css
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603
https://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603

96 KB
20 KB

156ms
81ms

Stylesheet
text/css

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

45d0ff54548c6452cbf5b377066b629d689db2710e5dd5999c9ab4997835fa3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 101284
content-encoding: br
server-timing: imagery;dur=2333.881, imageryFetch;dur=70.427, imageryProcess;dur=2251.676;desc="scss", cfRequestDuration;dur=18.999815
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 164dbda1-edb7-4ac0-ab4b-bd9635f48d0c
last-modified: Thu, 12 Oct 2023 09:39:01 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B4XvRuqUBWHaYHFYx8xmIGkbxRvszM%2F%2FDQ1BWX9Qsufjzps4%2Be%2BTBRmcVqL6PXmmGI8aWCoMv82cfajy0L%2Bmo%2BsoKLIANZU%2B%2FdQcQVHyE8HKDCgpq76hWLILd0NofKhrmQKhSXltPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3542d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/timber.scss.css>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJh%2FnoJ%2Fa7B9fdv7tGCqavCexPrnSAM1DelJkfgypW5PybOi%2BaImWeNXwd8wFDZJ%2BMrW9ullIbBqFVG4Y%2F%2F2UojBpITCg7M6v8%2F6xxcfUozVXop%2BOMO9K3F%2FTavdiTqbgLOK6S17Bx4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=6.000042
CF-RAY: 81590e19cab49e05-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 101ms
93ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c76c3b439b78f7fe01636ecd4572b12cd11e01ead36ad25d6131340bc03c81f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Fri, 13 Oct 2023 16:45:48 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 13 Oct 2023 16:45:48 GMT

GET
H3

200

load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js Show response
www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/
Redirect Chain

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

12 KB
10 KB

48ms
47ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 917010
content-encoding: br
server-timing: imagery;dur=33.365, imageryFetch;dur=32.359, cfRequestDuration;dur=9.999990, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c328ce5d-e41b-4200-a197-d7adf2113be3
outsmartly-cache: UNKNOWN
last-modified: Wed, 20 Sep 2023 22:28:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj8YwfuWX%2BNfssC1X5GfkRSTI%2FQnKMhdnF2SVlwntW1ozxDZFuCqCVtM%2BIZHdHUMlHBYD%2B5CXTpraaOnAQXeDW6nOCfFiDmAhCzvyzN44hpGUkwaiW0C7PaH6cZ6YehXsccIebE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952000
outsmartly-original-cache-control: public, max-age=31556952, immutable
outsmartly-edge-cache-policy: {"v":1,"t":1696298539864,"sh":true,"ch":0.1,"imm":86400000,"st":200,"resh":{"accept-ranges":"bytes","access-control-allow-origin":"*","cache-control":"public, max-age=31556952, immutable","cf-cache-status":"BYPASS","cf-ray":"81019a31e55943fe-EWR","connection":"keep-alive","content-encoding":"gzip","content-length":"3624","content-type":"text/javascript","date":"Tue, 03 Oct 2023 02:02:19 GMT","last-modified":"Wed, 20 Sep 2023 22:28:10 GMT","link":"<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js>; rel=\"canonical\"","nel":"{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}","outsmartly-cache":"UNKNOWN","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=uj8YwfuWX%2BNfssC1X5GfkRSTI%2FQnKMhdnF2SVlwntW1ozxDZFuCqCVtM%2BIZHdHUMlHBYD%2B5CXTpraaOnAQXeDW6nOCfFiDmAhCzvyzN44hpGUkwaiW0C7PaH6cZ6YehXsccIebE%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","server":"cloudflare","server-timing":"imagery;dur=33.365, imageryFetch;dur=32.359, cfRequestDuration;dur=9.999990","strict-transport-security":"max-age=63072000; includeSubDomains; preload","timing-allow-origin":"*","vary":"Accept-Encoding","x-content-type-options":"nosniff","x-dc":"gcp-us-east1,gcp-us-central1","x-request-id":"c328ce5d-e41b-4200-a197-d7adf2113be3","x-sorting-hat-podid":"-1","x-xss-protection":"1; mode=block"},"rescc":{"public":true,"max-age":"31556952","immutable":true},"m":"GET","u":"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js","h":"www.miraclebrand.co","a":true,"reqh":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en-US,en;q=0.9","cf-connecting-ip":"130.68.183.2","cf-device-type":"mobile","cf-ipcountry":"US","cf-ray":"81019a30c97843fe","cf-visitor":"{\"scheme\":\"https\"}","connection":"Keep-Alive","cookie":"__orly_aid=D63wwvDTlbn9XDNZGpRkCwS13xw-ZBK2BD7wb7; __orly_vs=50; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _s=2b05a14a-3b23-4289-97de-e1be0c3f14c4; _shopify_s=2b05a14a-3b23-4289-97de-e1be0c3f14c4; _shopify_y=3be83ca4-3a70-4172-9c9d-6b3f19736fd0; _y=3be83ca4-3a70-4172-9c9d-6b3f19736fd0; Outsmartly-Session=80f94e307aba0f46; __HOST-_orly_vs=50; cart_currency=USD; keep_alive=b4e6cb24-469b-4455-8667-91cd0c651a3b; localization=US; secure_customer_sig=; BxC9ZQ4vbx_wThuq2kDSqid=09a00c2e-bd16-5f8f-8000-d3ba61cfbd5e.1696211542.1.1696211757.1696211542.a0fddb32-fb06-4604-acba-0572450721de; _nb_sp_id.0dba=d92c77ba-4733-4ecf-baaa-3075ddfa1732.1696211542.1.1696211582.1696211542.e06b9253-217a-4e97-8bce-d19919cd1f82; _sp_id.0dba=1aab417ea0f70870.1696211542.1.1696211582.1696211542; _fbp=fb.1.1696211542731.721391706; _sctr=1%7C1696132800000; _lc2_fpi=06860a8fb6fb--01hbq1c99bmdaqjner5eyenfbh; _lc2_fpi_meta={%22w%22:1696211543339}; _li_dcdm_c=.miraclebrand.co; _scid=1f1cae82-e543-41c4-888a-26b851e430ba; _scid_r=1f1cae82-e543-41c4-888a-26b851e430ba; _scsrid=; _scsrid_r=; cjConsent=MHxOfDB8Tnww; cjUser=b291ea54-97a3-4025-9eec-b07a2fe59d6d; cto_bundle=Ug-jyF95VTl3aDZ0NkJPVFJlMFVpQkUlMkIzaFpid1lWblFuYTVMUFlBWCUyRmNFVG9JQjlNTzQ0NlBuWnBRWE1LSW9BcFJ1R2QlMkJXREJXdzA4N3pIcnhsallyREE5WW9vWnc0bmhaVHNOdXN3MEdsSTdhWmhWOUtKJTJCSTAzcmVDQnN0enVHS1pH; soundestID=20231002015223-ZlN6UFcrTWVCQby8lxLOrUX9djBcocmxZQagwlEVyHvio6Kj8; mp_139deeeff16104d87877b31cf8b846e8_mixpanel=%7B%22distinct_id%22%3A%20%22%24device%3A18aee16252eb1b-0f39038eb660da-7e793561-61d78-18aee16252eb1b%22%2C%22%24device_id%22%3A%20%2218aee16252eb1b-0f39038eb660da-7e793561-61d78-18aee16252eb1b%22%2C%22%24search_engine%22%3A%20%22google%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.google.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.google.com%22%7D; _geuid=d224535e-622a-4e4d-b179-b735df56469f; addshoppers.com=2%7C1%3A0%7C10%3A1696211543%7C15%3Aaddshoppers.com%7C44%3AODc5N2NiNGU2NDhlNDllN2EwZGRkMzUxMjhiOTI2YzA%3D%7Cbb8924a5d103a17bf5a751f0ea9197d505fbf6cfcdc9f970e1657aeb8bc5ad4d; po_visitor=4l5CX64Ndt3Q; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyNjZkNmYwYmEtMDIwOC00YmQxLThhMWEtZmRkN2VhODgzNjQ2JTIyJTJDJTIyZSUyMiUzQTE2OTY3MzcxNDIyODMlN0QlMkMlMjJNR1hfUFglMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMzlkZDkyNTUtYWJkMS00NGE3LWExYzYtODk4ZGRkNjFhMDUwJTIyJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTY5NjIxMzM0Mjk5NiU3RCUyQyUyMk1HWF9DSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZDFkOTc5YTktY2U5OC00MDY3LWIwZDItMTYzYWY5YTYzOWYyJTIyJTJDJTIyZSUyMiUzQTE2OTY3MzcxNDIyODQlN0QlMkMlMjJNR1hfVlMlMjIlM0ElN0IlMjJ2JTIyJTNBMSUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTYyMTMzNDI5OTYlN0QlMkMlMjJNR1hfRUlEJTIyJTNBJTdCJTIydiUyMiUzQSUyMm5zX3NlZ18wMDAlMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNjk2MjEzMzQyOTk2JTdEJTdE; __attentive_id=7535efd02bf44c399beaabd13192ed07; _attn_=eyJ1Ijoie1wiY29cIjoxNjk2MjExNTQyNDYwLFwidW9cIjoxNjk2MjExNTQyNDYwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjc1MzVlZmQwMmJmNDRjMzk5YmVhYWJkMTMxOTJlZDA3XCJ9In0=; _ga=GA1.2.172757779.1696211543; _ga_SPDGV600TP=GS1.2.1696211542.1.0.1696211542.60.0.0; _gcl_au=1.1.1085952155.1696211542; _pin_unauth=dWlkPU5XRTVPVE15T1RFdFlqa3hPQzAwWkdabUxXRTNOR1l0TmpoaU1HTm1OalprTVRjeA; AMP_9bdc728a74={\"deviceId\":\"9dcbcc55-334c-49b8-b8a5-58472b931327\",\"sessionId\":1696211542895,\"lastEventTime\":1696211542898,\"optOut\":false}; __attentive_cco=1696211542460; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2OTYyMTE1NDMsInZhbHVlIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cubWlyYWNsZWJyYW5kLmNvL2Jsb2dzL2pvdXJuYWwvaG93LXRvLWdldC1zbGltZS1vdXQtb2Ytc2hlZXRzIyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTY5NjIxMTU0MywidmFsdWUiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5taXJhY2xlYnJhbmQuY28vYmxvZ3Mvam91cm5hbC9ob3ctdG8tZ2V0LXNsaW1lLW91dC1vZi1zaGVldHMjIn19; _tt_enable_cookie=1; _ttp=wXKE26auZ4R4Ak5-tKh6a_NZVLQ; _landing_page=%2Fblogs%2Fjournal%2Fhow-to-get-slime-out-of-sheets; _orig_referrer=https%3A%2F%2Fwww.google.com%2F; _svsid=0869281e7be137168cf420d9afdbbf54; smartDash=be0fb977-e17f-4d4b-827d-edfe6d1ed64b","host":"www.miraclebrand.co","origin":"https://www.miraclebrand.co","priority":"u=1, i","referer":"https://www.miraclebrand.co/blogs/journal/how-to-get-slime-out-of-sheets","sec-fetch-dest":"script","sec-fetch-mode":"cors","sec-fetch-site":"same-origin","user-agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1","x-forwarded-proto":"https","x-real-ip":"130.68.183.2"},"reqcc":{}}
cf-ray: 81590e1d4c9e43d6-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js>; rel="canonical"
x-sorting-hat-podid: -1

Redirect headers

Location: https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://qhbwql.click
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js Show response
www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/
Redirect Chain

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

49 KB
29 KB

50ms
50ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 924162
content-encoding: br
server-timing: imagery;dur=94.670, imageryFetch;dur=94.398, cfRequestDuration;dur=32.000065, cfRequestDuration;dur=33.999920, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c57b1e7e-21ea-4b98-8459-7c5e0e3cdefc
outsmartly-cache: UNKNOWN
last-modified: Wed, 20 Sep 2023 22:28:10 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4D9d4jmcAiqgEhZLOOZM%2FzFsjF23D%2BcK1vsbsix1v5D%2FbOmy8v2kZi1vLA7TnTH51JTvHILZ3PvIU3EcQA51wcFU89312bypan9kZSYFqf6BBJV4dKbMF9I0u0ciz1wfmyXv0Fd8fQBtpUijeeaNt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952000000
outsmartly-original-cache-control: max-age=31556952000
outsmartly-edge-cache-policy: {"v":1,"t":1696291387420,"sh":true,"ch":0.1,"imm":86400000,"st":200,"resh":{"access-control-allow-origin":"*","cache-control":"max-age=31556952000","cf-cache-status":"BYPASS","cf-ray":"8100eb93224043fe-EWR","connection":"keep-alive","content-encoding":"gzip","content-type":"text/javascript","date":"Tue, 03 Oct 2023 00:03:07 GMT","last-modified":"Wed, 20 Sep 2023 22:28:10 GMT","link":"<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel=\"canonical\"","nel":"{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}","outsmartly-cache":"UNKNOWN","outsmartly-edge-cache-policy":"{\"v\":1,\"t\":1696276046807,\"sh\":true,\"ch\":0.1,\"imm\":86400000,\"st\":200,\"resh\":{\"access-control-allow-origin\":\"*\",\"cache-control\":\"public, max-age=31556952, immutable\",\"cf-cache-status\":\"BYPASS\",\"cf-ray\":\"80ff750c21eb86f6-ORD\",\"connection\":\"keep-alive\",\"content-encoding\":\"gzip\",\"content-type\":\"text/javascript\",\"date\":\"Mon, 02 Oct 2023 19:47:26 GMT\",\"last-modified\":\"Wed, 20 Sep 2023 22:28:10 GMT\",\"link\":\"<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel=\\\"canonical\\\"\",\"nel\":\"{\\\"success_fraction\\\":0.01,\\\"report_to\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"outsmartly-cache\":\"UNKNOWN\",\"report-to\":\"{\\\"endpoints\\\":[{\\\"url\\\":\\\"https:\\\\/\\\\/a.nel.cloudflare.com\\\\/report\\\\/v3?s=w4D9d4jmcAiqgEhZLOOZM%2FzFsjF23D%2BcK1vsbsix1v5D%2FbOmy8v2kZi1vLA7TnTH51JTvHILZ3PvIU3EcQA51wcFU89312bypan9kZSYFqf6BBJV4dKbMF9I0u0ciz1wfmyXv0Fd8fQBtpUijeeaNt4%3D\\\"}],\\\"group\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"server\":\"cloudflare\",\"server-timing\":\"imagery;dur=94.670, imageryFetch;dur=94.398, cfRequestDuration;dur=32.000065\",\"strict-transport-security\":\"max-age=63072000; includeSubDomains; preload\",\"timing-allow-origin\":\"*\",\"transfer-encoding\":\"chunked\",\"vary\":\"Accept-Encoding, Accept-Encoding\",\"x-content-type-options\":\"nosniff\",\"x-dc\":\"gcp-us-central1,gcp-us-east1\",\"x-request-id\":\"c57b1e7e-21ea-4b98-8459-7c5e0e3cdefc\",\"x-sorting-hat-podid\":\"-1\",\"x-xss-protection\":\"1; mode=block\"},\"rescc\":{\"public\":true,\"max-age\":\"31556952\",\"immutable\":true},\"m\":\"GET\",\"u\":\"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906\",\"h\":\"www.miraclebrand.co\",\"a\":true,\"reqh\":{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"accept-language\":\"en-US,en;q=0.9\",\"cf-connecting-ip\":\"2600:8804:280:2600:1a1:a6d3:aed1:508f\",\"cf-device-type\":\"mobile\",\"cf-ipcountry\":\"US\",\"cf-ray\":\"80ff750b4a6586f6\",\"cf-visitor\":\"{\\\"scheme\\\":\\\"https\\\"}\",\"connection\":\"Keep-Alive\",\"cookie\":\"__orly_aid=nr6tn2DYFmX1CtlAfffJm0YSYg-SN5Mr4dbQX; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _fbp=fb.1.1696015907367.8541997290; _s=0a70e18e-e32a-418a-848d-378ba54ed37d; _shopify_s=0a70e18e-e32a-418a-848d-378ba54ed37d; _shopify_y=7ad44312-17da-449a-9c21-db9b761f30c8; _y=7ad44312-17da-449a-9c21-db9b761f30c8; Outsmartly-Session=80e6a6f9aab82240; __HOST-fbp=fb.1.1696015907367.8541997290; __kla_id=eyIkZXhjaGFuZ2VfaWQiOiI2NkdCTWhYZVliMzBwQkJSMUJXWEEyQV92dzhBWE40UEotVXIyVmlKRlNIamtQbndHYVhSN2pyQWhZZUkzNUR6LkpGTks2QSIsIiRyZWZlcnJlciI6eyJ0cyI6MTY5NjI3NjA0NiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lm1pcmFjbGVicmFuZC5jby9ibG9ncy9uZXdzL2hvdy10by13YXNoLWEtZHV2ZXQtY292ZXIvP3V0bV9jb250ZW50PWJ1dHRvbiZ1dG1fc291cmNlPSUyNitHZXRFbWFpbHMrZmxvdyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1FTUFJTCs0KyUyOFJwSnpMOCUyOSZuYl9rbGlkPTAxSEFEM1FaTjVNTjJTMVNLVkMzQ0RWQVZYJl9reD02NkdCTWhYZVliMzBwQkJSMUJXWEEyQV92dzhBWE40UEotVXIyVmlKRlNIamtQbndHYVhSN2pyQWhZZUkzNUR6LkpGTks2QSJ9fQ==; cart_currency=USD; keep_alive=7abcd5a4-79eb-4eef-bd8f-ac37d8b33ecc; localization=US; secure_customer_sig=; BxC9ZQ4vbx_wThuq2kDSqid=2a30b372-2766-51b4-b4f4-b10b39f841a7.1696015909.2.1696113910.1696015950.7797ef35-39b7-4e51-ba6c-b40d229333e7; cto_bundle=bkYkL19xZXhwSmt6dSUyQnlFTXdjakdZaEYxOVpnd2lad090MEhlb1lFTWVuUkVWTXJRREtOamFZMVdyN1gzSUlFY3VjU1BkbmplVnlodCUyQkdIN1pIMmo1ZXhla2Y1cTBXJTJCTTZjSDBUUkZ5OHZza0hWTTZWbVRLTlQ5OHV0SjFiJTJGWkFKMzhX; _li_dcdm_c=.miraclebrand.co; _scid_r=c2b23bd4-461e-427d-93e6-ae08c8a8cea4; _scsrid_r=; cjUser=8bd10f06-7c21-488c-bd6c-895fdd840cdb; soundestID=20230930224507-6rIYMiP00ExqHObXbvrjnLNUjnCLVVdg6Xgn09lxGZVv4PsLG; mp_139deeeff16104d87877b31cf8b846e8_mixpanel=%7B%22distinct_id%22%3A%20%22%24device%3A18ae26dae5f1807-0645eef505e9ff8-7e793561-5a900-18ae26dae601808%22%2C%22%24device_id%22%3A%20%2218ae26dae5f1807-0645eef505e9ff8-7e793561-5a900-18ae26dae601808%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22initial_utm_source%22%3A%20%22%26%20GetEmails%20flow%22%2C%22initial_utm_medium%22%3A%20%22email%22%2C%22initial_utm_campaign%22%3A%20%22EMAIL%203%20(YciQdB)%22%2C%22initial_utm_content%22%3A%20null%2C%22initial_utm_term%22%3A%20null%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%22%26%20NEW%20Browse%20Abandonment%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22BA%20NEW%20Email%202%3A%20not%20sheets%20(VzyXdy)%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22utm_content%22%3A%20%22button%22%7D; _gekx=NjZHQk1oWGVZYjMwcEJCUjFCV1hBMkFfdnc4QVhONFBKLVVyMlZpSkZTSGprUG53R2FYUjdqckFoWWVJMzVEei5KRk5LNkE=; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMTZkZjQ1MDgtM2EzNy00MmZlLWEzNzktNGMxZTY2MGViYzA0JTIyJTJDJTIyZSUyMiUzQTE2OTY2Mzk1MDU4NjIlN0QlMkMlMjJNR1hfQ0lEJTIyJTNBJTdCJTIydiUyMiUzQSUyMjQ0NTdhMWY2LTM3ODQtNGFhMi1hOTI4LTE3N2Y5YjkzMGI1NCUyMiUyQyUyMmUlMjIlM0ExNjk2NjM5NTA1ODYzJTdEJTJDJTIyTUdYX1BYJTIyJTNBJTdCJTIydiUyMiUzQSUyMmRmYzExOGFhLWU1YTYtNDc0ZC1hODJjLThiNjk3M2U0ODJhOSUyMiUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTYxMTU3MDY4ODQlN0QlMkMlMjJNR1hfVlMlMjIlM0ElN0IlMjJ2JTIyJTNBMSUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTYxMTU3MDY4ODQlN0QlMkMlMjJNR1hfRUlEJTIyJTNBJTdCJTIydiUyMiUzQSUyMm5zX3NlZ18wMDAlMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNjk2MTE1NzA2ODg0JTdEJTdE; AMP_9bdc728a74={\\\"deviceId\\\":\\\"c822cc76-c28d-442e-9c7b-c66e9b747b05\\\",\\\"sessionId\\\":1696113906333,\\\"lastEventTime\\\":1696113906333,\\\"optOut\\\":false}; __attentive_id=5a811b35c3ac4e52b04a1a7a9624e078; __attentive_utm_param_campaign=BA%2520NEW%2520Email%25202%253A%2520not%2520sheets%2520%2528VzyXdy%2529; __attentive_utm_param_content=button; __attentive_utm_param_medium=email; __attentive_utm_param_source=%2526%2520NEW%2520Browse%2520Abandonment; _attn_=eyJ1Ijoie1wiY29cIjoxNjk2MDE1OTQ5ODY1LFwidW9cIjoxNjk2MDE1OTQ5ODY1LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjVhODExYjM1YzNhYzRlNTJiMDRhMWE3YTk2MjRlMDc4XCJ9In0=; _ga=GA1.2.361188515.1696015910; _ga_SPDGV600TP=GS1.2.1696113905.2.0.1696113905.60.0.0; _gcl_au=1.1.1927001081.1696015909; _pin_unauth=dWlkPU1tSmxZbUUwWlRJdFpXVTBaQzAwTlRZeExXRTJNbVF0WkRNME1tWmpNamN3TkRrMg; _nb_sp_id.0dba=2e9f5303-3076-4751-aa0f-1638caf71bd1.1696015949.2.1696113905.1696015949.e2514446-10d6-4db8-8ced-b556e14bbee1; _sp_id.0dba=36eeae5d0ef7d041.1696015950.2.1696113906.1696015950; _tt_enable_cookie=1; _ttp=VT7GwicshlpMYPV-fn1MV9bHWyB; _svsid=1ce066d726b5ac67f27bb623edc088ea; cjConsent=MHxOfDB8Tnww; _gess=true; _geuid=1cea4ac1-cba6-48c0-b252-7ed4f54190ed; _scsrid=; addshoppers.com=2%7C1%3A0%7C10%3A1696015952%7C15%3Aaddshoppers.com%7C44%3ANWZlMTFjODVkNThhNGFiNmJlN2M3MTMyMjIwOTc4Yjc%3D%7C7eb464b8330a40cdac59a8ad036ee50aede1077ec4451fda590661ab0a928d71; po_visitor=7qfkXzuVjzH9; __attentive_cco=1696015949866; _landing_page=%2Fproducts%2F2x-miracle-pillow-cases-both%3Futm_source%3D%2526%2BGetEmails%2Bflow%26utm_medium%3Demail%26utm_campaign%3DEMAIL%2B3%2B%2528YciQdB%2529%26nb_klid%3D01HAD3QZN5MN2S1SKVC3CDVAVX%26_kx%3D66GBMhXeYb30pBBR1BWXA2A_vw8AXN4PJ-Ur2ViJFSHjkPnwGaXR7jrAhYeI35Dz.JFNK6A; _orig_referrer=; smartDash=fc3e64ca-d1c9-444c-96dd-6e3901904ded; _sctr=1%7C1695963600000; _hjSessionUser_2538194=eyJpZCI6ImYwMDlkMGUxLTNkMGEtNTIwYS1hZWI1LTQwODAzZjNmZWNhYSIsImNyZWF0ZWQiOjE2OTYwMTU5MDkyODYsImV4aXN0aW5nIjpmYWxzZX0=; _tt_enable_cookie=1; _ttp=VT7GwicshlpMYPV-fn1MV9bHWyB; _lc2_fpi=06860a8fb6fb--01hbh6t017qtgng4asewschgx8; _lc2_fpi_meta={%22w%22:1696015908903}; _scid=c2b23bd4-461e-427d-93e6-ae08c8a8cea4\",\"host\":\"www.miraclebrand.co\",\"origin\":\"https://www.miraclebrand.co\",\"referer\":\"https://www.miraclebrand.co/blogs/news/how-to-wash-a-duvet-cover/?utm_content=button&utm_source=%26%20GetEmails%20flow&utm_medium=email&utm_campaign=EMAIL%204%20%28RpJzL8%29&nb_klid=01HAD3QZN5MN2S1SKVC3CDVAVX&_kx=66GBMhXeYb30pBBR1BWXA2A_vw8AXN4PJ-Ur2ViJFSHjkPnwGaXR7jrAhYeI35Dz.JFNK6A\",\"sec-fetch-dest\":\"script\",\"sec-fetch-mode\":\"cors\",\"sec-fetch-site\":\"same-origin\",\"user-agent\":\"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1\",\"x-forwarded-proto\":\"https\",\"x-real-ip\":\"2600:8804:280:2600:1a1:a6d3:aed1:508f\"},\"reqcc\":{}}","outsmartly-original-cache-control":"public, max-age=31556952, immutable","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=w4D9d4jmcAiqgEhZLOOZM%2FzFsjF23D%2BcK1vsbsix1v5D%2FbOmy8v2kZi1vLA7TnTH51JTvHILZ3PvIU3EcQA51wcFU89312bypan9kZSYFqf6BBJV4dKbMF9I0u0ciz1wfmyXv0Fd8fQBtpUijeeaNt4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","server":"cloudflare","server-timing":"imagery;dur=94.670, imageryFetch;dur=94.398, cfRequestDuration;dur=32.000065, cfRequestDuration;dur=33.999920","strict-transport-security":"max-age=63072000; includeSubDomains; preload","timing-allow-origin":"*","transfer-encoding":"chunked","vary":"Accept-Encoding, Accept-Encoding","x-content-type-options":"nosniff","x-dc":"gcp-us-central1,gcp-us-east1","x-request-id":"c57b1e7e-21ea-4b98-8459-7c5e0e3cdefc","x-sorting-hat-podid":"-1","x-xss-protection":"1; mode=block"},"rescc":{"max-age":"31556952000"},"m":"GET","u":"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906","h":"www.miraclebrand.co","a":true,"reqh":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en-US,en;q=0.9","cf-connecting-ip":"63.117.14.11","cf-device-type":"desktop","cf-ipcountry":"US","cf-ray":"8100eb92effb43fe","cf-visitor":"{\"scheme\":\"https\"}","connection":"Keep-Alive","cookie":"keep_alive=8b58b384-7d4f-4e24-acaf-c27400477c7b; secure_customer_sig=; localization=US; cart_currency=USD; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _y=29e075cc-a5fa-46b6-a6d4-0305c09e1840; _s=7680ddb7-83bb-4f48-8447-d461d67d583c; _shopify_y=29e075cc-a5fa-46b6-a6d4-0305c09e1840; _shopify_s=7680ddb7-83bb-4f48-8447-d461d67d583c; _orig_referrer=; _landing_page=%2Fpages%2Fcare-guide%2F%3Futm_content%3Dbutton%26utm_source%3D%2526%2B%257C%2BPost-Delivery%26utm_medium%3Demail%26utm_campaign%3DEmail%2B%25231%2BTest%2B%25231%2BAugust%2B26%252C%2B2022%2BVariation%2BB%2B%2528R5pDLd%2529%26nb_klid%3D01HB98R426PG5JGA9NS31HEM0F%26_kx%3D7ckGAXefiHP75FDxllNnITlnbOcoUeaVNVZHr0PH_tnuxCgagTQpv5BPVlYw_OnZ.JFNK6A; __orly_aid=U26SHmgw4u50ySx4HfCUr8z1iU-XSidS1RRfD; Outsmartly-Session=8100eb7239680f43; __kla_id=eyIkZXhjaGFuZ2VfaWQiOiI3Y2tHQVhlZmlIUDc1RkR4bGxObklUbG5iT2NvVWVhVk5WWkhyMFBIX3RudXhDZ2FnVFFwdjVCUFZsWXdfT25aLkpGTks2QSIsIiRyZWZlcnJlciI6eyJ0cyI6MTY5NjI5MTM4MiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lm1pcmFjbGVicmFuZC5jby9wYWdlcy9jYXJlLWd1aWRlLz91dG1fY29udGVudD1idXR0b24mdXRtX3NvdXJjZT0lMjYrJTdDK1Bvc3QtRGVsaXZlcnkmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249RW1haWwrJTIzMStUZXN0KyUyMzErQXVndXN0KzI2JTJDKzIwMjIrVmFyaWF0aW9uK0IrJTI4UjVwRExkJTI5Jm5iX2tsaWQ9MDFIQjk4UjQyNlBHNUpHQTlOUzMxSEVNMEYmX2t4PTdja0dBWGVmaUhQNzVGRHhsbE5uSVRsbmJPY29VZWFWTlZaSHIwUEhfdG51eENnYWdUUXB2NUJQVmxZd19PblouSkZOSzZBIn19","host":"www.miraclebrand.co","origin":"https://www.miraclebrand.co","referer":"https://www.miraclebrand.co/pages/care-guide/?utm_content=button&utm_source=%26%20%7C%20Post-Delivery&utm_medium=email&utm_campaign=Email%20%231%20Test%20%231%20August%2026%2C%202022%20Variation%20B%20%28R5pDLd%29&nb_klid=01HB98R426PG5JGA9NS31HEM0F&_kx=7ckGAXefiHP75FDxllNnITlnbOcoUeaVNVZHr0PH_tnuxCgagTQpv5BPVlYw_OnZ.JFNK6A","sec-fetch-dest":"script","sec-fetch-mode":"cors","sec-fetch-site":"same-origin","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36","x-forwarded-proto":"https","x-real-ip":"63.117.14.11"},"reqcc":{}}
cf-ray: 81590e1d4c9f43d6-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js>; rel="canonical"
x-sorting-hat-podid: -1

Redirect headers

Location: https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f.js?v=20220906
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://qhbwql.click
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js Show response
www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/
Redirect Chain

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

37 KB
22 KB

64ms
63ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 917010
content-encoding: br
server-timing: imagery;dur=28.209, imageryFetch;dur=25.391, cfRequestDuration;dur=78.999996, cfRequestDuration;dur=29.999971, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 531fe848-158f-45b0-9416-828cd155ed27
outsmartly-cache: UNKNOWN
last-modified: Mon, 02 Oct 2023 23:42:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ktd1kMiut0wanq0%2FRdU8gEEJNaljUY%2FdKusMzQLHN1ltgzjT31k1VCkfw5VNTM%2BbrbBmGwcBNBBy2MZPPeeT7YD8nx7LILNgEaZ4fpyxufikSJdKf0jwm%2F6%2B%2FnJtLUWPLjA9wI0QfXEpZRdtFzqkYpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952000000
outsmartly-original-cache-control: max-age=31556952000
outsmartly-edge-cache-policy: {"v":1,"t":1696298539925,"sh":true,"ch":0.1,"imm":86400000,"st":200,"resh":{"accept-ranges":"bytes","access-control-allow-origin":"*","cache-control":"max-age=31556952000","cf-cache-status":"BYPASS","cf-ray":"81019a3235ad43fe-EWR","connection":"keep-alive","content-encoding":"gzip","content-length":"12760","content-type":"text/javascript","date":"Tue, 03 Oct 2023 02:02:19 GMT","last-modified":"Mon, 02 Oct 2023 23:42:15 GMT","link":"<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel=\"canonical\"","nel":"{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}","outsmartly-cache":"UNKNOWN","outsmartly-edge-cache-policy":"{\"v\":1,\"t\":1696290135080,\"sh\":true,\"ch\":0.1,\"imm\":86400000,\"st\":200,\"resh\":{\"accept-ranges\":\"bytes\",\"access-control-allow-origin\":\"*\",\"cache-control\":\"public, max-age=31556952, immutable\",\"cf-cache-status\":\"BYPASS\",\"cf-ray\":\"8100ccffb2871807-ATL\",\"connection\":\"keep-alive\",\"content-encoding\":\"gzip\",\"content-length\":\"12760\",\"content-type\":\"text/javascript\",\"date\":\"Mon, 02 Oct 2023 23:42:15 GMT\",\"last-modified\":\"Mon, 02 Oct 2023 23:42:15 GMT\",\"link\":\"<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel=\\\"canonical\\\"\",\"nel\":\"{\\\"success_fraction\\\":0.01,\\\"report_to\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"outsmartly-cache\":\"UNKNOWN\",\"report-to\":\"{\\\"endpoints\\\":[{\\\"url\\\":\\\"https:\\\\/\\\\/a.nel.cloudflare.com\\\\/report\\\\/v3?s=Ktd1kMiut0wanq0%2FRdU8gEEJNaljUY%2FdKusMzQLHN1ltgzjT31k1VCkfw5VNTM%2BbrbBmGwcBNBBy2MZPPeeT7YD8nx7LILNgEaZ4fpyxufikSJdKf0jwm%2F6%2B%2FnJtLUWPLjA9wI0QfXEpZRdtFzqkYpg%3D\\\"}],\\\"group\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"server\":\"cloudflare\",\"server-timing\":\"imagery;dur=28.209, imageryFetch;dur=25.391, cfRequestDuration;dur=78.999996\",\"strict-transport-security\":\"max-age=63072000; includeSubDomains; preload\",\"timing-allow-origin\":\"*\",\"vary\":\"Accept-Encoding\",\"x-content-type-options\":\"nosniff\",\"x-dc\":\"gcp-us-east1,gcp-us-east1\",\"x-request-id\":\"531fe848-158f-45b0-9416-828cd155ed27\",\"x-sorting-hat-podid\":\"-1\",\"x-xss-protection\":\"1; mode=block\"},\"rescc\":{\"public\":true,\"max-age\":\"31556952\",\"immutable\":true},\"m\":\"GET\",\"u\":\"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js\",\"h\":\"www.miraclebrand.co\",\"a\":true,\"reqh\":{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"accept-language\":\"en-US,en;q=0.9\",\"cf-connecting-ip\":\"2a03:2880:21ff:6::face:b00c\",\"cf-device-type\":\"desktop\",\"cf-ipcountry\":\"US\",\"cf-ray\":\"8100ccff7d191807\",\"cf-visitor\":\"{\\\"scheme\\\":\\\"https\\\"}\",\"connection\":\"Keep-Alive\",\"cookie\":\"secure_customer_sig=; localization=US; cart_currency=USD; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _y=1aa54154-0dc9-49fb-83ba-b4af74a52b5d; _s=0775ee0b-0199-45cd-9881-03437d24d286; _shopify_y=1aa54154-0dc9-49fb-83ba-b4af74a52b5d; _shopify_s=0775ee0b-0199-45cd-9881-03437d24d286; _orig_referrer=; _landing_page=%2Fproducts%2Fextra-luxe-miracle-sheet-set%3Futm_content%3DFacebook_UA%26utm_source%3Dfacebook%26variant%3D44924245962%26fbclid%3DIwAR0T9LMPA_RWa07pKfOJHMnfkPi-y99vTdxmpxsPKNz0vZIwkhntTaLX8jw; __orly_aid=PuO7WBcz6zselGLSM2Ecthetffw-NfKks0FXPp; Outsmartly-Session=8100ccd488d54578; __HOST-_orly_vs=20; __orly_vs=20; smartDash=49926f8b-760b-40f2-8329-2e73399b5676\",\"host\":\"www.miraclebrand.co\",\"origin\":\"https://www.miraclebrand.co\",\"referer\":\"https://www.miraclebrand.co/products/extra-luxe-miracle-sheet-set?utm_content=Facebook_UA&utm_source=facebook&variant=44924245962&fbclid=IwAR0T9LMPA_RWa07pKfOJHMnfkPi-y99vTdxmpxsPKNz0vZIwkhntTaLX8jw\",\"sec-ch-ua\":\"\\\"Google Chrome\\\";v=\\\"117\\\", \\\"Not;A=Brand\\\";v=\\\"8\\\", \\\"Chromium\\\";v=\\\"117\\\"\",\"sec-ch-ua-mobile\":\"?0\",\"sec-ch-ua-platform\":\"\\\"Linux\\\"\",\"sec-fetch-dest\":\"script\",\"sec-fetch-mode\":\"cors\",\"sec-fetch-site\":\"same-origin\",\"user-agent\":\"facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)\",\"x-forwarded-proto\":\"https\",\"x-real-ip\":\"2a03:2880:21ff:6::face:b00c\"},\"reqcc\":{}}","outsmartly-original-cache-control":"public, max-age=31556952, immutable","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Ktd1kMiut0wanq0%2FRdU8gEEJNaljUY%2FdKusMzQLHN1ltgzjT31k1VCkfw5VNTM%2BbrbBmGwcBNBBy2MZPPeeT7YD8nx7LILNgEaZ4fpyxufikSJdKf0jwm%2F6%2B%2FnJtLUWPLjA9wI0QfXEpZRdtFzqkYpg%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","server":"cloudflare","server-timing":"imagery;dur=28.209, imageryFetch;dur=25.391, cfRequestDuration;dur=78.999996, cfRequestDuration;dur=29.999971","strict-transport-security":"max-age=63072000; includeSubDomains; preload","timing-allow-origin":"*","vary":"Accept-Encoding","x-content-type-options":"nosniff","x-dc":"gcp-us-east1,gcp-us-east1","x-request-id":"531fe848-158f-45b0-9416-828cd155ed27","x-sorting-hat-podid":"-1","x-xss-protection":"1; mode=block"},"rescc":{"max-age":"31556952000"},"m":"GET","u":"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js","h":"www.miraclebrand.co","a":true,"reqh":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en-US,en;q=0.9","cf-connecting-ip":"130.68.183.2","cf-device-type":"mobile","cf-ipcountry":"US","cf-ray":"81019a3109db43fe","cf-visitor":"{\"scheme\":\"https\"}","connection":"Keep-Alive","cookie":"__orly_aid=D63wwvDTlbn9XDNZGpRkCwS13xw-ZBK2BD7wb7; __orly_vs=50; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _s=2b05a14a-3b23-4289-97de-e1be0c3f14c4; _shopify_s=2b05a14a-3b23-4289-97de-e1be0c3f14c4; _shopify_y=3be83ca4-3a70-4172-9c9d-6b3f19736fd0; _y=3be83ca4-3a70-4172-9c9d-6b3f19736fd0; Outsmartly-Session=80f94e307aba0f46; __HOST-_orly_vs=50; cart_currency=USD; keep_alive=b4e6cb24-469b-4455-8667-91cd0c651a3b; localization=US; secure_customer_sig=; BxC9ZQ4vbx_wThuq2kDSqid=09a00c2e-bd16-5f8f-8000-d3ba61cfbd5e.1696211542.1.1696211757.1696211542.a0fddb32-fb06-4604-acba-0572450721de; _nb_sp_id.0dba=d92c77ba-4733-4ecf-baaa-3075ddfa1732.1696211542.1.1696211582.1696211542.e06b9253-217a-4e97-8bce-d19919cd1f82; _sp_id.0dba=1aab417ea0f70870.1696211542.1.1696211582.1696211542; _fbp=fb.1.1696211542731.721391706; _sctr=1%7C1696132800000; _lc2_fpi=06860a8fb6fb--01hbq1c99bmdaqjner5eyenfbh; _lc2_fpi_meta={%22w%22:1696211543339}; _li_dcdm_c=.miraclebrand.co; _scid=1f1cae82-e543-41c4-888a-26b851e430ba; _scid_r=1f1cae82-e543-41c4-888a-26b851e430ba; _scsrid=; _scsrid_r=; cjConsent=MHxOfDB8Tnww; cjUser=b291ea54-97a3-4025-9eec-b07a2fe59d6d; cto_bundle=Ug-jyF95VTl3aDZ0NkJPVFJlMFVpQkUlMkIzaFpid1lWblFuYTVMUFlBWCUyRmNFVG9JQjlNTzQ0NlBuWnBRWE1LSW9BcFJ1R2QlMkJXREJXdzA4N3pIcnhsallyREE5WW9vWnc0bmhaVHNOdXN3MEdsSTdhWmhWOUtKJTJCSTAzcmVDQnN0enVHS1pH; soundestID=20231002015223-ZlN6UFcrTWVCQby8lxLOrUX9djBcocmxZQagwlEVyHvio6Kj8; mp_139deeeff16104d87877b31cf8b846e8_mixpanel=%7B%22distinct_id%22%3A%20%22%24device%3A18aee16252eb1b-0f39038eb660da-7e793561-61d78-18aee16252eb1b%22%2C%22%24device_id%22%3A%20%2218aee16252eb1b-0f39038eb660da-7e793561-61d78-18aee16252eb1b%22%2C%22%24search_engine%22%3A%20%22google%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.google.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.google.com%22%7D; _geuid=d224535e-622a-4e4d-b179-b735df56469f; addshoppers.com=2%7C1%3A0%7C10%3A1696211543%7C15%3Aaddshoppers.com%7C44%3AODc5N2NiNGU2NDhlNDllN2EwZGRkMzUxMjhiOTI2YzA%3D%7Cbb8924a5d103a17bf5a751f0ea9197d505fbf6cfcdc9f970e1657aeb8bc5ad4d; po_visitor=4l5CX64Ndt3Q; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyNjZkNmYwYmEtMDIwOC00YmQxLThhMWEtZmRkN2VhODgzNjQ2JTIyJTJDJTIyZSUyMiUzQTE2OTY3MzcxNDIyODMlN0QlMkMlMjJNR1hfUFglMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMzlkZDkyNTUtYWJkMS00NGE3LWExYzYtODk4ZGRkNjFhMDUwJTIyJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTY5NjIxMzM0Mjk5NiU3RCUyQyUyMk1HWF9DSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZDFkOTc5YTktY2U5OC00MDY3LWIwZDItMTYzYWY5YTYzOWYyJTIyJTJDJTIyZSUyMiUzQTE2OTY3MzcxNDIyODQlN0QlMkMlMjJNR1hfVlMlMjIlM0ElN0IlMjJ2JTIyJTNBMSUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTYyMTMzNDI5OTYlN0QlMkMlMjJNR1hfRUlEJTIyJTNBJTdCJTIydiUyMiUzQSUyMm5zX3NlZ18wMDAlMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNjk2MjEzMzQyOTk2JTdEJTdE; __attentive_id=7535efd02bf44c399beaabd13192ed07; _attn_=eyJ1Ijoie1wiY29cIjoxNjk2MjExNTQyNDYwLFwidW9cIjoxNjk2MjExNTQyNDYwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjc1MzVlZmQwMmJmNDRjMzk5YmVhYWJkMTMxOTJlZDA3XCJ9In0=; _ga=GA1.2.172757779.1696211543; _ga_SPDGV600TP=GS1.2.1696211542.1.0.1696211542.60.0.0; _gcl_au=1.1.1085952155.1696211542; _pin_unauth=dWlkPU5XRTVPVE15T1RFdFlqa3hPQzAwWkdabUxXRTNOR1l0TmpoaU1HTm1OalprTVRjeA; AMP_9bdc728a74={\"deviceId\":\"9dcbcc55-334c-49b8-b8a5-58472b931327\",\"sessionId\":1696211542895,\"lastEventTime\":1696211542898,\"optOut\":false}; __attentive_cco=1696211542460; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2OTYyMTE1NDMsInZhbHVlIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cubWlyYWNsZWJyYW5kLmNvL2Jsb2dzL2pvdXJuYWwvaG93LXRvLWdldC1zbGltZS1vdXQtb2Ytc2hlZXRzIyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTY5NjIxMTU0MywidmFsdWUiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5taXJhY2xlYnJhbmQuY28vYmxvZ3Mvam91cm5hbC9ob3ctdG8tZ2V0LXNsaW1lLW91dC1vZi1zaGVldHMjIn19; _tt_enable_cookie=1; _ttp=wXKE26auZ4R4Ak5-tKh6a_NZVLQ; _landing_page=%2Fblogs%2Fjournal%2Fhow-to-get-slime-out-of-sheets; _orig_referrer=https%3A%2F%2Fwww.google.com%2F; _svsid=0869281e7be137168cf420d9afdbbf54; smartDash=be0fb977-e17f-4d4b-827d-edfe6d1ed64b","host":"www.miraclebrand.co","origin":"https://www.miraclebrand.co","priority":"u=1, i","referer":"https://www.miraclebrand.co/blogs/journal/how-to-get-slime-out-of-sheets","sec-fetch-dest":"script","sec-fetch-mode":"cors","sec-fetch-site":"same-origin","user-agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1","x-forwarded-proto":"https","x-real-ip":"130.68.183.2"},"reqcc":{}}
cf-ray: 81590e1d9cff43d6-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid: -1

Redirect headers

Location: https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://qhbwql.click
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 ro.js Show response
ro.boldapps.net/v2_ui/js/ 403 KB
112 KB 158ms
61ms Script
application/javascript 2606:4700::6810:6c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ro.boldapps.net/v2_ui/js/ro.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770cff337a3f303cf3ab33859920745beabd5cd18aa6c6e7ed813672b6879ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Oct 2023 18:31:42 GMT
server: cloudflare
age: 6
etag: W/"64b1b-6078926bb7f80"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 81590e19cd630f3b-EWR
expires: Sat, 14 Oct 2023 04:45:48 GMT

GET
H2

200

bold-helper-functions.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/bold-helper-functions.js?v=130879166784491613001497551854
https://www.madduckposters.com/cdn/shop/t/53/assets/bold-helper-functions.js?v=130879166784491613001497551854

23 KB
6 KB

126ms
52ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/bold-helper-functions.js?v=130879166784491613001497551854

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

95c2e623a4ad1b2b28b87e57188159ad94063d4e192d5777fa3a27c40b257db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 101284
content-encoding: br
server-timing: imagery;dur=84.643, imageryFetch;dur=77.716, cfRequestDuration;dur=17.000198
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 778e0a57-83b1-406a-94bf-1129da28a912
last-modified: Thu, 12 Oct 2023 10:02:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a30IMIzbLhIgRagYxZBncp1dOSgsoNGKmtA%2BhJ3%2BF5YHFej9dKeCx58QtD6uHzihbxJi2F2kHwBry11ZY5%2FcjcuCdHYURpLfdrEFbczSF%2FmKeM9oZwzZaUtLjtpfSN4J2NDdMe81W18%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3a42d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/bold-helper-functions.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNmSsj3xHGQwHlz6994EhGpn6qmGwxrji6h1WhBdpelWZfeEnbIwETCcb9vCby9PWMCqtLUVD%2F4WAAQjiBUzV42l7aI%2FN0eNmIL61WPRMV5crYF8LMqxnvYv3PeRwFyPZIzKYV5Yyio%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/bold-helper-functions.js?v=130879166784491613001497551854
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=16.000032
CF-RAY: 81590e19c9265e79-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H2

200

bold.css
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/bold.css?v=67727555385224282771497552387
https://www.madduckposters.com/cdn/shop/t/53/assets/bold.css?v=67727555385224282771497552387

1 KB
1 KB

135ms
48ms

Stylesheet
text/css

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/bold.css?v=67727555385224282771497552387

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

781c597a57a400d556cafe8182086e160e7419aa7c1759a912c51f1e7035d155

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 101284
content-encoding: br
server-timing: imagery;dur=80.980, imageryFetch;dur=79.297, cfRequestDuration;dur=14.999866
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 713b7e31-d3bc-48dc-a88a-2f5aeee308cc
last-modified: Thu, 12 Oct 2023 11:44:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI2jNFQCQycbcxGWDApLSkIOTeiqusOLtW9TPr3lNrAcITSgLW9xp30l%2BT9DKUW9jkShXhC7y4PAstw1gvQPHDwMC6rFaTUUDZwZMA8IPZ6GOp9menZfW1Bj0j3NsMrS5%2Fa%2BYY8T2do%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3442d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/bold.css>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZeCksCxnerJM%2FpkLOS1HiPkacbmKx0XM3VGGXNKw0Q5pToVijOtCL%2F1g8q%2B%2BEwxfM0wehXPWKB8SympWG6phteyRvva128RciNd89sgbxe4Do720Jy1uondk7UyBtBxT0YxLA5IB%2Fk%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/bold.css?v=67727555385224282771497552387
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=6.999969
CF-RAY: 81590e19b9774321-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 95ms
86ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 18:33:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 79963
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33576
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 18:33:05 GMT

GET
H2

200

modernizr.min.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/modernizr.min.js?v=137617515274177302221497382438
https://www.madduckposters.com/cdn/shop/t/53/assets/modernizr.min.js?v=137617515274177302221497382438

3 KB
2 KB

164ms
83ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/modernizr.min.js?v=137617515274177302221497382438

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d19fb257b7de1754617d38f623d8d3e62b9ddac2c3b4e51962066cdcfa265371

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 55917
content-encoding: br
server-timing: imagery;dur=61.231, imageryFetch;dur=60.594, cfRequestDuration;dur=39.000034
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: df00dbe4-118b-41f1-8a50-62a936f35341
last-modified: Thu, 12 Oct 2023 02:38:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8KlzaXo%2BSGAywWPoafkMp5sUZovLvU%2FzYxRM3USQqq4vPKOvXehJFMTeYQxXiEI%2Bs8yt6wyTQ70BVnFDCOBF0Y0Dndvxi5RnDDSSuvnTcpHBCP%2BBGCAcAk06jTJ3RyFwLRGvwilhQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3f42d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/modernizr.min.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C7cxFuvQw3Onxh8pldxXTpE1PWFZMKIMzGyjj8G9F24WJLs23VcSNNuHXwM6vZByJQvnJxgi0hF0kkEftDFmTx0wb7Q5kMApVMP5Zr3BJvqhpBY0KE0ehiPWSrVpXF0MepRp13Y8AM%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/modernizr.min.js?v=137617515274177302221497382438
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=5.999804
CF-RAY: 81590e19ca4742bf-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H2

200

owlCarousel.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/owlCarousel.js?v=75813715580695946121497382438
https://www.madduckposters.com/cdn/shop/t/53/assets/owlCarousel.js?v=75813715580695946121497382438

42 KB
12 KB

106ms
51ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/owlCarousel.js?v=75813715580695946121497382438

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 86863
content-encoding: br
server-timing: imagery;dur=281.471, imageryFetch;dur=54.972, cfRequestDuration;dur=15.000105
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: bce14d73-93c6-4b73-ab31-06ee7cc699c5
last-modified: Thu, 12 Oct 2023 13:37:10 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72ePzZ5Pf9wHi0jR%2BJnI2MbWHxjbePdHNTaRiorDcsJd%2BQWrNUPV2nvgqw0EaeYXEZOwC7zeWXYF%2B4wzS77%2FzOEHWdcgZCLNaxrvFvAQivrXkE5XuNHPP8ompxlIrwvQSQiaXhrvKAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3c42d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/owlCarousel.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp5d6hYvAXK8niP5BBpi44ZAN1hTiRFvmI4PBKVi%2ByOnoUWTVr6XB3%2FwW1OnDt7sceFRkfm3UT9XCefeKxljqFOjc%2B82jwUOYXUr%2FC9bHZwfplqmyZdq4SiGaQPSkVGv4oPfQIMLzoc%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/owlCarousel.js?v=75813715580695946121497382438
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=4.999876
CF-RAY: 81590e19ea074321-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H2

200

crowdfunder.scss.css
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/crowdfunder.scss.css?v=10186879449654909231531698842
https://www.madduckposters.com/cdn/shop/t/53/assets/crowdfunder.scss.css?v=10186879449654909231531698842

972 B
884 B

134ms
49ms

Stylesheet
text/css

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/crowdfunder.scss.css?v=10186879449654909231531698842

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

bff115e2669939bba137932cea2a9edcb57233fc3929feaf7ff3dd07b94d7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 101284
content-encoding: br
server-timing: imagery;dur=91.821, imageryFetch;dur=86.122, imageryProcess;dur=4.338;desc="scss", cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: e7f3845c-b917-4793-84db-b40bd3e33bc2
last-modified: Thu, 12 Oct 2023 12:15:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhutO2d8CPwGQ9ie9bSbtEdsxXM6N9L%2FdLnyi8bTtxMqQgaS4BHlXH6REX3O9bkC5x2hljJ%2FK5chbou6wiaHR%2Bhti4PXo5%2FhrJEdigPQ%2B9uTx67hQGUnTWwPOp6p0%2FsyGXn4DCSeMm4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3742d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/crowdfunder.scss.css>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxvfzI5KPkocauWsSKtC5l5XUfgLDo5JyMP5XT2lZ4mYlstW7QELHuYZInR7f2SeJNnd2867kZLhNrbSBaq0Phep17WfFzmwhVro%2FqP8VoYuU%2FUIvmP5DpLCobgTEHzCVVIQTR1Plcw%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/crowdfunder.scss.css?v=10186879449654909231531698842
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=8.000135
CF-RAY: 81590e19ba4243c1-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H2

200

booster.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884
https://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

66 KB
23 KB

114ms
59ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

88177d4b195d2c5dbddb7e69a7b2e5c9012b1dcd768ef9573de02cca4024eb12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 101284
content-encoding: br
server-timing: imagery;dur=98.712, imageryFetch;dur=85.694, cfRequestDuration;dur=13.999939
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: a367b8a3-dfb5-42a9-b808-6650330de7b0
last-modified: Thu, 12 Oct 2023 03:03:50 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6x9gbNEmvIcu9QFHgX2tleDsoHr3eV2FXeuB0zpIIemYNm6bOE2fji2Dsob1z85gi%2BvqC9weWX%2BqKjATwvV3GUIQzOUxdDNMyhN3mFN2Z8eNRvYT8mN29x0Altf4pIzR%2Bbf7CBVz%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1a8f3842d1-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/booster.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBs0v9A0viTW9jGI%2Bi4socbkxxBPfWDpyk5Q8YSOge0gIO44Iij%2Bx6kJxxFc%2BWq%2Fkn6FvWX1fGz2Pb5niGUlm7i9jI0Y3PGxAyB3xmLFfd4rYVHxw9802%2BhpI0ZBy77uWlnF5qoEiMk%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cfRequestDuration;dur=3.999949
CF-RAY: 81590e19fa7643c1-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:48 GMT

GET
H2

200

oie_transparent_350x.png
www.madduckposters.com/cdn/shop/files/
Redirect Chain

http://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988
https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988

19 KB
19 KB

40ms
39ms

Image
image/avif

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

66780379d336459234ec580dff67bdb5bd9a738ae3df59186689929ef548e072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 37379
source-type: image/png
server-timing: imagery;dur=988.008, imageryFetch;dur=32.095, imageryProcess;dur=786.879;desc="image", cfRequestDuration;dur=13.000011
source-length: 27750
content-length: 19034
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 8b1194e6-75d0-47a0-9491-ca624b637522
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 12:05:31 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKNCM1SQ8UQlSajm3ruZbXvARFMa1blhLPznh5BGkaSB%2BUE0M%2B0gPabcjedkOcxq4rqxRbePrCWgW4J8R9aarp1%2FSaHyBZqTGYS1c%2FZbvAvNKGiL%2BTXmdX%2F9zsE%2F6OYXn04%2BnBtD%2FxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1adf8142d1-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

HoU_Def_V1_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/HoU_Def_V1_760x.jpg?v=1675562147%27
https://www.madduckposters.com/cdn/shop/products/HoU_Def_V1_760x.jpg?v=1675562147%27

208 KB
209 KB

62ms
62ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/HoU_Def_V1_760x.jpg?v=1675562147%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b99531a2c6320bb5951c9592b7e34366118eeaa2512ef1f02a021b78b5142fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 86862
source-type: image/jpeg
server-timing: imagery;dur=593.936, imageryFetch;dur=210.299, imageryProcess;dur=382.234;desc="image", cfRequestDuration;dur=19.999981
source-length: 1350039
content-length: 213414
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 98cff52c-7a84-4a5b-8f21-9d97724e88cc
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 10:55:34 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSk5pDsMLe2VCKe27NR3QQcpzzE3BvCbU9PsQVrb37iDY8PngK%2BmJX2FjL5Effwy%2Fc5hYy6X7fthRhs74rvX1eWcvbzJNrbEcUTUTmcJtOXpe4GCSfHPA1VXVUxbWwm4L%2BTT7qziCZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1aff9742d1-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/HoU_Def_V1_760x.jpg?v=1675562147%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg?v=1632153725%27
https://www.madduckposters.com/cdn/shop/products/Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg?v=1632153725%27

171 KB
172 KB

70ms
70ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg?v=1632153725%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

fb86404c18511d968ec732972f8f512f756a48184cb55e7b10f58fdc85107d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=216.351, imageryFetch;dur=39.619, imageryProcess;dur=175.166;desc="image", cfRequestDuration;dur=13.000011
source-length: 323828
content-length: 174740
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: b869a281-5717-425f-89bc-63d051d0a49e
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 06:14:11 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz1oLkc5hhpLuvFHhfLPMhP1DjUr8kTpz2%2F%2B1qzOvwE1VrQ1KpDCncZ8PD%2Bp4yed1pPHlz9vIuCy%2BJsUN44y1clpaLTj7hbi8gSmLC5OdHXx8zJb9JcsXOCRbKYIGgoYPfmXWDsUqlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1b8f6a1889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/Reg-FINAL-sh_8049e771-7c9f-4535-b7c9-b79cdc428c2d_760x.jpg?v=1632153725%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

CK-Reg-Ruth_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/CK-Reg-Ruth_760x.jpg?v=1671391578%27
https://www.madduckposters.com/cdn/shop/products/CK-Reg-Ruth_760x.jpg?v=1671391578%27

92 KB
92 KB

41ms
41ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/CK-Reg-Ruth_760x.jpg?v=1671391578%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

26c539eedbfd3f5afe4a73e33f3d86f52c36759476c1ff02fcb455eefccd0e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 16843
source-type: image/jpeg
server-timing: imagery;dur=197.704, imageryFetch;dur=64.324, imageryProcess;dur=132.548;desc="image", cfRequestDuration;dur=9.999990
source-length: 155049
content-length: 93788
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 36b8e758-439e-4755-84c0-2bf15155b1f6
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 03:38:49 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5QFSXw44c1IZW8z3tsykJLs5W5zGtrsafVnK%2FgG3gT7x%2F2or7m2t5GA0f3iwlpNtMvHQqCPkRb6GtHqfnjhzL9gQaR%2Blp7rCfoUnMzbUVN%2Fo2TGR5zYuqJLt5QnYgZ2bjaCCiDKI2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1b8f6b1889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/CK-Reg-Ruth_760x.jpg?v=1671391578%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

CK-reg-notext_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/CK-reg-notext_760x.jpg?v=1672243601
https://www.madduckposters.com/cdn/shop/products/CK-reg-notext_760x.jpg?v=1672243601

93 KB
93 KB

38ms
37ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/CK-reg-notext_760x.jpg?v=1672243601

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d947fccd2f862f3725dcc828d841e7eb20fd3b40501d87c22c2bf574a2296941

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=194.483, imageryFetch;dur=44.317, imageryProcess;dur=137.547;desc="image", cfRequestDuration;dur=9.999990
source-length: 147127
content-length: 94748
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 54269212-2418-458d-bd51-2f27e9440ab6
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 03:05:00 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2vfL0Uv3PDm39hBq87LdNxcGTXyHssfLJcgvPnl9VdcuVAoXjqeDQmMkqK9RVFZ%2BBOGIdZnw63TzrIN3Nunux1di2ZwW0Vhfob0sWXUCjlwt2D3dYqPhY8McM1BE8NMLhO7bjEHv38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1d99401889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/CK-reg-notext_760x.jpg?v=1672243601
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

BV-Reg-KT_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/BV-Reg-KT_760x.jpg?v=1579062085%27
https://www.madduckposters.com/cdn/shop/products/BV-Reg-KT_760x.jpg?v=1579062085%27

120 KB
121 KB

68ms
67ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/BV-Reg-KT_760x.jpg?v=1579062085%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7334f378ca0a448224bf06bbd36a91475fe026ad8237c16ce98af37e3f72ea4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=335.778, imageryFetch;dur=56.823, imageryProcess;dur=277.880;desc="image", cfRequestDuration;dur=10.999918
source-length: 359652
content-length: 122918
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 2014ea82-1bee-4083-a1e7-7419a789b0b1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 01:37:06 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKroFTctOYr3xiiksxNa5aVa6NBPi1ZbhRiOYFX%2BEA%2F8DHRWbzx6EMli2Mz%2FcHr4cf8%2Bg8mq8Zi%2FpE5fDlHn%2F4PmkZFr1ZxT42cbHfvowac2IkJlfdHFwn%2BPPmOpikcN%2FsOE0wCVE5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1d99411889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/BV-Reg-KT_760x.jpg?v=1579062085%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

cthulu_reg_2_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/cthulu_reg_2_760x.jpg?v=1582692332%27
https://www.madduckposters.com/cdn/shop/products/cthulu_reg_2_760x.jpg?v=1582692332%27

212 KB
213 KB

101ms
101ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/cthulu_reg_2_760x.jpg?v=1582692332%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

10ff2ce566260b63e39a96e76243d339b86fbfaa54358943d4e05885139fae97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=241.784, imageryFetch;dur=69.805, imageryProcess;dur=170.739;desc="image", cfRequestDuration;dur=28.000116
source-length: 286701
content-length: 216752
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: ab10d3af-4686-4483-aa0e-d4a84ddec90f
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 00:52:45 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgH%2Fo%2FAVVcuBw7HuiYz0JL68nsoxNYaJ4ARQ6SYeWWXdltTiwWP%2BSYklpUsn3qXJuEgrY2nc2zwcrL650nQPmSa%2FkRJhkfI9T8Cq7Pk%2B0nq3FrzCzBLvEpC1wvPALb62ErYdmuR71zI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1d99421889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/cthulu_reg_2_760x.jpg?v=1582692332%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg?v=1646093678%27
https://www.madduckposters.com/cdn/shop/products/Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg?v=1646093678%27

100 KB
101 KB

149ms
149ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg?v=1646093678%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

23c692b3dcfadcb9504e64da5ca02ab947a477b3a204a60451b8717b01bfc34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=208.726, imageryFetch;dur=48.209, imageryProcess;dur=159.807;desc="image", cfRequestDuration;dur=9.000063
source-length: 218981
content-length: 102734
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 30d6745b-62c8-464b-aeab-8a48020df018
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 07:39:21 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4QzjyPhITSD2%2BYfCBMbnoEGOdsCkUu59suVde0jlyOPORNFt5whIpIITQZKgIRetMfhPtEV0IUWsU2PZ6r8vZf6yBLFxVZiRsyoeVxBLRiVk%2FGn6SBPylf33iUHZq20B2CKfh7%2FHvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1d99491889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/Reg-FINAL_5ea74360-fede-4fac-b456-a28954b35ee5_760x.jpg?v=1646093678%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

KILLER-KLOWNS-2-print-TM_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/KILLER-KLOWNS-2-print-TM_760x.jpg?v=1591762922%27
https://www.madduckposters.com/cdn/shop/products/KILLER-KLOWNS-2-print-TM_760x.jpg?v=1591762922%27

324 KB
325 KB

145ms
145ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/KILLER-KLOWNS-2-print-TM_760x.jpg?v=1591762922%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4412f8883cb25e54d78f5541f913d0249f5215a01650ee92bcad2bc5274019bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=682.689, imageryFetch;dur=216.769, imageryProcess;dur=464.335;desc="image", cfRequestDuration;dur=13.000011
source-length: 4919040
content-length: 331924
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: aaa379de-7d17-43c0-a88c-dcce0680b739
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 07:17:16 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgywlezGoWne0zbQbaqyhsGaJp8f9BWmDIOy89MQuGFkTT501q5ib4E%2FjU%2BENdFhXSY41rgrdHNcM%2FZY6YfHI762xZy7s3FRByQ88j1xfGkMNQD5rwBRDkSzzW1bkfCeryJNkkk0Knc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1dd96b1889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/KILLER-KLOWNS-2-print-TM_760x.jpg?v=1591762922%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

PHIBES_REG_760x.jpg
www.madduckposters.com/cdn/shop/products/
Redirect Chain

http://www.madduckposters.com/cdn/shop/products/PHIBES_REG_760x.jpg?v=1642791166%27
https://www.madduckposters.com/cdn/shop/products/PHIBES_REG_760x.jpg?v=1642791166%27

149 KB
150 KB

182ms
181ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/products/PHIBES_REG_760x.jpg?v=1642791166%27

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6d9245d787b61fc0ed2d35218586c49e107e0a8ade00ab4aa0da137fb728455a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=508.863, imageryFetch;dur=153.302, imageryProcess;dur=338.866;desc="image", cfRequestDuration;dur=12.000084
source-length: 2622716
content-length: 152440
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 6a2737f8-175a-452a-9f5b-5b66bbf0517e
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 08:57:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQoHKWvGYcN55AqCEOHNqjDEzpYR1tF%2By1a2PfdPSXlq8SzHTCd9EYJFneAHBQVOtXoACKG%2BAdEpruym6hKj5HqHZ4RXn3EDgUK8k3pYhnM1Mgn8yhcW1FjyzMhSeC83o96lbFKJV3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1e19ab1889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/products/PHIBES_REG_760x.jpg?v=1642791166%27
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg
www.madduckposters.com/cdn/shop/collections/
Redirect Chain

http://www.madduckposters.com/cdn/shop/collections/Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg?v=1644106021
https://www.madduckposters.com/cdn/shop/collections/Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg?v=1644106021

47 KB
47 KB

206ms
206ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/collections/Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg?v=1644106021

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

479a05c9362bfb1c8736339169a47a2d8a38139adcc136b8e794d691ff2de41a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=220.667, imageryFetch;dur=97.775, imageryProcess;dur=120.869;desc="image", cfRequestDuration;dur=10.999918
source-length: 279612
content-length: 47670
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 4ab8da46-fb17-4aa8-b0e5-395880ac8fbf
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 16:32:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7En5kpGflCVnZwfDt%2BrrDSCLxTjcsP1S31k27BLYIE2I6efpj98oihB6zsoX9CtDCrRkwMvec3G3BgI6dSuTQpflyDzE8IlaPzq%2B%2BzNS4MyHuAcJ3IlIdxqEA1cNqB6i4eD1b4JKS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1e39c21889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/collections/Matching_Number_Set_1024x1024_de69ea66-1d02-43d5-bbb8-3f03d1fa5426_400x_crop_top.jpg?v=1644106021
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

b_400x_crop_top.jpg
www.madduckposters.com/cdn/shop/collections/
Redirect Chain

http://www.madduckposters.com/cdn/shop/collections/b_400x_crop_top.jpg?v=1497412095
https://www.madduckposters.com/cdn/shop/collections/b_400x_crop_top.jpg?v=1497412095

4 KB
5 KB

184ms
183ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/collections/b_400x_crop_top.jpg?v=1497412095

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

58ceb438225f71673b80975fcfebb7da632f185398911d5d5b3ae05d979d8e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=72.249, imageryFetch;dur=38.000, imageryProcess;dur=33.590;desc="image", cfRequestDuration;dur=9.000063
source-length: 9048
content-length: 4242
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: f2a2bedd-2838-4a33-9b6c-a2ae1e910c5f
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 15:43:23 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMTVrmH3EPmQ8D4R8ptGvRdXJjFnTWN5XDWjUJPeBgCbW0RqP8sfSKoIXK%2BRTB3rzmWeToVwmn5qOys7%2BmHbqD4RM4L4o%2B0kVy7Vm%2BZHladBwiCkNAQEx9gd5B1Ot%2FjHRRIGfeYn4k0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1e59e71889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/collections/b_400x_crop_top.jpg?v=1497412095
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

vincent-price-logo_400x_crop_top.jpg
www.madduckposters.com/cdn/shop/collections/
Redirect Chain

http://www.madduckposters.com/cdn/shop/collections/vincent-price-logo_400x_crop_top.jpg?v=1565220595
https://www.madduckposters.com/cdn/shop/collections/vincent-price-logo_400x_crop_top.jpg?v=1565220595

5 KB
6 KB

160ms
159ms

Image
image/avif

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/collections/vincent-price-logo_400x_crop_top.jpg?v=1565220595

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ceda93fdd45567d77a4fc11a416d5a4496cff2e3c1303bb6e2ae728718f873bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=205.695, imageryFetch;dur=36.322, imageryProcess;dur=168.503;desc="image", cfRequestDuration;dur=9.999990
source-length: 12903
content-length: 5144
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: ca28df20-1f29-40ae-a7dc-fe704844ad87
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 07:17:15 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fi45VU92md8cu%2BDFtKzEJ5FLwDjUiz4irthcCM10%2B3kIFDGtDKh%2BM0ZuIgi7rhi9nCBGuAj5r9ZatRUTH%2BViZ%2BT2SqjPzzVZ4WqQOxc77CMQRcyv834IJVsHHaYCVb3Jvj%2BVlB9AeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1e8a1c1889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/collections/vincent-price-logo_400x_crop_top.jpg?v=1565220595
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

Horror_400x_crop_top.jpg
www.madduckposters.com/cdn/shop/collections/
Redirect Chain

http://www.madduckposters.com/cdn/shop/collections/Horror_400x_crop_top.jpg?v=1509411527
https://www.madduckposters.com/cdn/shop/collections/Horror_400x_crop_top.jpg?v=1509411527

15 KB
16 KB

135ms
134ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/collections/Horror_400x_crop_top.jpg?v=1509411527

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

42777ea38c41d2f6a4de0aebbc3ede0b3baf394a6f1af632a532ae6f31dfb480

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 16844
source-type: image/jpeg
server-timing: imagery;dur=145.356, imageryFetch;dur=108.317, imageryProcess;dur=36.268;desc="image", cfRequestDuration;dur=12.000084
source-length: 27322
content-length: 15260
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: f9a173b3-7db4-4fe2-b113-cc58fd47a944
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 16:32:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwHJn%2BDNKZ2BmvYFqo5jzCDs7gKGNIosX7eMuKBNY4%2BpjBFq7quPgb9N4T6HsQBNZOAUq8xY%2Bkhcx89Fgs1uJg2E%2FCWBK7D34n43PwVsluWcEBNJ1mQGPIL%2BN4RBAqZlg4SjX7a%2FqMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1eba4a1889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/collections/Horror_400x_crop_top.jpg?v=1509411527
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 VERTIGO-FINAL_VARIANT_1_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/files/ 31 KB
31 KB 156ms
69ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/files/VERTIGO-FINAL_VARIANT_1_480x480.jpg?v=1682347887

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

7b6e6ed893fb441e3dd9f00f7db379892ba86d7c1a861425c3d175152190177b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
source-type: image/jpeg
server-timing: imagery;dur=397.929, imageryFetch;dur=136.719, imageryProcess;dur=259.552;desc="image", cfRequestDuration;dur=39.000034
source-length: 5519184
content-length: 31268
x-xss-protection: 1; mode=block
x-request-id: 897dbbdc-8a04-4754-8bfb-6590882d5828
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 15:43:23 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Cs%2BEVkJXv1wv%2BXGlrnN7ikmrICxljcJ5YG9BJ03eFZlSnH%2BXl%2BIK47h3qcG7b%2Frn%2BIvQtwNT7NJj7JWhnTpEs9JOnsgac%2FNg6GHXSoB%2B4HilKdIB%2BLJcwABMQE0gQ%2F16Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/files/VERTIGO-FINAL_VARIANT_1_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c1da432d2-PHL

GET
H2 200 Variant_d95e7012-456a-4934-81de-089eb2093985_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/products/ 48 KB
49 KB 130ms
43ms Image
image/jpeg 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/products/Variant_d95e7012-456a-4934-81de-089eb2093985_480x480.jpg?v=1677644628

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9aece54c0f768c27562a22b89d10622c02d35a096c14023f6ebb41ca38541051

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 99201
source-type: image/jpeg
server-timing: imagery;dur=278.526, imageryFetch;dur=109.236, imageryProcess;dur=168.471;desc="image", cfRequestDuration;dur=14.999866
source-length: 1399208
content-length: 49133
x-xss-protection: 1; mode=block
x-request-id: f64e44cc-1bab-4f45-b2a3-894a2c612e20
alt-svc: h3=":443"; ma=86400
cf-bgj: h2pri
last-modified: Thu, 12 Oct 2023 07:48:44 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO%2FtZQN6I1KpJfawl2B70r0df4mfMIvSE0X7uMXSLFpcqTdG8wfw3lSRqwvcRhkcYfNvhCbZhNQNxDj9Hj9KG8DsuJpUOFK9DduXGWkpteFa1C0W5WyFQow6v%2FsqUpwNqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/products/Variant_d95e7012-456a-4934-81de-089eb2093985_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c1da532d2-PHL

GET
H2 200 received_866791331218966_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/files/ 46 KB
46 KB 104ms
60ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/files/received_866791331218966_480x480.jpg?v=1676487718

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9ea5394d42d5d7ebf5804cd17595cc4005c0f2bfd9174712aab0eba8ae29fd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 133588
source-type: image/jpeg
server-timing: imagery;dur=227.289, imageryFetch;dur=105.726, imageryProcess;dur=120.891;desc="image", cfRequestDuration;dur=15.000105
source-length: 300230
content-length: 46782
x-xss-protection: 1; mode=block
x-request-id: 140ea0fe-3817-4302-94d7-15be987ab506
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Aug 2023 05:05:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RAo3WRrR9fN3zkVVoMbH3eRwypogLd%2B6geZahCItioY4C1l2AgpojJm7dwiezfB0juV7NnDL3YmrM3Ql9oOa%2BIjWHiRpXClHeY4i625VJSoUoJCFDqZZ6jva6FZByxH3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/files/received_866791331218966_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c1da632d2-PHL

GET
H2 200 CK-Var-Ruth_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/products/ 31 KB
31 KB 126ms
126ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/products/CK-Var-Ruth_480x480.jpg?v=1671596527

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

75677e44f0fb36681ce0d5260f65120bb79d0b56dac9973b5e9bc00167421706

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 0
source-type: image/jpeg
server-timing: imagery;dur=184.890, imageryFetch;dur=83.439, imageryProcess;dur=96.414;desc="image", cfRequestDuration;dur=71.000099
source-length: 150367
content-length: 31284
x-xss-protection: 1; mode=block
x-request-id: 1072bf98-7d77-4d9e-b817-58ff41c50f45
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 10:09:37 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BScOKiQCjjgxncvUK2RkFvaWlVHfyU4DHgzZ6uYmSRLJW%2BGvfVE9OiIj2U3%2BQoV1sVAmSnK5vVbPdQVNzqcsXVF%2FamI86nKcdBF9OTEg6WN8EE%2FTMWVriZFTTtKAlU0g0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/products/CK-Var-Ruth_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c5dcc32d2-PHL

GET
H/1.1 200
OK slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 107ms
85ms Stylesheet
text/css 13.249.38.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-images.mailchimp.com/embedcode/slim-10_7.css
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Server: 13.249.38.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-38-183.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
Date: Fri, 13 Oct 2023 14:49:23 GMT
Last-Modified: Tue, 15 Dec 2015 20:19:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-C1
Age: 6986
ETag: W/"d67b6072a15510e2010ad947aa1213c3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: l6trqUq8ODtckOAgmgfhzyLhhZFF8oHAITcOoOba6R7FKHsjaseX3g==

GET
H/1.1 200
OK email-decode.min.js Show response
qhbwql.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 105ms
94ms Script
application/javascript 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://qhbwql.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 09 Oct 2023 07:45:52 GMT
Server: cloudflare
ETag: W/"6523afb0-4d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhAHEn497h2Rw7kGCQBzdRMwwTbkR8y%2BXelPumFcFndIuuWDztfVyJpFgUtmp8ydFkHScTErpKP3hIxbjsNv%2B9l%2Fhp7erjn%2F3qIR6yaWMTjZFW3QJK3E9qi71MYIoyUw%2FcD4n5Umho7k5Gc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 81590e1beec34380-EWR
Expires: Sun, 15 Oct 2023 16:45:48 GMT

GET
H3

200

fastclick.min.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/fastclick.min.js?v=29723458539410922371497382436
https://www.madduckposters.com/cdn/shop/t/53/assets/fastclick.min.js?v=29723458539410922371497382436

8 KB
3 KB

269ms
268ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/fastclick.min.js?v=29723458539410922371497382436

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ec6f5d22be781f235caf3e4d6b803eb692916c00f98ae3dfa20b716531aad466

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 107016
content-encoding: br
server-timing: imagery;dur=104.305, imageryFetch;dur=103.434, cfRequestDuration;dur=8.999825
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 83edc7fd-3b3d-4fdf-bff8-80a4e916c8e3
last-modified: Thu, 31 Aug 2023 23:26:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQKB35gx415%2FBDqnVG%2BlMEIieNxzpMA6%2FzTCeBSrkDAUP%2Bas1GPDJKN4aRuGwQJrExWglD84Jgl7JgI0xJ6FG%2BiTq8c4wOc1nH1y28Kh0kSuL8chRSlsPLMGUIlGCBIMrVxfTCUSzg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1b9f771889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/fastclick.min.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/fastclick.min.js?v=29723458539410922371497382436
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

plugins.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/plugins.js?v=18066946422561744651497382439
https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.js?v=18066946422561744651497382439

105 KB
35 KB

269ms
269ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.js?v=18066946422561744651497382439

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

1070f8aea416f4c74efceeef302e2dee84a0b4a887fdca1df6ccd2f3a86aa0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 16844
content-encoding: br
server-timing: imagery;dur=168.570, imageryFetch;dur=84.689, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: fd5c91d8-3e34-4b9a-8e46-84aceaa05570
last-modified: Thu, 12 Oct 2023 13:12:12 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8u%2FlS%2Bp0CcSQ8lBNpnJRxKzVS2rU8J6OUBQkZtbt0pZSHXM5nWmwnl6ozaYHGhuEocjlO%2BifiBkYMXJudHw4vs9OWp2lpPFrwqJRqqG4UieObcJac15jXqthCy3W8rX2%2BtNnPO7aXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1b9f781889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/plugins.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.js?v=18066946422561744651497382439
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

instafeed.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/instafeed.js?v=35928806501095949951497382438
https://www.madduckposters.com/cdn/shop/t/53/assets/instafeed.js?v=35928806501095949951497382438

7 KB
3 KB

272ms
272ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/instafeed.js?v=35928806501095949951497382438

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

bf49d0c4a03c2b29a05c1700fc645271948e3b72729aba035443fd344d8e0912

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 16844
content-encoding: br
server-timing: imagery;dur=58.806, imageryFetch;dur=55.439, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 1232df44-d07b-41d7-8183-ce2dd82f9c7c
last-modified: Thu, 12 Oct 2023 15:12:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1hdHFrojllzqwfct55V34KxXfKK1V7Vs1YWX%2FK%2FKc%2FIqg4wLiULD5k2jwOjknduYfup9eRwcyezKnv63Lb5uf1LD85eQTulpV2L35NHu%2Fz5kzdTCBxjWBemb8YIx9LGSQho%2BGA6SZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1b9f791889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/instafeed.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/instafeed.js?v=35928806501095949951497382438
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

timber.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/timber.js?v=143008408085071213351498226221
https://www.madduckposters.com/cdn/shop/t/53/assets/timber.js?v=143008408085071213351498226221

11 KB
4 KB

272ms
272ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/timber.js?v=143008408085071213351498226221

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

86041e7dabc5d04080161288ea7710ea0a2f21463ed220aca67dec471b21bb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 134391
content-encoding: br
server-timing: imagery;dur=164.322, imageryFetch;dur=159.892, cfRequestDuration;dur=9.999990
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: c7c8d81e-5e75-4608-9503-95bd1c059b3f
last-modified: Thu, 12 Oct 2023 02:19:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBm7PBgh1iJtOhAmVEg7GOlK2mAjXp2IXVqFLIl0R4MDaMA%2F1j0AL8mxlelvK%2BNCdAyPyn3%2FYE1je2C20pLDHvq45pOqnV0N4BAQUeLJD6NbZ4zhO3kUVDLT9XLhjnWV%2BRtRg6LLaFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1b9f741889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/timber.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/timber.js?v=143008408085071213351498226221
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

custom.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/custom.js?v=71080177595013124251497382441
https://www.madduckposters.com/cdn/shop/t/53/assets/custom.js?v=71080177595013124251497382441

30 KB
10 KB

119ms
119ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/custom.js?v=71080177595013124251497382441

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d393393fdfb9045182fe36e17fd043ba413d2c4d9930e89cc75cd65252aba6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 16844
content-encoding: br
server-timing: imagery;dur=63.689, imageryFetch;dur=58.123, cfRequestDuration;dur=8.000135
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: c1cd0f71-bfde-4ba0-9104-b9d860429d20
last-modified: Thu, 12 Oct 2023 12:32:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHyU7RorbRQn9hz%2FJAELRP%2BVOVwIxoykZminZnMG3tFS1IIYKG65f4VRL%2BHsTrNF2IlT69RqUdL9qJ9JaaB3L3keq56j7UWvSnOdpyTE2HdAcsWRvSwLNShrz3y0x0rTcA%2BgTlGQyTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1c98781889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/custom.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/custom.js?v=71080177595013124251497382441
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

currencies.js Show response
www.madduckposters.com/cdn/s/javascripts/
Redirect Chain

http://www.madduckposters.com/cdn/s/javascripts/currencies.js
https://www.madduckposters.com/cdn/s/javascripts/currencies.js

2 KB
2 KB

43ms
42ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/s/javascripts/currencies.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

80c50d13e60ea631a2b8d35e6a25f84504ef8c86db4d86ee9076cd990ca98c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 49715
content-encoding: br
server-timing: imagery;dur=20.332, imageryFetch;dur=18.845, cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: dc8f3d38-1fc8-4e0f-bae5-080eda0b7d83
last-modified: Fri, 13 Oct 2023 02:57:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dp%2FkQG6w%2FfjR2vsoXgFQt%2BMZIeXVgIdVBexVZMPhW69jisUTGEtFhcC35B5F88%2BgXHOaVosl6g%2F%2F%2FbEwSosBvo44QiVaCmWd7W9rJPOvhl9eVeckxDUxs7DauWVQLefKDt79ndc0OCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=90060
cf-ray: 81590e1d490a1889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/javascripts/currencies.js>; rel="canonical"
x-sorting-hat-podid: -1

Redirect headers

Location: https://www.madduckposters.com/cdn/s/javascripts/currencies.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

jquery.currencies.min.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/jquery.currencies.min.js?v=175057760772006623221497382438
https://www.madduckposters.com/cdn/shop/t/53/assets/jquery.currencies.min.js?v=175057760772006623221497382438

14 KB
4 KB

41ms
41ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/jquery.currencies.min.js?v=175057760772006623221497382438

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4ea44fb2522415170fceef45ab9bad5b52b75e835b12a6d9172e3f63d0e03543

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 134392
content-encoding: br
server-timing: imagery;dur=111.384, imageryFetch;dur=82.523, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 38a06579-f510-4bf7-b118-003d2a57d92c
last-modified: Thu, 12 Oct 2023 00:35:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbjmsSsMi0QVff5a87iHRL3iUAOhYf2xvnylDxyw%2Bp4JyI07to74Msnmz9UvejEnBBq5Lz0ZjD2f4Ni2xqYDV2%2FLZ8y51IpQfVjWzljLCrFoUyeY%2Fbh9H02Z0kyQDiEgHFoEvN%2Fbkm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1d490b1889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/jquery.currencies.min.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/jquery.currencies.min.js?v=175057760772006623221497382438
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

handlebars.min.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/handlebars.min.js?v=79044469952368397291497382437
https://www.madduckposters.com/cdn/shop/t/53/assets/handlebars.min.js?v=79044469952368397291497382437

45 KB
15 KB

39ms
39ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/handlebars.min.js?v=79044469952368397291497382437

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d0f387e5f3411a35691da3e37847ccfaf180043c63e8cfd59097191158b9923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 134392
content-encoding: br
server-timing: imagery;dur=96.231, imageryFetch;dur=95.976, cfRequestDuration;dur=10.999918
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 885d6d3c-5ba2-4067-b48c-67a39039176e
last-modified: Thu, 12 Oct 2023 01:55:20 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAji2a04B1Khv2BHPIf0J%2Fq2i8of4W9KCI6wM5UShdvyiFSC9r2b04P%2BFudngAdyxrzufsBz7U1JI4%2BLbA8Tau5dmo7ReDZJ9Urs6btNLAhjzf%2By8C1qNC39WH8sQ8gCMF0yQKPmRjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1d490c1889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/handlebars.min.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/handlebars.min.js?v=79044469952368397291497382437
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

ajax-cart.js Show response
www.madduckposters.com/cdn/shop/t/53/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shop/t/53/assets/ajax-cart.js?v=9688690642230510491497552004
https://www.madduckposters.com/cdn/shop/t/53/assets/ajax-cart.js?v=9688690642230510491497552004

9 KB
4 KB

42ms
41ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/ajax-cart.js?v=9688690642230510491497552004

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

4976a98ce9cd3e9b515730ee2ba2db2f3be3878fd4a2b1228d3e51ee879c389e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 16845
content-encoding: br
server-timing: imagery;dur=117.901, imageryFetch;dur=113.230, cfRequestDuration;dur=12.000084
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 649a4787-b72f-4cb0-a571-f4aeb880e082
last-modified: Thu, 12 Oct 2023 02:51:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ibfs7HBWve9Dpk2efUsdi3zn0sPuAIxczfgTaz53LnuJKrpdSGkZRKpuE%2F0QfrtdnEUFeD%2FK9ZMC0WQVKwfl0QvinmkXuEbe6ZTTdps4VGFpXpspFn%2Bedfn%2FmW42gAkSmkAaK3%2BMtvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 81590e1d490d1889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/ajax-cart.js>; rel="canonical"
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/t/53/assets/ajax-cart.js?v=9688690642230510491497552004
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 translations Show response
ro.boldapps.net/api_public/ 4 KB
2 KB 431ms
339ms Fetch
application/json 2606:4700::6810:6c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ro.boldapps.net/api_public/translations?_=1606689321&shop_url=mad-duck-posters.myshopify.com

Requested by

Host: ro.boldapps.net
URL: https://ro.boldapps.net/v2_ui/js/ro.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df74e1215b109ead8c80599cadfc93d9eca19ab7f41c59ad8b87b2917b679c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
pragma: no-cache
last-modified: Fri, 13 Oct 2023 16:45:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 81590e1bf8be78e8-EWR
access-control-allow-headers: cache-control, accept, origin, Content-Type
expires: Sat, 14 Oct 2023 04:45:49 GMT

GET
H2 200 recurring_cart_settings Show response
ro.boldapps.net/api_public/ 774 B
1 KB 214ms
122ms Fetch
application/json 2606:4700::6810:6c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ro.boldapps.net/api_public/recurring_cart_settings?_=1606689321&shop_url=mad-duck-posters.myshopify.com

Requested by

Host: ro.boldapps.net
URL: https://ro.boldapps.net/v2_ui/js/ro.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd50432350f75a122aa6dbfee483a70af61a42278a3876b7fcb8a796637f52e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
pragma: no-cache
last-modified: Fri, 13 Oct 2023 16:45:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 81590e1bf8c078e8-EWR
access-control-allow-headers: cache-control, accept, origin, Content-Type
expires: Sat, 14 Oct 2023 04:45:48 GMT

GET
H/1.1 200
OK cart.json Show response
qhbwql.click/ 283 B
858 B 71ms
71ms Fetch
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/cart.json
Requested by: Host: ro.boldapps.net
URL: https://ro.boldapps.net/v2_ui/js/ro.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75de8be29844c0a550d073aea30a3c02be1a8e5b61f4da6fa7905d698b5ff99e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTGu9hFlfDmxS3VKG26N64Kuu0%2FnNYdrVykIyrXq0ZYonPZTaDfm%2FqA9eciGMqoMXThNt9oxqyJiqZ2qDrT1HUg4AxbGdlMSL1qc8yxvVGE7pNwGfvBz%2BY5vLUCXnmoHs%2Bak4jgBuF0ywAo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e1b58880f87-EWR
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 103ms
95ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 18:18:41 GMT
X-Content-Type-Options: nosniff
Age: 80827
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15744
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 18:18:41 GMT

GET
H/1.1 200
OK bc17768fdw9ca797f2p09ffbf64m6f3c9c0fm.js Show response
qhbwql.click/cdn/wpm/ 76 KB
27 KB 84ms
84ms Script
application/javascript 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/cdn/wpm/bc17768fdw9ca797f2p09ffbf64m6f3c9c0fm.js
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e0837decee30e14e7b38d6cc1c8c8a2bd5010c7d663582f9a68c32f389fd231

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 13 Oct 2023 06:28:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By6Wmsa%2BdGnyQE3CROi0LbnHIGy2DUH4OCPmhT%2BfL%2FT%2FjBsJsEIKvUdCbqZFeVcDFQgWoNTGyUz53yLTQNv9X%2FQ3WpAAjxCo90bK%2FOZwnvkrjMhq7%2BFQt0Y%2BhOLz%2BI8xyTvucg6pKnyJWwI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 81590e1c3ef44380-EWR
alt-svc: h3=":443"; ma=86400
Content-Length: 27222

GET
H3

200

trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js Show response
www.madduckposters.com/cdn/s/
Redirect Chain

http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
https://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js

116 KB
34 KB

61ms
61ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

99b89fc22651c36f0b0a4a610c0c0d0d3c3cc2809317be682057ed02abf23762

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 165148
content-encoding: br
server-timing: imagery;dur=56.674, imageryFetch;dur=56.437, cfRequestDuration;dur=194.999933, cfRequestDuration;dur=36.000013, cfRequestDuration;dur=11.000156
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 825593c5-73fd-44fb-bf78-0633ed1300ce
outsmartly-cache: UNKNOWN
last-modified: Wed, 11 Oct 2023 18:48:32 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CP8J38Z2Lw6IwuysF52ZCALeCedqmYXjo7xsx1cc2mlxQcZtsgT21nvEqRx%2FwJzrwT3NBAtcquW4kySht%2B3jXG3y54WNv8sA%2FGxB5p82fkaFfi7tmHKWoZwvYusSa6sGAzgmCNg11gSLG8VZPh4RXrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000000000
outsmartly-original-cache-control: max-age=31536000000
outsmartly-edge-cache-policy: {"v":1,"t":1697050401000,"sh":true,"ch":0.1,"imm":86400000,"st":200,"resh":{"access-control-allow-origin":"*","access-control-expose-headers":"*","cache-control":"max-age=31536000000","cf-cache-status":"BYPASS","cf-ray":"81494e2dd6850f6b-EWR","connection":"keep-alive","content-encoding":"gzip","content-type":"text/javascript","date":"Wed, 11 Oct 2023 18:53:21 GMT","last-modified":"Wed, 11 Oct 2023 18:48:32 GMT","link":"<https://cdn.shopify.com/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js>; rel=\"canonical\"","nel":"{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}","outsmartly-cache":"UNKNOWN","outsmartly-edge-cache-policy":"{\"v\":1,\"t\":1697050112113,\"sh\":true,\"ch\":0.1,\"imm\":86400000,\"st\":200,\"resh\":{\"access-control-allow-origin\":\"*\",\"access-control-expose-headers\":\"*\",\"cache-control\":\"public, max-age=31536000\",\"cf-cache-status\":\"BYPASS\",\"cf-ray\":\"8149471f761510b6-ORD\",\"connection\":\"keep-alive\",\"content-encoding\":\"gzip\",\"content-type\":\"text/javascript\",\"date\":\"Wed, 11 Oct 2023 18:48:32 GMT\",\"last-modified\":\"Wed, 11 Oct 2023 18:48:32 GMT\",\"link\":\"<https://cdn.shopify.com/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js>; rel=\\\"canonical\\\"\",\"nel\":\"{\\\"success_fraction\\\":0.01,\\\"report_to\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"outsmartly-cache\":\"UNKNOWN\",\"report-to\":\"{\\\"endpoints\\\":[{\\\"url\\\":\\\"https:\\\\/\\\\/a.nel.cloudflare.com\\\\/report\\\\/v3?s=CP8J38Z2Lw6IwuysF52ZCALeCedqmYXjo7xsx1cc2mlxQcZtsgT21nvEqRx%2FwJzrwT3NBAtcquW4kySht%2B3jXG3y54WNv8sA%2FGxB5p82fkaFfi7tmHKWoZwvYusSa6sGAzgmCNg11gSLG8VZPh4RXrg%3D\\\"}],\\\"group\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"server\":\"cloudflare\",\"server-timing\":\"imagery;dur=56.674, imageryFetch;dur=56.437, cfRequestDuration;dur=194.999933\",\"strict-transport-security\":\"max-age=63072000; includeSubDomains; preload\",\"timing-allow-origin\":\"*\",\"transfer-encoding\":\"chunked\",\"vary\":\"Accept-Encoding, Accept-Encoding\",\"x-content-type-options\":\"nosniff\",\"x-dc\":\"gcp-us-central1,gcp-us-central1\",\"x-request-id\":\"825593c5-73fd-44fb-bf78-0633ed1300ce\",\"x-sorting-hat-podid\":\"-1\",\"x-xss-protection\":\"1; mode=block\"},\"rescc\":{\"public\":true,\"max-age\":\"31536000\"},\"m\":\"GET\",\"u\":\"https://www.miraclebrand.co/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js\",\"h\":\"www.miraclebrand.co\",\"a\":true,\"reqh\":{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"accept-language\":\"en-US,en;q=0.9\",\"cf-connecting-ip\":\"2600:6c44:7d7f:c24c:87b:9a3c:95d6:868c\",\"cf-device-type\":\"desktop\",\"cf-ipcountry\":\"US\",\"cf-ray\":\"8149471f2ef110b6\",\"cf-visitor\":\"{\\\"scheme\\\":\\\"https\\\"}\",\"connection\":\"Keep-Alive\",\"cookie\":\"keep_alive=35bce08b-9d60-494d-9f93-55dedbec5d97; secure_customer_sig=; localization=US; cart_currency=USD; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _y=d521a0c2-1e4c-4122-bd55-ff8c550d5c44; _s=6325e96c-8090-4d3b-824d-cd801605aace; _shopify_y=d521a0c2-1e4c-4122-bd55-ff8c550d5c44; _shopify_s=6325e96c-8090-4d3b-824d-cd801605aace; _orig_referrer=https%3A%2F%2Fshopmiraclebrand.co%2F; _landing_page=%2Fpages%2Fterms-and-conditions; __orly_aid=zlKyO8lGF2PQUW42I1DQ9BOwJSU-KYXV0hTf6f; Outsmartly-Session=81494714be4110b6; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2OTcwNTAxMTAsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5taXJhY2xlYnJhbmQuY28vcGFnZXMvdGVybXMtYW5kLWNvbmRpdGlvbnMifX0=; __HOST-_orly_vs=20; __orly_vs=20; smartDash=370e15f9-f851-4054-8902-2c9acb7b37a8; _nb_sp_ses.0dba=*; _nb_sp_id.0dba=614217e4-1761-4eb4-bad6-acfeb1b941d3.1697050110.1.1697050110.1697050110.caea4c9a-aebf-4a1c-8665-912eae8b0d3a; BxC9ZQ4vbx_wThuq2kDSqses=*; BxC9ZQ4vbx_wThuq2kDSqid=a9677707-0c74-5a86-bbf0-3b9145910c62.1697050110.1.1697050110.1697050110.d9d1c0d2-91e1-4fc5-8217-d67539ff71d2; _gcl_au=1.1.1469473272.1697050110\",\"host\":\"www.miraclebrand.co\",\"referer\":\"https://www.miraclebrand.co/pages/terms-and-conditions\",\"sec-ch-ua\":\"\\\"Not_A Brand\\\";v=\\\"99\\\", \\\"WaveBrowser\\\";v=\\\"109\\\", \\\"WaveBrowser\\\";v=\\\"109\\\"\",\"sec-ch-ua-mobile\":\"?0\",\"sec-ch-ua-platform\":\"\\\"Windows\\\"\",\"sec-fetch-dest\":\"script\",\"sec-fetch-mode\":\"no-cors\",\"sec-fetch-site\":\"same-origin\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36\",\"x-forwarded-proto\":\"https\",\"x-real-ip\":\"2600:6c44:7d7f:c24c:87b:9a3c:95d6:868c\"},\"reqcc\":{}}","outsmartly-original-cache-control":"public, max-age=31536000","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=CP8J38Z2Lw6IwuysF52ZCALeCedqmYXjo7xsx1cc2mlxQcZtsgT21nvEqRx%2FwJzrwT3NBAtcquW4kySht%2B3jXG3y54WNv8sA%2FGxB5p82fkaFfi7tmHKWoZwvYusSa6sGAzgmCNg11gSLG8VZPh4RXrg%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","server":"cloudflare","server-timing":"imagery;dur=56.674, imageryFetch;dur=56.437, cfRequestDuration;dur=194.999933, cfRequestDuration;dur=36.000013","strict-transport-security":"max-age=63072000; includeSubDomains; preload","timing-allow-origin":"*","transfer-encoding":"chunked","vary":"Accept-Encoding, Accept-Encoding","x-content-type-options":"nosniff","x-dc":"gcp-us-central1,gcp-us-central1","x-request-id":"825593c5-73fd-44fb-bf78-0633ed1300ce","x-sorting-hat-podid":"-1","x-xss-protection":"1; mode=block"},"rescc":{"max-age":"31536000000"},"m":"GET","u":"https://www.miraclebrand.co/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js","h":"www.miraclebrand.co","a":true,"reqh":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en-US,en;q=0.9","cf-connecting-ip":"2607:fb90:9306:985e:9811:6cde:6c4b:66c1","cf-device-type":"mobile","cf-ipcountry":"US","cf-ray":"81494e2d8b0f0f6b","cf-visitor":"{\"scheme\":\"https\"}","connection":"Keep-Alive","cookie":"__orly_aid=dmy06TuOLcmegxi0tyIxjUyjlo-ReYbAv6DJT; smartDash=f6a9f974-196d-44d4-9c4d-b47384b5d45d; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _landing_page=%2Fapps%2Fwonderment%2Ftracking%3Fsearch%3D1LSCZLD002MFGTQ%26t%3DeyJxdWVyeSI6Im1iLTU3MDM1NiIsImVtYWlsIjoic2tmMTAzMUBnbWFpbC5jb20ifQ%253D%253D%26utm_source%3D04%2B%257C%2BWonderment%2B%257C%2BShipping%2B%257C%2BDelivered%26utm_medium%3Demail%26utm_campaign%3DWonderment%2B%252F%252F%2BOrder%2BArrival%2B%2528VD42mL%2529%26nb_klid%3D01HC7BVFJEMBNK319HVJR0JA9S%26utm_klaviyo_id%3D01HC7BVFJEMBNK319HVJR0JA9S%26_kx%3DckoplCxecn2rBOy3abnzrHNEIrdADTe1_9-sF2Ktuu0%253D.JFNK6A; _orig_referrer=; _s=0502a4fb-86e3-4fe9-b4f7-7c50adbf84c4; _shopify_s=0502a4fb-86e3-4fe9-b4f7-7c50adbf84c4; _shopify_y=eeb570ea-4e02-4d43-9843-26d9e8f34295; _y=eeb570ea-4e02-4d43-9843-26d9e8f34295; Outsmartly-Session=81409d1d7a09438b; __kla_id=eyIkZXhjaGFuZ2VfaWQiOiJja29wbEN4ZWNuMnJCT3kzYWJuenJITkVJcmRBRFRlMV85LXNGMkt0dXUwPS5KRk5LNkEiLCIkcmVmZXJyZXIiOnsidHMiOjE2OTcwNTAzOTYsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5taXJhY2xlYnJhbmQuY28vYXBwcy93b25kZXJtZW50L3RyYWNraW5nP3NlYXJjaD0xTFNDWkxEMDAyTUZHVFEmdD1leUp4ZFdWeWVTSTZJbTFpTFRVM01ETTFOaUlzSW1WdFlXbHNJam9pYzJ0bU1UQXpNVUJuYldGcGJDNWpiMjBpZlElM0QlM0QmdXRtX3NvdXJjZT0wNCslN0MrV29uZGVybWVudCslN0MrU2hpcHBpbmcrJTdDK0RlbGl2ZXJlZCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1Xb25kZXJtZW50KyUyRiUyRitPcmRlcitBcnJpdmFsKyUyOFZENDJtTCUyOSZuYl9rbGlkPTAxSEM3QlZGSkVNQk5LMzE5SFZKUjBKQTlTJnV0bV9rbGF2aXlvX2lkPTAxSEM3QlZGSkVNQk5LMzE5SFZKUjBKQTlTJl9reD1ja29wbEN4ZWNuMnJCT3kzYWJuenJITkVJcmRBRFRlMV85LXNGMkt0dXUwJTNELkpGTks2QSJ9fQ==; keep_alive=2c7e7ea9-c349-4f36-a383-01a3c780c4e0; localization=US; secure_customer_sig=","host":"www.miraclebrand.co","referer":"https://www.miraclebrand.co/apps/wonderment/tracking?search=1LSCZLD002MFGTQ&t=eyJxdWVyeSI6Im1iLTU3MDM1NiIsImVtYWlsIjoic2tmMTAzMUBnbWFpbC5jb20ifQ%3D%3D&utm_source=04%20%7C%20Wonderment%20%7C%20Shipping%20%7C%20Delivered&utm_medium=email&utm_campaign=Wonderment%20%2F%2F%20Order%20Arrival%20%28VD42mL%29&nb_klid=01HC7BVFJEMBNK319HVJR0JA9S&utm_klaviyo_id=01HC7BVFJEMBNK319HVJR0JA9S&_kx=ckoplCxecn2rBOy3abnzrHNEIrdADTe1_9-sF2Ktuu0%3D.JFNK6A","sec-fetch-dest":"script","sec-fetch-mode":"no-cors","sec-fetch-site":"same-origin","user-agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1","x-forwarded-proto":"https","x-real-ip":"2607:fb90:9306:985e:9811:6cde:6c4b:66c1"},"reqcc":{}}
cf-ray: 81590e1f2aa21889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js>; rel="canonical"
x-sorting-hat-podid: -1

Redirect headers

Location: https://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js Show response
www.madduckposters.com/cdn/shopifycloud/shopify/assets/
Redirect Chain

http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

8 KB
13 KB

45ms
44ms

Script
text/javascript

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 930706
content-encoding: br
server-timing: imagery;dur=23.077, imageryFetch;dur=22.367, cfRequestDuration;dur=14.999866, cfRequestDuration;dur=29.999971, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3071d805-9a6e-493e-9075-7180c69e467a
outsmartly-cache: UNKNOWN
last-modified: Wed, 20 Sep 2023 22:28:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsfTkmKAYBjWe3VasArKhg4Pb0TM5q1xName6JlfGbg8%2BWuLpbbwxqBxLYlg2%2B5uRh6RPVL%2B0En8jOJg0lN6f5x4pNmmKk2aBOCK5SXq%2F81NmSvUtK1f%2F3uablhmrNw8ud4cQDLs92qHOufMl04o0MY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952000000
outsmartly-original-cache-control: max-age=31556952000
outsmartly-edge-cache-policy: {"v":1,"t":1696284843541,"sh":true,"ch":0.1,"imm":86400000,"st":200,"resh":{"accept-ranges":"bytes","access-control-allow-origin":"*","cache-control":"max-age=31556952000","cf-cache-status":"BYPASS","cf-ray":"81004bcfe5cdc452-EWR","connection":"keep-alive","content-encoding":"gzip","content-length":"2920","content-type":"text/javascript","date":"Mon, 02 Oct 2023 22:14:03 GMT","last-modified":"Wed, 20 Sep 2023 22:28:10 GMT","link":"<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel=\"canonical\"","nel":"{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}","outsmartly-cache":"UNKNOWN","outsmartly-edge-cache-policy":"{\"v\":1,\"t\":1696276047238,\"sh\":true,\"ch\":0.1,\"imm\":86400000,\"st\":200,\"resh\":{\"accept-ranges\":\"bytes\",\"access-control-allow-origin\":\"*\",\"cache-control\":\"public, max-age=31556952, immutable\",\"cf-cache-status\":\"BYPASS\",\"cf-ray\":\"80ff750f046786f6-ORD\",\"connection\":\"keep-alive\",\"content-encoding\":\"gzip\",\"content-length\":\"2920\",\"content-type\":\"text/javascript\",\"date\":\"Mon, 02 Oct 2023 19:47:27 GMT\",\"last-modified\":\"Wed, 20 Sep 2023 22:28:10 GMT\",\"link\":\"<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel=\\\"canonical\\\"\",\"nel\":\"{\\\"success_fraction\\\":0.01,\\\"report_to\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"outsmartly-cache\":\"UNKNOWN\",\"report-to\":\"{\\\"endpoints\\\":[{\\\"url\\\":\\\"https:\\\\/\\\\/a.nel.cloudflare.com\\\\/report\\\\/v3?s=EsfTkmKAYBjWe3VasArKhg4Pb0TM5q1xName6JlfGbg8%2BWuLpbbwxqBxLYlg2%2B5uRh6RPVL%2B0En8jOJg0lN6f5x4pNmmKk2aBOCK5SXq%2F81NmSvUtK1f%2F3uablhmrNw8ud4cQDLs92qHOufMl04o0MY%3D\\\"}],\\\"group\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"server\":\"cloudflare\",\"server-timing\":\"imagery;dur=23.077, imageryFetch;dur=22.367, cfRequestDuration;dur=14.999866\",\"strict-transport-security\":\"max-age=63072000; includeSubDomains; preload\",\"timing-allow-origin\":\"*\",\"vary\":\"Accept-Encoding\",\"x-content-type-options\":\"nosniff\",\"x-dc\":\"gcp-us-central1,gcp-us-east1\",\"x-request-id\":\"3071d805-9a6e-493e-9075-7180c69e467a\",\"x-sorting-hat-podid\":\"-1\",\"x-xss-protection\":\"1; mode=block\"},\"rescc\":{\"public\":true,\"max-age\":\"31556952\",\"immutable\":true},\"m\":\"GET\",\"u\":\"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js\",\"h\":\"www.miraclebrand.co\",\"a\":true,\"reqh\":{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"accept-language\":\"en-US,en;q=0.9\",\"cf-connecting-ip\":\"2600:8804:280:2600:1a1:a6d3:aed1:508f\",\"cf-device-type\":\"mobile\",\"cf-ipcountry\":\"US\",\"cf-ray\":\"80ff750e9f9186f6\",\"cf-visitor\":\"{\\\"scheme\\\":\\\"https\\\"}\",\"connection\":\"Keep-Alive\",\"cookie\":\"__orly_aid=nr6tn2DYFmX1CtlAfffJm0YSYg-SN5Mr4dbQX; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _fbp=fb.1.1696015907367.8541997290; _s=0a70e18e-e32a-418a-848d-378ba54ed37d; _shopify_s=0a70e18e-e32a-418a-848d-378ba54ed37d; _shopify_y=7ad44312-17da-449a-9c21-db9b761f30c8; _svsid=1ce066d726b5ac67f27bb623edc088ea; _y=7ad44312-17da-449a-9c21-db9b761f30c8; Outsmartly-Session=80e6a6f9aab82240; __HOST-fbp=fb.1.1696015907367.8541997290; __kla_id=eyIkZXhjaGFuZ2VfaWQiOiI2NkdCTWhYZVliMzBwQkJSMUJXWEEyQV92dzhBWE40UEotVXIyVmlKRlNIamtQbndHYVhSN2pyQWhZZUkzNUR6LkpGTks2QSIsIiRyZWZlcnJlciI6eyJ0cyI6MTY5NjI3NjA0NiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lm1pcmFjbGVicmFuZC5jby9ibG9ncy9uZXdzL2hvdy10by13YXNoLWEtZHV2ZXQtY292ZXIvP3V0bV9jb250ZW50PWJ1dHRvbiZ1dG1fc291cmNlPSUyNitHZXRFbWFpbHMrZmxvdyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1FTUFJTCs0KyUyOFJwSnpMOCUyOSZuYl9rbGlkPTAxSEFEM1FaTjVNTjJTMVNLVkMzQ0RWQVZYJl9reD02NkdCTWhYZVliMzBwQkJSMUJXWEEyQV92dzhBWE40UEotVXIyVmlKRlNIamtQbndHYVhSN2pyQWhZZUkzNUR6LkpGTks2QSJ9fQ==; cart_currency=USD; keep_alive=7abcd5a4-79eb-4eef-bd8f-ac37d8b33ecc; localization=US; secure_customer_sig=; BxC9ZQ4vbx_wThuq2kDSqid=2a30b372-2766-51b4-b4f4-b10b39f841a7.1696015909.2.1696113910.1696015950.7797ef35-39b7-4e51-ba6c-b40d229333e7; cto_bundle=bkYkL19xZXhwSmt6dSUyQnlFTXdjakdZaEYxOVpnd2lad090MEhlb1lFTWVuUkVWTXJRREtOamFZMVdyN1gzSUlFY3VjU1BkbmplVnlodCUyQkdIN1pIMmo1ZXhla2Y1cTBXJTJCTTZjSDBUUkZ5OHZza0hWTTZWbVRLTlQ5OHV0SjFiJTJGWkFKMzhX; _li_dcdm_c=.miraclebrand.co; _scid_r=c2b23bd4-461e-427d-93e6-ae08c8a8cea4; _scsrid_r=; cjUser=8bd10f06-7c21-488c-bd6c-895fdd840cdb; soundestID=20230930224507-6rIYMiP00ExqHObXbvrjnLNUjnCLVVdg6Xgn09lxGZVv4PsLG; mp_139deeeff16104d87877b31cf8b846e8_mixpanel=%7B%22distinct_id%22%3A%20%22%24device%3A18ae26dae5f1807-0645eef505e9ff8-7e793561-5a900-18ae26dae601808%22%2C%22%24device_id%22%3A%20%2218ae26dae5f1807-0645eef505e9ff8-7e793561-5a900-18ae26dae601808%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22initial_utm_source%22%3A%20%22%26%20GetEmails%20flow%22%2C%22initial_utm_medium%22%3A%20%22email%22%2C%22initial_utm_campaign%22%3A%20%22EMAIL%203%20(YciQdB)%22%2C%22initial_utm_content%22%3A%20null%2C%22initial_utm_term%22%3A%20null%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%22%26%20NEW%20Browse%20Abandonment%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22BA%20NEW%20Email%202%3A%20not%20sheets%20(VzyXdy)%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22utm_content%22%3A%20%22button%22%7D; _gekx=NjZHQk1oWGVZYjMwcEJCUjFCV1hBMkFfdnc4QVhONFBKLVVyMlZpSkZTSGprUG53R2FYUjdqckFoWWVJMzVEei5KRk5LNkE=; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMTZkZjQ1MDgtM2EzNy00MmZlLWEzNzktNGMxZTY2MGViYzA0JTIyJTJDJTIyZSUyMiUzQTE2OTY2Mzk1MDU4NjIlN0QlMkMlMjJNR1hfQ0lEJTIyJTNBJTdCJTIydiUyMiUzQSUyMjQ0NTdhMWY2LTM3ODQtNGFhMi1hOTI4LTE3N2Y5YjkzMGI1NCUyMiUyQyUyMmUlMjIlM0ExNjk2NjM5NTA1ODYzJTdEJTJDJTIyTUdYX1BYJTIyJTNBJTdCJTIydiUyMiUzQSUyMmRmYzExOGFhLWU1YTYtNDc0ZC1hODJjLThiNjk3M2U0ODJhOSUyMiUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTYxMTU3MDY4ODQlN0QlMkMlMjJNR1hfVlMlMjIlM0ElN0IlMjJ2JTIyJTNBMSUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTYxMTU3MDY4ODQlN0QlMkMlMjJNR1hfRUlEJTIyJTNBJTdCJTIydiUyMiUzQSUyMm5zX3NlZ18wMDAlMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNjk2MTE1NzA2ODg0JTdEJTdE; AMP_9bdc728a74={\\\"deviceId\\\":\\\"c822cc76-c28d-442e-9c7b-c66e9b747b05\\\",\\\"sessionId\\\":1696113906333,\\\"lastEventTime\\\":1696113906333,\\\"optOut\\\":false}; __attentive_id=5a811b35c3ac4e52b04a1a7a9624e078; __attentive_utm_param_campaign=BA%2520NEW%2520Email%25202%253A%2520not%2520sheets%2520%2528VzyXdy%2529; __attentive_utm_param_content=button; __attentive_utm_param_medium=email; __attentive_utm_param_source=%2526%2520NEW%2520Browse%2520Abandonment; _attn_=eyJ1Ijoie1wiY29cIjoxNjk2MDE1OTQ5ODY1LFwidW9cIjoxNjk2MDE1OTQ5ODY1LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjVhODExYjM1YzNhYzRlNTJiMDRhMWE3YTk2MjRlMDc4XCJ9In0=; _ga=GA1.2.361188515.1696015910; _ga_SPDGV600TP=GS1.2.1696113905.2.0.1696113905.60.0.0; _gcl_au=1.1.1927001081.1696015909; _pin_unauth=dWlkPU1tSmxZbUUwWlRJdFpXVTBaQzAwTlRZeExXRTJNbVF0WkRNME1tWmpNamN3TkRrMg; _nb_sp_id.0dba=2e9f5303-3076-4751-aa0f-1638caf71bd1.1696015949.2.1696113905.1696015949.e2514446-10d6-4db8-8ced-b556e14bbee1; _sp_id.0dba=36eeae5d0ef7d041.1696015950.2.1696113906.1696015950; _tt_enable_cookie=1; _ttp=VT7GwicshlpMYPV-fn1MV9bHWyB; cjConsent=MHxOfDB8Tnww; _gess=true; _geuid=1cea4ac1-cba6-48c0-b252-7ed4f54190ed; _scsrid=; addshoppers.com=2%7C1%3A0%7C10%3A1696015952%7C15%3Aaddshoppers.com%7C44%3ANWZlMTFjODVkNThhNGFiNmJlN2M3MTMyMjIwOTc4Yjc%3D%7C7eb464b8330a40cdac59a8ad036ee50aede1077ec4451fda590661ab0a928d71; po_visitor=7qfkXzuVjzH9; __attentive_cco=1696015949866; _landing_page=%2Fproducts%2F2x-miracle-pillow-cases-both%3Futm_source%3D%2526%2BGetEmails%2Bflow%26utm_medium%3Demail%26utm_campaign%3DEMAIL%2B3%2B%2528YciQdB%2529%26nb_klid%3D01HAD3QZN5MN2S1SKVC3CDVAVX%26_kx%3D66GBMhXeYb30pBBR1BWXA2A_vw8AXN4PJ-Ur2ViJFSHjkPnwGaXR7jrAhYeI35Dz.JFNK6A; _orig_referrer=; smartDash=fc3e64ca-d1c9-444c-96dd-6e3901904ded; _sctr=1%7C1695963600000; _hjSessionUser_2538194=eyJpZCI6ImYwMDlkMGUxLTNkMGEtNTIwYS1hZWI1LTQwODAzZjNmZWNhYSIsImNyZWF0ZWQiOjE2OTYwMTU5MDkyODYsImV4aXN0aW5nIjpmYWxzZX0=; _tt_enable_cookie=1; _ttp=VT7GwicshlpMYPV-fn1MV9bHWyB; _lc2_fpi=06860a8fb6fb--01hbh6t017qtgng4asewschgx8; _lc2_fpi_meta={%22w%22:1696015908903}; _scid=c2b23bd4-461e-427d-93e6-ae08c8a8cea4\",\"host\":\"www.miraclebrand.co\",\"referer\":\"https://www.miraclebrand.co/blogs/news/how-to-wash-a-duvet-cover/?utm_content=button&utm_source=%26%20GetEmails%20flow&utm_medium=email&utm_campaign=EMAIL%204%20%28RpJzL8%29&nb_klid=01HAD3QZN5MN2S1SKVC3CDVAVX&_kx=66GBMhXeYb30pBBR1BWXA2A_vw8AXN4PJ-Ur2ViJFSHjkPnwGaXR7jrAhYeI35Dz.JFNK6A\",\"sec-fetch-dest\":\"script\",\"sec-fetch-mode\":\"no-cors\",\"sec-fetch-site\":\"same-origin\",\"user-agent\":\"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Mobile/15E148 Safari/604.1\",\"x-forwarded-proto\":\"https\",\"x-real-ip\":\"2600:8804:280:2600:1a1:a6d3:aed1:508f\"},\"reqcc\":{}}","outsmartly-original-cache-control":"public, max-age=31556952, immutable","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=EsfTkmKAYBjWe3VasArKhg4Pb0TM5q1xName6JlfGbg8%2BWuLpbbwxqBxLYlg2%2B5uRh6RPVL%2B0En8jOJg0lN6f5x4pNmmKk2aBOCK5SXq%2F81NmSvUtK1f%2F3uablhmrNw8ud4cQDLs92qHOufMl04o0MY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","server":"cloudflare","server-timing":"imagery;dur=23.077, imageryFetch;dur=22.367, cfRequestDuration;dur=14.999866, cfRequestDuration;dur=29.999971","strict-transport-security":"max-age=63072000; includeSubDomains; preload","timing-allow-origin":"*","vary":"Accept-Encoding","x-content-type-options":"nosniff","x-dc":"gcp-us-central1,gcp-us-east1","x-request-id":"3071d805-9a6e-493e-9075-7180c69e467a","x-sorting-hat-podid":"-1","x-xss-protection":"1; mode=block"},"rescc":{"max-age":"31556952000"},"m":"GET","u":"https://www.miraclebrand.co/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js","h":"www.miraclebrand.co","a":true,"reqh":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en-US,en;q=0.9","cf-connecting-ip":"32.221.70.109","cf-device-type":"mobile","cf-ipcountry":"US","cf-ray":"81004bcf9838c452","cf-visitor":"{\"scheme\":\"https\"}","connection":"Keep-Alive","cookie":"__orly_aid=fRfcHs4Pzx6bWn5lWJWvIzFcSs-6zXE29HfAM; _svsid=ce3cf06a20e6927b9615f672e28e4e04; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _fbp=fb.1.1696284842375.3479028989; _landing_page=%2F; _orig_referrer=; _s=71659e7b-abe8-49cb-8798-78e3f520e3dd; _shopify_s=71659e7b-abe8-49cb-8798-78e3f520e3dd; _shopify_y=08cdee61-fe7e-4c5d-a922-2d5bd9e2aed3; _y=08cdee61-fe7e-4c5d-a922-2d5bd9e2aed3; smartDash=c6d40e66-a86e-4885-b638-fa16cdc73e9a; Outsmartly-Session=81004bc7ee9bc452; __HOST-fbp=fb.1.1696284842375.3479028989; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2OTYyODQ4NDIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5taXJhY2xlYnJhbmQuY28vIn19; cart_currency=USD; keep_alive=6a7ae1ee-b955-4bf5-a386-9e9989776ec0; localization=US; secure_customer_sig=","host":"www.miraclebrand.co","referer":"https://www.miraclebrand.co/","sec-fetch-dest":"script","sec-fetch-mode":"no-cors","sec-fetch-site":"same-origin","user-agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/117.0.5938.117 Mobile/15E148 Safari/604.1","x-forwarded-proto":"https","x-real-ip":"32.221.70.109"},"reqcc":{}}
cf-ray: 81590e1f9af01889-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js>; rel="canonical"
x-sorting-hat-podid: -1

Redirect headers

Location: https://www.madduckposters.com/cdn/shopifycloud/shopify/assets/shop_events_listener-a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK shopify-boomerang-1.0.0.min.js Show response
qhbwql.click/cdn/shopifycloud/boomerang/ 58 KB
18 KB 202ms
194ms Script
application/javascript 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:48 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Oct 2023 16:45:48 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4As9PbE%2FIglpbLBvSy7%2FQLxWHukUKzLUzGF07e2Hm2fq4HQXFXhGIeUqLRahqvYtSzvrJeErHG46Af9YRodHHwSkMYF5%2BOHJ0hd67yK5Va%2BBI9cv2Xy2JW2sD2nIgI2mXU6WEUDQN4gh7eE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 81590e1beba61971-EWR
alt-svc: h3=":443"; ma=86400
Content-Length: 18167

GET
H3

200

oie_transparent_350x.png
www.madduckposters.com/cdn/shop/files/
Redirect Chain

http://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988
https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988

19 KB
19 KB

46ms
46ms

Image
image/avif

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

66780379d336459234ec580dff67bdb5bd9a738ae3df59186689929ef548e072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 16845
source-type: image/png
server-timing: imagery;dur=988.008, imageryFetch;dur=32.095, imageryProcess;dur=786.879;desc="image", cfRequestDuration;dur=9.999990
source-length: 27750
content-length: 19034
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 8b1194e6-75d0-47a0-9491-ca624b637522
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 12:05:31 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJnzugHPMd2%2FQkiYINUffej3YVh%2FH4MPn9mGNX8G%2BEAwc2oPXtjhkF04qsdVFjnC9m9ONoc3A5cZTCJ%2BdNjojWVRvYq94issvhnuuycR5%2B%2BUv45MmJd6jeiCLgPk5Yhj%2FQbxRV2VoV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e1f9af21889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/files/oie_transparent_350x.png?v=1613152988
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 VERTIGO-FINAL_VARIANT_1_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/files/ 31 KB
31 KB 59ms
56ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/files/VERTIGO-FINAL_VARIANT_1_480x480.jpg?v=1682347887

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

7b6e6ed893fb441e3dd9f00f7db379892ba86d7c1a861425c3d175152190177b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 0
source-type: image/jpeg
server-timing: imagery;dur=397.929, imageryFetch;dur=136.719, imageryProcess;dur=259.552;desc="image", cfRequestDuration;dur=13.000011
source-length: 5519184
content-length: 31268
x-xss-protection: 1; mode=block
x-request-id: 897dbbdc-8a04-4754-8bfb-6590882d5828
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 15:43:23 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RDcO57i%2F8rMDpdivUC%2BcoAmtwaB7GEhRspU97DDOugIU2e5mOHUir%2BckdDC5pHaIXoKX0eMnBLFYBAWEwGtn0GDjzB1%2FPQ7%2FXItdDX%2BfrXgRAcGtaxfAH38wy309CVieQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/files/VERTIGO-FINAL_VARIANT_1_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c5dcd32d2-PHL

GET
H2 200 Variant_d95e7012-456a-4934-81de-089eb2093985_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/products/ 48 KB
49 KB 82ms
80ms Image
image/jpeg 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/products/Variant_d95e7012-456a-4934-81de-089eb2093985_480x480.jpg?v=1677644628

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9aece54c0f768c27562a22b89d10622c02d35a096c14023f6ebb41ca38541051

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 99201
source-type: image/jpeg
server-timing: imagery;dur=278.526, imageryFetch;dur=109.236, imageryProcess;dur=168.471;desc="image", cfRequestDuration;dur=16.999960
source-length: 1399208
content-length: 49133
x-xss-protection: 1; mode=block
x-request-id: f64e44cc-1bab-4f45-b2a3-894a2c612e20
alt-svc: h3=":443"; ma=86400
cf-bgj: h2pri
last-modified: Thu, 12 Oct 2023 07:48:44 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grZr%2ByMv87R9fyskbSCAxdUXXHtRatH1F2IIjOdv0qX0YrEwykfRNQ7HH9YFW9iBsoXZNue%2BjQWHtAYCXVesSKJRbyQytIRUDD3VBDQ8XXN47GMCkVadD4a0Gc1m81yEmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/products/Variant_d95e7012-456a-4934-81de-089eb2093985_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c5dce32d2-PHL

GET
H2 200 received_866791331218966_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/files/ 46 KB
46 KB 57ms
54ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/files/received_866791331218966_480x480.jpg?v=1676487718

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

9ea5394d42d5d7ebf5804cd17595cc4005c0f2bfd9174712aab0eba8ae29fd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 133588
source-type: image/jpeg
server-timing: imagery;dur=227.289, imageryFetch;dur=105.726, imageryProcess;dur=120.891;desc="image", cfRequestDuration;dur=10.999918
source-length: 300230
content-length: 46782
x-xss-protection: 1; mode=block
x-request-id: 140ea0fe-3817-4302-94d7-15be987ab506
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 13 Aug 2023 05:05:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIJv2yMEYaQYWc01mAWKVdaKlQpQNA0oCcssOxicTyq%2BsJycjpmTb%2FUlu%2BJAPeqqLBWWyxpjXAc%2Fe4dTw%2FCepJWQfWOYNNHlNgqP7337LVYRDjxsfBU%2Fsgr%2FDxqs%2Fp9ovQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/files/received_866791331218966_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c5dcf32d2-PHL

GET
H2 200 CK-Var-Ruth_480x480.jpg
cdn.shopify.com/s/files/1/0955/0844/products/ 31 KB
31 KB 91ms
88ms Image
image/webp 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0955/0844/products/CK-Var-Ruth_480x480.jpg?v=1671596527

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

75677e44f0fb36681ce0d5260f65120bb79d0b56dac9973b5e9bc00167421706

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
source-type: image/jpeg
server-timing: imagery;dur=184.890, imageryFetch;dur=83.439, imageryProcess;dur=96.414;desc="image", cfRequestDuration;dur=40.999889
source-length: 150367
content-length: 31284
x-xss-protection: 1; mode=block
x-request-id: 1072bf98-7d77-4d9e-b817-58ff41c50f45
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 10:09:37 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ANTSsw7GN%2F9vH%2FAhltbXHfQzOPAy8T1n0mKCSUoyPQ3T8wHyYqrwx4GQS%2FgLGSrEOH6WmSSNIRVQWZqw8U%2FncK6BZ%2FhYmxHkgWp0JivIeDw1z3PAfLQFfL3JqoIfTwttg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/products/CK-Var-Ruth_480x480.jpg>; rel="canonical"
cf-ray: 81590e1c5dd032d2-PHL

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 106ms
98ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

HTTP/1.1

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 18:36:48 GMT
X-Content-Type-Options: nosniff
Age: 79740
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15860
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 18:36:48 GMT

GET
H3 200 icons.woff
www.madduckposters.com/cdn/shop/t/53/assets/ 10 KB
11 KB 149ms
50ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/icons.woff?v=107101592243472712371497382438

Requested by

Host: www.madduckposters.com
URL: https://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e54ce47c8b237311d6660f4348a4dd538a4c1f41f33f3d32c8885ace247dcf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.madduckposters.com/cdn/shop/t/53/assets/timber.scss.css?v=87895668468706172811653692603
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-central1
age: 78627
server-timing: imagery;dur=218.618, imageryFetch;dur=69.118, imageryProcess;dur=53.731;desc="font", cfRequestDuration;dur=20.999908
alt-svc: h3=":443"; ma=86400
content-length: 10108
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 4358e436-0e8c-4421-9119-3a627320b30c
last-modified: Thu, 12 Oct 2023 11:46:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRBnbYmIkPIlK787OTZrfzqKmLjrjSXyoPOJXd%2Bg%2Fx2r6TrMqQ8aR8YVI5mv7QaI%2BXtGFDWLajyd%2BhY1iWLriqvRWBjvcCKlCZbaApfVmL2vTjyypOK5P1txAVR7f06pfo8g9kglnWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 81590e1c3b5743d6-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/icons.woff>; rel="canonical"
x-sorting-hat-podid: 254

GET
H3 200 fontawesome-webfont.woff2
www.madduckposters.com/cdn/shop/t/53/assets/ 70 KB
71 KB 268ms
169ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shop/t/53/assets/fontawesome-webfont.woff2?v=92687554370256573971497382437?v=4.6.3

Requested by

Host: www.madduckposters.com
URL: https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.madduckposters.com/cdn/shop/t/53/assets/plugins.css?v=94477477921523413021689381002
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 78627
server-timing: imagery;dur=89.187, imageryFetch;dur=88.898, cfRequestDuration;dur=24.999857
alt-svc: h3=":443"; ma=86400
content-length: 71896
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 2bf8d279-039e-4355-a4f4-842e4b77ed08
last-modified: Thu, 12 Oct 2023 09:39:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWg3B%2F8jDPCuEaVXCfkC7fhuvQosMHoE3Rk2Tr3nUPpYLJ2Do2%2BqhSaUEHjvKyz2CgWRiApynVhl0eEGSgHIclYmJEb90cacLx52phZkkinOgcF%2FIhKDC22rt9B7SK45nD4Okf2R%2Ffg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 81590e1c3b5d43d6-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0955/0844/t/53/assets/fontawesome-webfont.woff2>; rel="canonical"
x-sorting-hat-podid: 254

GET
H/1.1 200
OK / Show response
qhbwql.click/wpm@c17768fdw9ca797f2p09ffbf64m6f3c9c0f/web-pixel-shopify-custom-pixel@0567/sandbox/modern/ Frame A4E4 40 KB
16 KB 73ms
73ms Document
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/wpm@c17768fdw9ca797f2p09ffbf64m6f3c9c0f/web-pixel-shopify-custom-pixel@0567/sandbox/modern/
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/cdn/wpm/bc17768fdw9ca797f2p09ffbf64m6f3c9c0fm.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff9de458357a4af27094e33ba0598aff3f3e4b3b51d7fc70bda5fdeb3af4516f

Request headers

Referer: http://qhbwql.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81590e1d0cb01971-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Oct 2023 16:45:49 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZsfx8%2FiOM1FTD6qV%2F7Es2lAdhQrblrvicBWD0QWLlGmYvrQ9KDWPP%2FFABH%2FRz1yPjgXcwp8poOZFskSxibHExq9XMv5kaSlJrww965gi%2BBDWVpXPU4zxcTlEnRmv7fga6XMOvhfFgIzzSk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK worker.modern.js
qhbwql.click/wpm@c17768fdw9ca797f2p09ffbf64m6f3c9c0f/web-pixel-shopify-app-pixel@0567/sandbox/ 40 KB
16 KB 94ms
94ms Other
application/javascript 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/wpm@c17768fdw9ca797f2p09ffbf64m6f3c9c0f/web-pixel-shopify-app-pixel@0567/sandbox/worker.modern.js
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0b4c9ac455a708c74cbfdcc9aff7d5bcea8e1ccbeb34e4ce2cd4aefaf2d3a0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Oct 2023 16:45:49 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Yk4Z8hSl9VG7FIE8lR2KtwnwWL9qa8hym5QM%2B%2BsEC%2FXhCAYADeJNkpV7Mb1iG1WzE52F9B4yDE7y1zAjc5Z%2BQvCVzU3lH1GKxRxmi8qFqjDwd8d60Uv0N26rTHsxNnkH%2FG6widq6IhD1d0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 81590e1d3fc54380-EWR
alt-svc: h3=":443"; ma=86400
Content-Length: 15814

GET
H2 200 loader_2.js Show response
d5zu2f4xvqanl.cloudfront.net/fe/ 4 KB
2 KB 221ms
40ms Script
application/javascript 2600:9000:26c1:ae00:19:5216:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5zu2f4xvqanl.cloudfront.net/fe/loader_2.js?shop=mad-duck-posters.myshopify.com
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c1:ae00:19:5216:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 0b2b05e6637f981d2751c962934c46f23867c0d6ed4d7538ba0c69831cecf358

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 08:25:29 GMT
content-encoding: gzip
via: 1.1 5e6930ff15cb9ece8bd1c3b20d8103c0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P1
age: 30157
x-cache: Hit from cloudfront
pragma: public
last-modified: Tue, 10 Oct 2023 01:17:22 GMT
server: nginx/1.10.3
etag: W/"6524a622-ea8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: JFUa1qgmvlHAgK95uP4E_1yb3kamIG89q1fGspUmwhtpV6IXS11UPw==
expires: Sat, 14 Oct 2023 08:23:12 GMT

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 251ms
131ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com https://.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://.hcaptcha.com; frame-ancestors admin.shopify.com https: .myshopify.com admin.shopify.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com
x-permitted-cross-domain-policies: none
server-timing: cfRequestDuration;dur=82.999945
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
vary: Accept, Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://qhbwql.click
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-frame-options: DENY
x-robots-tag: noindex
date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
p3p: CP="Not used"
alt-svc: h3=":443"; ma=86400
content-length: 18
x-xss-protection: 1; mode=block
x-request-id: 76e73935-9b14-4ca1-a144-bff5bf253624
x-runtime: 0.004419
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJn7T%2BwAkwwVuV0eOF65Cd4uZAZHcRNwp2WY3921KyxzVCMohHi0rk3c4pAkVPcfXRM8iCC6jnMxdObsYpB1qzUZDPrTAZ3xsx1H6758mUWLlN4g8SbOLDDo"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 81590e1ea83f17a1-EWR
x-sorting-hat-podid: -1

OPTIONS appstats
u0altfd679.execute-api.us-west-2.amazonaws.com/prod/api/ Frame 0
0

GET
H/1.1 200
OK cart.json Show response
qhbwql.click/ 283 B
860 B 290ms
289ms Fetch
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/cart.json?ts=1697215549117
Requested by: Host: ro.boldapps.net
URL: https://ro.boldapps.net/v2_ui/js/ro.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75de8be29844c0a550d073aea30a3c02be1a8e5b61f4da6fa7905d698b5ff99e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKUT23jBOh1Kf5A%2FW%2BWkRj317WKkPb3EPpjIDdsDb5Eccj9g5aF%2BPaoz8iCoPExnohHFljfhwNPX0ebPcFXZj0g0yQSLXilu6jAFnvmqEpMU%2FsLqrtd260rImbnm3sS%2BVNj9YDY4Db31Cog%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e1f69a54380-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 css Show response
ro.boldapps.net/api_public/ 8 KB
2 KB 132ms
132ms Fetch
text/css 2606:4700::6810:6c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ro.boldapps.net/api_public/css?_=1606689321&shop_url=mad-duck-posters.myshopify.com

Requested by

Host: ro.boldapps.net
URL: https://ro.boldapps.net/v2_ui/js/ro.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6c12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d30b37dff693e8a09a3b7b1cdd6dfc30361c51be03b3c402c29a7efbf3b05c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
p3p: CP="NON DSP LAW CUR ADM DEV TAI PSA PSD HIS OUR DEL IND UNI PUR COM NAV INT DEM CNT STA POL HEA PRE LOC IVD SAM IVA OTC"
pragma: no-cache
last-modified: Fri, 13 Oct 2023 16:45:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 81590e1e1a2678e8-EWR
access-control-allow-headers: cache-control, accept, origin, Content-Type
expires: Sat, 14 Oct 2023 04:45:49 GMT

POST appstats
u0altfd679.execute-api.us-west-2.amazonaws.com/prod/api/ 0
0

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 313 KB
89 KB 163ms
44ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea28d1ae691c1fbee80f5ab485a399c693bc71e14edec6db5acb4a891aa30ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 16:45:49 GMT
content-md5: NLSs3WtYNo5SOBAnulP83w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 90352
x-fb-debug: Br4ym3ilm6USMkkhovO5dy8FrEqrR+h7N9FouLZFRWSKdGWuYINtfkuLrQZMs2JaxIyPrZ7Xcgl5I4CgfXg70A==
x-fb-content-md5: 901606a59e12b4b7d87fa29379f79ce2
cross-origin-opener-policy: same-origin-allow-popups
etag: "ffcddd06f28c464794cbf2d7b0e346b3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 13 Oct 2023 16:51:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
979 B 176ms
57ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Oct 2023 16:45:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 15:49:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Oct 2023 16:45:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 159ms
64ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:16:05 GMT
x-content-type-options: nosniff
age: 80984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:16:05 GMT

POST
H/1.1 200
OK produce_batch
qhbwql.click/.well-known/shopify/monorail/unstable/ 18 B
697 B 78ms
77ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxBunORJADL2K9kBVACEgj1vlST7pA6buGuovHIj95SbjHUUvMyigYewTI0sQvKy%2FBQVpENLjCcY5XUpEB%2FThoUsH0P1aM9P5PCmm3gODkYUmvRDifHfwZ1AZDtbt3LG%2F6IPb%2F%2B3PXps72s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e1fea254380-EWR
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK produce_batch
qhbwql.click/.well-known/shopify/monorail/unstable/ 18 B
697 B 73ms
72ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BI9BsmA9fMCA2aSRQFgw8OqA%2BxyuPq0WYvkI%2BBhcoRfVsA7ZyWZFu3T5%2FGTu4jguTYBZO0kaf4lBAhIsl1IDNS%2BzWjBXwMg5FWSVF0YGELOg2gz0DC6UISw6l12AJ7QMBathxhYPowHaQQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e1fef3e1971-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Oct 2023 16:45:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: d6k0drnbzVyoikayWHSWuhj18gmYcxSTrYp1LCNQRJ4fwJMyv42SVET/jyUdF1u9Wfyxbhm/qBiPM6dgzNu5aA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 150ms
45ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Oct 2023 15:19:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5205
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 13 Oct 2023 17:19:04 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 198ms
61ms Script
application/javascript 2600:1408:c400:18b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:18b::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1473

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
87 KB 181ms
78ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SMB1R4MDNQ

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

275a7dccb9a6430faf3905ab4e4f5abdc3019e906895f1d8276434989ec22571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Oct 2023 16:45:49 GMT

POST
H/1.1 200
OK produce_batch
qhbwql.click/.well-known/shopify/monorail/unstable/ 18 B
705 B 132ms
131ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE2XeycYvzIsJamwxlvZpi%2F2eWhrMTlqADs7Ljd4mwEbljW%2FtAMf2AP5Q9v0doynJZC%2FBT6m5q%2FT%2FrfwGaw%2FJSAEjccicP4GB%2Fa7%2BiVXC62uwCYAhTEMnigUgD%2FZdRwNqam8bDY1wo47Iqw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e1ffdbb0f87-EWR
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK produce_batch
qhbwql.click/.well-known/shopify/monorail/unstable/ 18 B
695 B 139ms
131ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NdemyKkagVhww%2Fc%2B7jy6jrhso0Kzl%2FYEW1J14D5aVy5ULrePaHv0412XA6kZqEUpFQQSFTEOzMyFnrwVtRhyonWbCAirGveqNgb61q1bLYdW6B3mWzeZ052o1u%2FizZLcF0Yss8CX4l2kM8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e20598242bf-EWR
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK produce_batch
qhbwql.click/.well-known/shopify/monorail/unstable/ 18 B
693 B 140ms
127ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/s/trekkie.storefront.be7117e20e27455039ca058f72bb5c1daa3448c5.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQB%2FD8ZcQzg5vdtx5HC1qTpZe0tbeljHUb7ZK0bs%2Br9tkMrIA3GhZuHR7aYJ90CPWCBLCXerCel0JcjYEyEBzOnFna0DcpzSRa1TV5Gp6Ybqa0gQujwb3AiVVxH8LwmYuTl9WmrsN0aiRAY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e205df841ba-EWR
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK produce_batch
qhbwql.click/.well-known/shopify/monorail/unstable/ 18 B
699 B 142ms
134ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/unstable/produce_batch
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/cdn/wpm/bc17768fdw9ca797f2p09ffbf64m6f3c9c0fm.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9Aa1%2FU%2BvXWVGE5mQIgwgxrRbqYKpZpof52V1YI53rPO6%2BgBj3%2Beyr2%2FgOa935R3weOQv8DdI4q7SJO%2B3hrKgHltrj4aIUkYM54t6yJYHs2ZiDUEnGKnrQPvVOkKfca2X2PQDmkLtuZr1Nc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e208c2c5e78-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 226829344366647 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 97ms
97ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/226829344366647?v=2.9.133&r=stable&domain=qhbwql.click

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b8ade65cdcf068e5090561b0245d444480f77259fe669f817b08163832c5c92

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Oct 2023 16:45:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vMjZLKSePIYBbuJadLrQNaniCpcGCjanwl7/5LEF1XieeMG6H3roaB4+hVBMYuuIqBrxHHDGk/+tEJQCyGpbpA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 43ms
42ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1053039117&t=pageview&_s=1&dl=http%3A%2F%2Fqhbwql.click%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Limited%20Edition%20Fine%20Art%20Prints%2C%20Screen%20Print%20Movie%20Posters%2C%20%26%20More!%E2%80%93%20Mad%20Duck%20Posters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAAAACgCIAB~&jid=314456631&gjid=371320646&cid=1768460850.1697215550&tid=UA-66229747-1&_gid=1360203603.1697215550&_slc=1&did=BwiEti&z=630069022

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://qhbwql.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 242ms
108ms XHR
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66229747-1&cid=1768460850.1697215550&jid=314456631&gjid=371320646&_gid=1360203603.1697215550&_u=YGBAgEABBAAAAGgCIAD~&z=1740160197

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Oct 2023 16:45:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://qhbwql.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 178ms
71ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=226829344366647&ev=PageView&dl=http%3A%2F%2Fqhbwql.click%2F&rl=&if=false&ts=1697215549625&sw=1600&sh=1200&v=2.9.133&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1697215549624.1700339227&ler=empty&it=1697215549469&coo=false&eid=sh-29ee144c-8681-4BBB-7EDF-0CB0B66FA04D&rqm=GET

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Oct 2023 16:45:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.b4887131.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 39ms
34ms Script
application/javascript 2600:1408:c400:18b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:18b::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18175

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 159ms
57ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SMB1R4MDNQ&gtm=45je3ab0&_p=1053039117&_gaz=1&cid=1768460850.1697215550&ul=en-us&sr=1600x1200&_s=1&dp=%2F&dt=Limited%20Edition%20Fine%20Art%20Prints%2C%20Screen%20Print%20Movie%20Posters%2C%20%26%20More!%E2%80%93%20Mad%20Duck%20Posters&dl=http%3A%2F%2Fqhbwql.click%2F&sid=1697215549&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SMB1R4MDNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://qhbwql.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 159ms
108ms Ping
text/plain 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SMB1R4MDNQ&cid=1768460850.1697215550&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SMB1R4MDNQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://qhbwql.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 569 B
901 B 159ms
39ms XHR
application/json 23.62.164.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2615084786395&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1697215549722&dep=2%2CPAGE_LOAD

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.164.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-164-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

8fc4aa58eba36944f49a93d645f69635e8d5643cde97ac4ab14c025d2a4d70bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d968dc17.1697215549.5d8ab3ed
x-envoy-upstream-service-time: 0
content-length: 386
x-pinterest-rid: 9582445603340668
pin-unauth: dWlkPU5EVTJaR1JsTVRBdFkyRm1aUzAwWWpWaExUbGhabVl0WkRGbU1qVTROMkU0TXpGaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://qhbwql.click
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 569 B
902 B 158ms
40ms XHR
application/json 23.62.164.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22sh-29ee144c-8681-4BBB-7EDF-0CB0B66FA04D%22%7D&tid=2615084786395&cb=1697215549726&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.164.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-164-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

8fc4aa58eba36944f49a93d645f69635e8d5643cde97ac4ab14c025d2a4d70bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d968dc17.1697215549.5d8ab3ee
x-envoy-upstream-service-time: 1
content-length: 386
x-pinterest-rid: 6824026443541047
pin-unauth: dWlkPU0yTm1ZMlV4WkRBdFpEQmhOaTAwTVdVMExUZzFPREF0TTJOaE5XVTNNR1ZtT1RnMg
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://qhbwql.click
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
457 B 169ms
51ms Image
image/gif 23.62.164.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615084786395&pd=%7B%22np%22%3A%22shopify%22%2C%22external_id%22%3A%22b85a1f54671d72aca03244b99a84b0249c4ca3925705db3c98698c5f41ee8c2a%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fqhbwql.click%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1697215549726

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.164.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-164-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d968dc17.1697215549.5d8ab3ef
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1702335683812739
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

powr.js Show response
www.powr.io/
Redirect Chain

http://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com
https://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com

23 KB
8 KB

161ms
51ms

Script
application/javascript

2606:4700:10::6816:32f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com

Protocol

Server

2606:4700:10::6816:32f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4de3616f1ade3989ec471da620a3152eff9dad22c45ca6495c0a547b5ad436c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .powr.io .wix.com .mybigcommerce.com .weebly.com .stripe.com .myshopify.com .shopify.com .editorx.com .sharethis.com sharethis.com .webydo.com;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-security-policy: frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-origin-instance: gke
age: 28967
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 08:41:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
cf-ray: 81590e247f248c51-EWR
expires: Sun, 13 Oct 2024 08:41:38 GMT

Redirect headers

Date: Fri, 13 Oct 2023 16:45:50 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 81590e23582e1921-EWR
alt-svc: h3=":443"; ma=86400
Expires: Fri, 13 Oct 2023 17:45:49 GMT

GET
H/1.1 200
OK e7b2a3f0548ecad7977560fce.js Show response
chimpstatic.com/mcjs-connected/js/users/54fd457fe86a760a0c6dcf574/ 22 KB
5 KB 249ms
119ms Script
application/javascript 104.108.97.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/54fd457fe86a760a0c6dcf574/e7b2a3f0548ecad7977560fce.js?shop=mad-duck-posters.myshopify.com
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.97.97 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-97-97.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 53e6d6153970efa6638ea68cc09d67db4fbb6f70361b70aed725d3bdda37cc91

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 18:07:16 GMT
Server: AmazonS3
x-amz-request-id: M5W18KJ5GEP0MZ5A
ETag: "3d71bb482437aae6164d5a385fd0b327"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4611
x-amz-id-2: aC/UBOztuVFedUoGPbcPzOjBjrjDDzzbB+RBzHoTKST03EsHUDZYP0PdUI0XXgo+YNUD71S31eE=
Expires: Fri, 13 Oct 2023 17:15:50 GMT

GET
H/1.1 200
OK nwa.js Show response
s3-eu-west-1.amazonaws.com/shoptimally-ire/dist/neowize/shopify/ 92 KB
93 KB 477ms
138ms Script
binary/octet-stream 52.218.42.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/shoptimally-ire/dist/neowize/shopify/nwa.js?neowize_api_key=fdd4f6117ed041bd8b69b3d513bed9cc&shop=mad-duck-posters.myshopify.com
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.42.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: af92da21738c67ca40f8ff13592d7254f208f7fc49b7778df99c38b10fd9385a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:51 GMT
Last-Modified: Sun, 29 Oct 2017 11:24:31 GMT
Server: AmazonS3
x-amz-request-id: YBQ42X3PS3R9F1VG
ETag: "c2ae2a16c8b9033678eef9bfcd9e641b"
Content-Type: binary/octet-stream
x-amz-meta-content-type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 94482
x-amz-id-2: OhMyXfMmrs45Yojhh/dcHNdw6lfLnAi/EDt8htGlxkCyFODSWGKAcN8MDDR3u2TAc7r+dzQSjfg=

GET
H/1.1 200
OK shopify.js Show response
s3-eu-west-1.amazonaws.com/shoptimally-ire/dist/neowize/shopify/ 3 KB
4 KB 463ms
131ms Script
binary/octet-stream 52.218.42.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/shoptimally-ire/dist/neowize/shopify/shopify.js?shop=mad-duck-posters.myshopify.com
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.42.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a73dd8a2631ade8a524f0614c15882f71e1acc9ae457b36b1e93f709fa633ae6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:51 GMT
Last-Modified: Sun, 29 Oct 2017 11:24:31 GMT
Server: AmazonS3
x-amz-request-id: YBQ1V73FZ9XZV5D2
ETag: "92f8590492533b7a700cd03b92254260"
Content-Type: binary/octet-stream
x-amz-meta-content-type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 3362
x-amz-id-2: J8TKt2rukSYL+HQHhsOhpequ6Il1VH5rfRedg5PcGAHlbH4dDoRPzU0T6LLiFcgFjulE9TPnweU=

GET
H/1.1 200
OK 5bd61adf811f9e0da8cba346 Show response
app.marsello.com/Portal/Custom/ScriptToInstall/ 965 B
1 KB 195ms
35ms Script
application/x-javascript 52.71.154.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.marsello.com/Portal/Custom/ScriptToInstall/5bd61adf811f9e0da8cba346?aProvId=5bd61ad1811f9e0da8cba2ff&shop=mad-duck-posters.myshopify.com

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.154.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-154-118.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

75f1964cde99e65f2838fce81d13dc6a1519333f9b74c093e343a6814ece2c25

Security Headers

Name	Value
X-Frame-Options	AllowAll

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
X-Powered-By: ASP.NET
X-Frame-Options: AllowAll
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Connection: keep-alive
Content-Length: 965
Request-Context: appId=cid-v1:7804b745-8118-4815-98f0-f13c273591c7

GET
H3 200 ba_fb_9550844.js Show response
cdn.shopify.com/s/files/1/0035/4474/4006/t/1/assets/ 378 B
989 B 110ms
108ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0035/4474/4006/t/1/assets/ba_fb_9550844.js?6327151&shop=mad-duck-posters.myshopify.com

Requested by

Host: qhbwql.click
URL: http://qhbwql.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e62ad20de0cbe8e879b5949e8ef1270b34b980894b8569b6c9aad81f1cb09b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
content-encoding: br
server-timing: imagery;dur=87.835, imageryFetch;dur=86.126, cfRequestDuration;dur=75.000048
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b10d45c4-0efe-40f0-9713-f153e5099ca5
last-modified: Thu, 12 Oct 2023 15:51:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNSOd9YPYhzXJi%2B78fp8cqI%2BW44iIEIJKDQW6iM4IAzd5AVDlrOSFMPWgrNhhc6zNRcDExd670w8jPsu5PF9Aixs9x4%2BoIvZsx2ekaUF87dejVGn3pQA4QevwVK8C2Ag5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0035/4474/4006/t/1/assets/ba_fb_9550844.js>; rel="canonical"
cf-ray: 81590e22fa3e6991-PHL

GET
H/1.1 200
OK fee93a9ce20a5c5c0de9333a3.js Show response
chimpstatic.com/mcjs-connected/js/users/54fd457fe86a760a0c6dcf574/ 18 KB
4 KB 238ms
108ms Script
application/javascript 104.108.97.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/54fd457fe86a760a0c6dcf574/fee93a9ce20a5c5c0de9333a3.js?shop=mad-duck-posters.myshopify.com
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.97.97 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-97-97.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 932bdc4c22755a8e867cc1dd8c24649a15dc6924fe8bb8bbfc58e2b8f25a99fe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 18:08:02 GMT
Server: AmazonS3
x-amz-request-id: S21AQJM59EJB9PD9
ETag: "9db810b9b20eb3aa951a3aa37b221dbf"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3843
x-amz-id-2: 0aNWjZ4xC95xjsv26qpbax0Vae1GUVPpoaWUfh4jqPykvbhrCtYnsOyHuivTE3OmjkFP25mcJ6w=
Expires: Fri, 13 Oct 2023 17:15:50 GMT

GET
H2 200 pushowl-shopify.js Show response
cdn.pushowl.com/latest/sdks/ 2 KB
1 KB 181ms
41ms Script
application/javascript 2600:9000:2501:e400:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=mad-duck-posters&environment=production&guid=836764a5-f1aa-435f-ac93-4255093ab5e7&shop=mad-duck-posters.myshopify.com
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2501:e400:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 991206ef2808b8c5c1534bccd1043e4ad69fd5ef0cea9846e84347d855487230

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 05:20:10 GMT
content-encoding: br
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 127540
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: 93a7b8e1-1748-4c57-8392-f8fc784511c9
last-modified: Thu, 12 Oct 2023 05:12:48 GMT
etag: W/"8267f41524c0c07b4ef900c3df8435b9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: LinBuxugqiGWAnxDSXxAmfjVnVNqwXSlkPkTOOU3MuR2aoZXXx3NNA==

GET
H2 200 send_to_messenger.php Show response
socialplugin.facebook.net/v3.0/ Frame 256F 45 KB
15 KB 482ms
359ms Document
text/html 2a03:2880:f003:c07:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://socialplugin.facebook.net/v3.0/send_to_messenger.php?app_id=369783430202516&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3265b1f0b121a%26domain%3Dqhbwql.click%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fqhbwql.click%252Ff25ae4adf9c3cdc%26relation%3Dparent.parent&color=blue&container_width=0&cta_text=SEND_TO_MESSENGER&locale=en_US&messenger_app_id=369783430202516&page_id=524354171059792&ref=OPT_IN_FROM_SEND_TO_MESSENGER%3Aatc_popup%3Aaa95b3586c174a56aa15b7a4452a12e0&sdk=joey&size=xlarge

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c07:face:b00c:0:2 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7739836cfc45853b0152c931176fda465b382e576f42d27c9db239422a65f5ea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://qhbwql.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 16:45:50 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: VmPcAKlfJkmlXPSY/MW0CN1M8/sp/HQ894qXTy/NesHMh1FJrW0OuZ5IbzxowqQyijMI7G32pWd1rM17NbYepA==
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 6272 565 B
625 B 34ms
33ms Document
text/html 23.62.164.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.164.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-164-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: http://qhbwql.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.d968dc17.1697215549.5d8ab4fc
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 13 Oct 2023 16:45:49 GMT
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1538160007151829

GET
H3

200

combine_images_24_2000x.jpg
www.madduckposters.com/cdn/shop/files/
Redirect Chain

http://www.madduckposters.com/cdn/shop/files/combine_images_24_2000x.jpg?v=1689364650
https://www.madduckposters.com/cdn/shop/files/combine_images_24_2000x.jpg?v=1689364650

408 KB
409 KB

71ms
70ms

Image
image/webp

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.madduckposters.com/cdn/shop/files/combine_images_24_2000x.jpg?v=1689364650

Protocol

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

870c3f9831b0c508b844bd6f95280a51d56d7ebe802b2c03439c796aac5a9012

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 16842
source-type: image/jpeg
server-timing: imagery;dur=939.169, imageryFetch;dur=164.589, imageryProcess;dur=773.849;desc="image", cfRequestDuration;dur=20.999908
source-length: 2395228
content-length: 417924
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 9550844
x-request-id: 4529432c-1749-4bd5-ba26-86b28d2ee845
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 15:43:24 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsrDH8noTDGgV4qc6TYI1IRJLHOcNVHtif3XKbwsPx0YFERLs0Npz7cgwOK%2FWHI39TeAGQR95ic703DJmb9mQmaELq7F02Zl9ToqdJ%2FQMc1SjtwvzObHahZa4JxgPqpAYfkij7mC0K8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81590e234e671889-EWR
x-sorting-hat-podid: 254

Redirect headers

Location: https://www.madduckposters.com/cdn/shop/files/combine_images_24_2000x.jpg?v=1689364650
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
701 B 37ms
36ms Image
image/gif 23.62.164.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22sh-29ee144c-8681-4BBB-7EDF-0CB0B66FA04D%22%7D&tid=2615084786395&cb=1697215549959&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22external_id%22%3A%22b85a1f54671d72aca03244b99a84b0249c4ca3925705db3c98698c5f41ee8c2a%22%2C%22pin_unauth%22%3A%22dWlkPU5EVTJaR1JsTVRBdFkyRm1aUzAwWWpWaExUbGhabVl0WkRGbU1qVTROMkU0TXpGaQ%22%7D&ad=%7B%22loc%22%3A%22http%3A%2F%2Fqhbwql.click%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.164.202 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-164-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d968dc17.1697215549.5d8ab564
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 8912856135048524
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 consent-tracking-api.js Show response
www.madduckposters.com/cdn/shopifycloud/consent-tracking-api/v0.1/ 13 KB
26 KB 51ms
50ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.madduckposters.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

728731c7a039773b25702c0acb4ce65bbd32c27d78bde5b13ecb46a1cf902cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://qhbwql.click/
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-central1
age: 350020
content-encoding: br
server-timing: imagery;dur=39.790, imageryFetch;dur=38.760, cfRequestDuration;dur=75.000048, cfRequestDuration;dur=17.000198, cfRequestDuration;dur=16.000032, cfRequestDuration;dur=9.000063
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d5134549-7ada-4e6f-9481-fea2becd39b6
outsmartly-cache: UNKNOWN
last-modified: Mon, 18 Sep 2023 16:28:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsZK4XJd2gRB4P7BFvoNrbFT22datyZBRKWkz95CyqPA9Ioj5hI77uh81I8noEdK4NVivFHo524X4i9u5RtwANyzodjknguSCgAZN9zgE%2BNxVMbW%2BuZf7dFPzPxjZfTuGsonaqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800000000000
outsmartly-original-cache-control: max-age=1800000000
outsmartly-edge-cache-policy: {"v":1,"t":1696865530689,"sh":true,"ch":0.1,"imm":86400000,"st":200,"resh":{"accept-ranges":"bytes","access-control-allow-origin":"*","cache-control":"max-age=1800000000","cf-cache-status":"BYPASS","cf-ray":"8137acbea3c45e62-EWR","connection":"keep-alive","content-encoding":"gzip","content-length":"4357","content-type":"text/javascript","date":"Mon, 09 Oct 2023 15:32:10 GMT","last-modified":"Mon, 18 Sep 2023 16:28:22 GMT","link":"<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel=\"canonical\"","nel":"{\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}","outsmartly-cache":"UNKNOWN","outsmartly-edge-cache-policy":"{\"v\":1,\"t\":1695064756353,\"sh\":true,\"ch\":0.1,\"imm\":86400000,\"st\":200,\"resh\":{\"accept-ranges\":\"bytes\",\"access-control-allow-origin\":\"*\",\"cache-control\":\"max-age=1800000\",\"cf-cache-status\":\"BYPASS\",\"cf-ray\":\"808bf08710d686f2-ORD\",\"connection\":\"keep-alive\",\"content-encoding\":\"gzip\",\"content-length\":\"4357\",\"content-type\":\"text/javascript\",\"date\":\"Mon, 18 Sep 2023 19:19:16 GMT\",\"last-modified\":\"Mon, 18 Sep 2023 16:28:22 GMT\",\"link\":\"<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel=\\\"canonical\\\"\",\"nel\":\"{\\\"success_fraction\\\":0.01,\\\"report_to\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"outsmartly-cache\":\"UNKNOWN\",\"outsmartly-edge-cache-policy\":\"{\\\"v\\\":1,\\\"t\\\":1695054502462,\\\"sh\\\":true,\\\"ch\\\":0.1,\\\"imm\\\":86400000,\\\"st\\\":200,\\\"resh\\\":{\\\"accept-ranges\\\":\\\"bytes\\\",\\\"access-control-allow-origin\\\":\\\"*\\\",\\\"cache-control\\\":\\\"public, max-age=1800, must-revalidate\\\",\\\"cf-cache-status\\\":\\\"BYPASS\\\",\\\"cf-ray\\\":\\\"808af62fd5f62d64-ORD\\\",\\\"connection\\\":\\\"keep-alive\\\",\\\"content-encoding\\\":\\\"gzip\\\",\\\"content-length\\\":\\\"4357\\\",\\\"content-type\\\":\\\"text/javascript\\\",\\\"date\\\":\\\"Mon, 18 Sep 2023 16:28:22 GMT\\\",\\\"last-modified\\\":\\\"Mon, 18 Sep 2023 16:28:22 GMT\\\",\\\"link\\\":\\\"<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel=\\\\\\\"canonical\\\\\\\"\\\",\\\"nel\\\":\\\"{\\\\\\\"success_fraction\\\\\\\":0.01,\\\\\\\"report_to\\\\\\\":\\\\\\\"cf-nel\\\\\\\",\\\\\\\"max_age\\\\\\\":604800}\\\",\\\"outsmartly-cache\\\":\\\"UNKNOWN\\\",\\\"report-to\\\":\\\"{\\\\\\\"endpoints\\\\\\\":[{\\\\\\\"url\\\\\\\":\\\\\\\"https:\\\\\\\\/\\\\\\\\/a.nel.cloudflare.com\\\\\\\\/report\\\\\\\\/v3?s=tsZK4XJd2gRB4P7BFvoNrbFT22datyZBRKWkz95CyqPA9Ioj5hI77uh81I8noEdK4NVivFHo524X4i9u5RtwANyzodjknguSCgAZN9zgE%2BNxVMbW%2BuZf7dFPzPxjZfTuGsonaqo%3D\\\\\\\"}],\\\\\\\"group\\\\\\\":\\\\\\\"cf-nel\\\\\\\",\\\\\\\"max_age\\\\\\\":604800}\\\",\\\"server\\\":\\\"cloudflare\\\",\\\"server-timing\\\":\\\"imagery;dur=39.790, imageryFetch;dur=38.760, cfRequestDuration;dur=75.000048\\\",\\\"strict-transport-security\\\":\\\"max-age=63072000; includeSubDomains; preload\\\",\\\"timing-allow-origin\\\":\\\"*\\\",\\\"vary\\\":\\\"Accept-Encoding\\\",\\\"x-content-type-options\\\":\\\"nosniff\\\",\\\"x-dc\\\":\\\"gcp-us-central1,gcp-us-central1\\\",\\\"x-request-id\\\":\\\"d5134549-7ada-4e6f-9481-fea2becd39b6\\\",\\\"x-sorting-hat-podid\\\":\\\"-1\\\",\\\"x-xss-protection\\\":\\\"1; mode=block\\\"},\\\"rescc\\\":{\\\"public\\\":true,\\\"max-age\\\":\\\"1800\\\",\\\"must-revalidate\\\":true},\\\"m\\\":\\\"GET\\\",\\\"u\\\":\\\"https://www.miraclebrand.co/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js\\\",\\\"h\\\":\\\"www.miraclebrand.co\\\",\\\"a\\\":true,\\\"reqh\\\":{\\\"accept\\\":\\\"*/*\\\",\\\"accept-encoding\\\":\\\"gzip\\\",\\\"accept-language\\\":\\\"en-US,en;q=0.9\\\",\\\"cf-connecting-ip\\\":\\\"47.35.101.210\\\",\\\"cf-device-type\\\":\\\"desktop\\\",\\\"cf-ipcountry\\\":\\\"US\\\",\\\"cf-ray\\\":\\\"808af62f9b5a2d64\\\",\\\"cf-visitor\\\":\\\"{\\\\\\\"scheme\\\\\\\":\\\\\\\"https\\\\\\\"}\\\",\\\"connection\\\":\\\"Keep-Alive\\\",\\\"cookie\\\":\\\"_shopify_y=75b355dc-3588-40c4-b4a3-a7291c761cdc; _landing_page=%2Fapps%2Fwonderment%2Ftracking%3Fsearch%3D9361211015300335799000%26t%3DeyJxdWVyeSI6Im1iLTU0MTg2MiIsImVtYWlsIjoibWpnYWRhbXNAYW9sLmNvbSJ9%26utm_source%3D02%2B%257C%2BWonderment%2B%257C%2BShipping%2B%257C%2BShipment%2BPicked%2BUp%26utm_medium%3Demail%26utm_campaign%3DWonderment%2B%252F%252F%2BOrder%2BShipped%2B%2528VEH2vn%2529%26nb_klid%3D01G7CVVHW4J0R2CPEFRFX8TRWC%26utm_klaviyo_id%3D01G7CVVHW4J0R2CPEFRFX8TRWC%26_kx%3DZrW8uw_7Ag_ptz_Et334ggJfORFtm5XXH5U4P-JRums%253D.JFNK6A; secure_customer_sig=; _orig_referrer=; _y=75b355dc-3588-40c4-b4a3-a7291c761cdc; localization=US; __orly_aid=5ayycLTWCHAHyVHNbI11PkUOJg-nqSsypv6Wk; Outsmartly-Session=8038463719e6e118; __HOST-fbp=fb.1.1694187462666.7086545604; _fbp=fb.1.1694187462666.7086545604; smartDash=3038a976-e1cc-4d2c-baeb-66de1b61a993; _svsid=3901f4919f7ff577ea0b550956c1764a; _tt_enable_cookie=1; _ttp=fTamnV5D-UQq4nxT4i2IiJ0wyGm; _gcl_au=1.1.1952183793.1694187466; _ga=GA1.2.165135883.1694187466; __attentive_id=9ed1ef08979545a7b6954feeac840fca; _attn_=eyJ1Ijoie1wiY29cIjoxNjk0MTg3NDY2MjYwLFwidW9cIjoxNjk0MTg3NDY2MjYwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjllZDFlZjA4OTc5NTQ1YTdiNjk1NGZlZWFjODQwZmNhXCJ9In0=; __attentive_cco=1694187466264; cart_currency=USD; _pin_unauth=dWlkPU56QXdOemM0TXpNdE56STFNQzAwT1daaUxXRXhNbU10Tm1Fd1l6UTRaVGt6WVRFMA; addshoppers.com=2%7C1%3A0%7C10%3A1694187468%7C15%3Aaddshoppers.com%7C44%3ANWEwNDcwODcyYzA1NGZiZTljNDEzNjUzNDc2N2Y0YmE%3D%7Ca58489f38fc10699d0b1ade1168c2e694a9ae2eb00d7f6986a7543979ae261d3; _geuid=868a71ae-45b5-45e8-a666-0b9d94a43511; _gekx=WnJXOHV3XzdBZ19wdHpfRXQzMzRnZ0pmT1JGdG01WFhINVU0UC1KUnVtcz0uSkZOSzZB; _scid=23fdf25a-2553-4e60-8f5d-18d93762884f; _scsrid=; _lc2_fpi=06860a8fb6fb--01h9tq2fsjja8k9q2jxtz5xj90; cjUser=29b90a78-2cc7-4354-a4fc-7d431c36cd62; _gid=GA1.2.1245945239.1694982442; __attentive_dv=1; returngo_customer_id=undefined; _ps_session=dH35Nq8m5DBFrIkGqisgw; cjLiveRampLastCall=2023-09-17T20:27:28.135Z; _sctr=1%7C1694923200000; __attentive_vf=true; __li_idex_cache_eyJyZXNvbHZlIjoibWQ1In0={%22md5%22:%221ea4425a2069d55bf84a3ac635b8c6a6%22}; yotpo_pixel=1847ebae-29c9-4dd0-972c-6e92317c21c6; soundestID=20230918142313-SnOwAHDideAdivPi40NPl7D4mF4cVjQnDo6I4Wryd0ssYfFZD; _li_dcdm_c=.miraclebrand.co; attntv_mstore_email=mjgadams@aol.com:0; checkout_session_token__co__029cf8f991769b6969e63a610c4f0268=%7B%22token%22%3A%22YjQvMm15a0dIeDFleEVQQ0ZJQVhweUR1bGx1MHpzRGR6WGRKNWhRbGJ4MXFiOFZOUkR5TUJIUzZ6RnkrM2VPN3F0VHJoc2gzNHYxVXMzSlFPRklLand5Szdneko1dnN2K3FRc2NyNmdveXhBV2g5YTJPZkwwT2M1RURmQmoxYS9NYjZxMm5DcURVR05uSWRUaUFpVEJIeG9ZalVaZ2lmSDRwZ3Z1UUwyVTNyKzRWbzdWN1U5TmhJN2hPakFuV1B3eWxySmMwSE81RVFYRXc5cGN4aTRJalZleUNiSGpCOFhOUDFsTTlyVnhjank5RzFZYTRMRVNzdEVjdz09LS1IcnN0bkxMbW8rb0xmalVrLS1obnNJZmIzZTFlY2hjN2Z0eVFPeTR3PT0%22%2C%22locale%22%3A%22en-US%22%7D; checkout_session_lookup=%7B%22version%22%3A1%2C%22keys%22%3A%5B%7B%22source_id%22%3A%22029cf8f991769b6969e63a610c4f0268%22%2C%22checkout_session_identifier%22%3A%22029cf8f991769b6969e63a610c4f0268%22%2C%22source_type_abbrev%22%3A%22co%22%2C%22updated_at%22%3A%222023-09-18T14%3A45%3A52.333Z%22%7D%5D%7D; __HOST-_orly_vs=80; __orly_vs=80; cjConsent=MXxOfDB8WXww; visitorStatus=return-visit; cjevent=2820e7d1563211ee822b02750a82b82a; cjdata=XxOfDB8WXww; cjevent_dc=2820e7d1563211ee822b02750a82b82a; shopify_pay=c2xmMFpuWUg5RDdiTVB0OGNUcG5CcjZJeU85eUx6ZVpsZVhwS0M4T1VoQmxpMVJjeUtGc3I4WkhscmZMWjJUdEpNbVJCMXZ4ZUtLYjY1QmkrbEVIVVRleG42aUlPUEhZMTFWUEhrZnJydkRKdndlbVh2YWFtV2NqT0o1UXE4YmEtLVdXRTh6c3EvM0Z2cmFhdkQvSWpHb2c9PQ%3D%3D--64be8900574bfd0a427ba584f8fa78b4b30720dd; shop_pay_accelerated=%7B%22disable_auto_redirect%22%3A%22%22%2C%22session_detected_at%22%3A1695048534%7D; apay-session-set=2GNtkGHbKP929qvvbu8XFjCLpNtWqI1sXansCirzoiigdwKmgHa8xEqNQw9DD4g%3D; _gert=bWpnYWRhbXNAYW9sLmNvbQ==; RoktRecogniser=fca2ee64-ebf7-4b3e-9a39-8d7de7180232; cart=818c4700c308c01f3b223d2bc5a823a2; shopify_pay_redirect=true; __kla_id=eyIkZXhjaGFuZ2VfaWQiOiJaclc4dXdfN0FnX3B0el9FdDMzNGdnSmZPUkZ0bTVYWEg1VTRQLUpSdW1zPS5KRk5LNkEiLCIkcmVmZXJyZXIiOnsidHMiOjE2OTQxODc0NjksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lm1pcmFjbGVicmFuZC5jby9hcHBzL3dvbmRlcm1lbnQvdHJhY2tpbmc/c2VhcmNoPTkzNjEyMTEwMTUzMDAzMzU3OTkwMDAmdD1leUp4ZFdWeWVTSTZJbTFpTFRVME1UZzJNaUlzSW1WdFlXbHNJam9pYldwbllXUmhiWE5BWVc5c0xtTnZiU0o5JnV0bV9zb3VyY2U9MDIrfCtXb25kZXJtZW50K3wrU2hpcHBpbmcrfCtTaGlwbWVudCtQaWNrZWQrVXAmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249V29uZGVybWVudCsvLytPcmRlcitTaGlwcGVkKyhWRUgydm4pJm5iX2tsaWQ9MDFHN0NWVkhXNEowUjJDUEVGUkZYOFRSV0MmdXRtX2tsYXZpeW9faWQ9MDFHN0NWVkhXNEowUjJDUEVGUkZYOFRSV0MmX2t4PVpyVzh1d183QWdfcHR6X0V0MzM0Z2dKZk9SRnRtNVhYSDVVNFAtSlJ1bXM9LkpGTks2QSJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTY5NTA0ODY5MywidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cubWlyYWNsZWJyYW5kLmNvL2EvcmV0dXJuIn19; _derived_epik=dj0yJnU9SmZQXzhycmtBUkUtY1liaXY5VzRtajFSNnRvd2VJNTMmbj13Nk5lNHpUMERSYncyeXlicW02UVh3Jm09MSZ0PUFBQUFBR1VJWV9RJnJtPTEmcnQ9QUFBQUFHVUlZX1Emc3A9Mg; _ga_SPDGV600TP=GS1.2.1695046992.4.1.1695048692.60.0.0; AMP_9bdc728a74={\\\\\\\"deviceId\\\\\\\":\\\\\\\"2b698e2c-ddd4-4aec-8bd8-560f3cf63d90\\\\\\\",\\\\\\\"sessionId\\\\\\\":1695048229903,\\\\\\\"lastEventTime\\\\\\\":1695048692866,\\\\\\\"optOut\\\\\\\":false}; _scid_r=23fdf25a-2553-4e60-8f5d-18d93762884f; _scsrid_r=; mp_139deeeff16104d87877b31cf8b846e8_mixpanel=%7B%22distinct_id%22%3A%20%22mjgadams%40aol.com%22%2C%22%24device_id%22%3A%20%2218a75713ec52396-0dcc928bb25ce5-26031f51-8cc58-18a75713ec52396%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%22%3A%20%2202%20%7C%20Wonderment%20%7C%20Shipping%20%7C%20Shipment%20Picked%20Up%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22Wonderment%20%2F%2F%20Order%20Shipped%20(VEH2vn)%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%22mjgadams%40aol.com%22%7D; po_visitor=aRf2hRSU5mzj; cto_bundle=NvId219ZVEFKbkJVYmwwdW1Pd0Q1QUNqUFVFVFRPbXdqYUtFN1ZBN0t1JTJGZ2lmZ2FHbHMxRTZXdVVmNTZWVTRyeG9JZVppVU1sRXBxOG5ZbU5UdThrVVJyWjZyS3Z3cDhUYmt4dHpWTHBod2J3TDVCUHcwS0kzRkFOQ3gyZzVHZEdCUGkzZnNTck4lMkJlamlSYzY0dlk0RUY3UlluJTJCOWozVlM0VG9HM2Q4JTJGUUpBNjhIcmF5dkx3NDd0UXpzbENIJTJCY202WW42djhZd3h0VGpkZkUwMkN2Yzk5aW9HQSUzRCUzRA; _sp_id.0dba=cbb4a86d4fadc2a6.1694187466.4.1695048751.1694982593; BxC9ZQ4vbx_wThuq2kDSqid=3d84a422-2d3b-5675-acb5-f6e6b5982ca2.1694187466.4.1695050326.1694982598.5a17de50-ec7f-4281-82d1-a60b65efecc5; _s=2c351d8a-3d31-49b7-98a6-8783f87c0f1b; keep_alive=ea457f8c-5545-4196-ac27-e49513c301c9; _shopify_s=2c351d8a-3d31-49b7-98a6-8783f87c0f1b; cart_ts=1695054501; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USUSNY%22%2C%22sale_of_data_region%22%3Afalse%7D; unique_interaction_id=a565f3a0-0f59-410d-aa48-4c2a1cee515f; cart_sig=e706a510347ee6d2c431db8482c8b4b6; cart_ver=gcp-us-central1%3A11; _nb_sp_ses.0dba=*; _nb_sp_id.0dba=53b1c9ce-44d4-4cd9-8801-e88e8860c62a.1694187464.5.1695054502.1695048750.6b850d94-43be-4a00-8081-490c6d0d2b5f; _shopify_sa_t=2023-09-18T16%3A28%3A21.882Z; _shopify_sa_p=; _dd_s=logs=1&id=9fdc937f-2ab7-4755-a5bc-02a7099b0b42&created=1695054501935&expire=1695055401935; _gat=1; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyNjdkODBmZGItZWMxMi00NTVhLWEyMmYtNjE3YWI5MTE4NGJjJTIyJTJDJTIyZSUyMiUzQTE2OTU1ODAxMDIxNDYlN0QlMkMlMjJNR1hfQ0lEJTIyJTNBJTdCJTIydiUyMiUzQSUyMjI4NmE2ODUxLWFlYmQtNGIyZC1iMzlmLTlmMzgyOGJlNmRmMyUyMiUyQyUyMmUlMjIlM0ExNjk1NTgwMTAyMTUyJTdEJTJDJTIyTUdYX1BYJTIyJTNBJTdCJTIydiUyMiUzQSUyMjAxYTg0YjIyLTc0ZGQtNGFkMi1hNGI4LTg5YjdjY2NjNDk1OCUyMiUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTUwNTYzMDIxNTIlN0QlN0Q=\\\",\\\"host\\\":\\\"www.miraclebrand.co\\\",\\\"if-modified-since\\\":\\\"Mon, 18 Sep 2023 14:14:54 GMT\\\",\\\"origin\\\":\\\"https://www.miraclebrand.co\\\",\\\"referer\\\":\\\"https://www.miraclebrand.co/a/return\\\",\\\"sec-ch-ua\\\":\\\"\\\\\\\"Chromium\\\\\\\";v=\\\\\\\"116\\\\\\\", \\\\\\\"Not)A;Brand\\\\\\\";v=\\\\\\\"24\\\\\\\", \\\\\\\"Google Chrome\\\\\\\";v=\\\\\\\"116\\\\\\\"\\\",\\\"sec-ch-ua-mobile\\\":\\\"?0\\\",\\\"sec-ch-ua-platform\\\":\\\"\\\\\\\"Windows\\\\\\\"\\\",\\\"sec-fetch-dest\\\":\\\"script\\\",\\\"sec-fetch-mode\\\":\\\"cors\\\",\\\"sec-fetch-site\\\":\\\"same-origin\\\",\\\"user-agent\\\":\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36\\\",\\\"x-forwarded-proto\\\":\\\"https\\\",\\\"x-real-ip\\\":\\\"47.35.101.210\\\"},\\\"reqcc\\\":{}}\",\"outsmartly-original-cache-control\":\"public, max-age=1800, must-revalidate\",\"report-to\":\"{\\\"endpoints\\\":[{\\\"url\\\":\\\"https:\\\\/\\\\/a.nel.cloudflare.com\\\\/report\\\\/v3?s=tsZK4XJd2gRB4P7BFvoNrbFT22datyZBRKWkz95CyqPA9Ioj5hI77uh81I8noEdK4NVivFHo524X4i9u5RtwANyzodjknguSCgAZN9zgE%2BNxVMbW%2BuZf7dFPzPxjZfTuGsonaqo%3D\\\"}],\\\"group\\\":\\\"cf-nel\\\",\\\"max_age\\\":604800}\",\"server\":\"cloudflare\",\"server-timing\":\"imagery;dur=39.790, imageryFetch;dur=38.760, cfRequestDuration;dur=75.000048, cfRequestDuration;dur=17.000198\",\"strict-transport-security\":\"max-age=63072000; includeSubDomains; preload\",\"timing-allow-origin\":\"*\",\"vary\":\"Accept-Encoding\",\"x-content-type-options\":\"nosniff\",\"x-dc\":\"gcp-us-central1,gcp-us-central1\",\"x-request-id\":\"d5134549-7ada-4e6f-9481-fea2becd39b6\",\"x-sorting-hat-podid\":\"-1\",\"x-xss-protection\":\"1; mode=block\"},\"rescc\":{\"max-age\":\"1800000\"},\"m\":\"GET\",\"u\":\"https://www.miraclebrand.co/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js\",\"h\":\"www.miraclebrand.co\",\"a\":true,\"reqh\":{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"accept-language\":\"en-US,en;q=0.9\",\"cf-connecting-ip\":\"2a03:2880:10ff:f::face:b00c\",\"cf-device-type\":\"desktop\",\"cf-ipcountry\":\"US\",\"cf-ray\":\"808bf086f84986f2\",\"cf-visitor\":\"{\\\"scheme\\\":\\\"https\\\"}\",\"connection\":\"Keep-Alive\",\"cookie\":\"secure_customer_sig=; localization=US; cart_currency=USD; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; _y=cf9a5632-f270-439d-876a-a7e5ccf89cbb; _s=54190192-42a3-468a-b9ef-95f288f45c49; _shopify_y=cf9a5632-f270-439d-876a-a7e5ccf89cbb; _shopify_s=54190192-42a3-468a-b9ef-95f288f45c49; _orig_referrer=; _landing_page=%2Fblogs%2Fjournal%2Fcomforter-vs-blanket%3Ffbclid%3DIwAR1Mk54RxCuIIqqJ7MZExex0Ou-Ub7cFfTersuyhw14WgRjIDT1tZqeN79Q; __orly_aid=TSczxdxLvfCRLDibMH8NUQYZqZc-hk889ExAkx; Outsmartly-Session=808bf05ea8e3e164; __kla_id=eyIkcmVmZXJyZXIiOnsidHMiOjE2OTUwNjQ3NTEsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5taXJhY2xlYnJhbmQuY28vYmxvZ3Mvam91cm5hbC9jb21mb3J0ZXItdnMtYmxhbmtldD9mYmNsaWQ9SXdBUjFNazU0UnhDdUlJcXFKN01aRXhleDBPdS1VYjdjRmZUZXJzdXlodzE0V2dSaklEVDF0WnFlTjc5USJ9fQ==; __HOST-fbp=fb.1.1695064750961.1843379186; _fbp=fb.1.1695064750961.1843379186; smartDash=82a642ae-92cb-48f2-aec2-7d549cb60064; shopify_pay_redirect=pending; _svsid=c63557d8bab3c7e4a1753be8c5bb242e; _gcl_au=1.1.965043024.1695064755; _nb_sp_ses.0dba=*; _nb_sp_id.0dba=b536cf0c-4020-4112-a7fb-e2f39f8aa2e9.1695064755.1.1695064755.1695064755.3db4da8d-ae74-4d6c-b19b-87081af132df; yotpo_pixel=a64aa41d-7d9a-41f2-97c8-ae90d795d92d; _sp_id.0dba=7ef0010c94f8e168.1695064755.1.1695064755.1695064755; _sp_ses.0dba=*; _shopify_sa_t=2023-09-18T19%3A19%3A14.911Z; _shopify_sa_p=fbclid%3DIwAR1Mk54RxCuIIqqJ7MZExex0Ou-Ub7cFfTersuyhw14WgRjIDT1tZqeN79Q; __HOST-fbc=fb.1.1695064754934.IwAR1Mk54RxCuIIqqJ7MZExex0Ou-Ub7cFfTersuyhw14WgRjIDT1tZqeN79Q; _fbc=fb.1.1695064754934.IwAR1Mk54RxCuIIqqJ7MZExex0Ou-Ub7cFfTersuyhw14WgRjIDT1tZqeN79Q; _tt_enable_cookie=1; _ttp=kCVXcYiV7XfJcpUizxElvPMFroj; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyNmY4NDc2OGUtOTVlOC00MTFiLWJjNmQtODA4YTVmZTAyNGFkJTIyJTJDJTIyZSUyMiUzQTE2OTU1OTAzNTQxMzUlN0QlMkMlMjJNR1hfUFglMjIlM0ElN0IlMjJ2JTIyJTNBJTIyNjMzYjFjN2YtNWIwNy00ZGYxLWI3NDctMjJhYTRkMTRjYjcxJTIyJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTY5NTA2NjU1NTgyMyU3RCUyQyUyMk1HWF9DSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMWE5N2RiOTctYmI1Zi00Yzc3LWFkNTYtZjQxZmNmNWNmOTRlJTIyJTJDJTIyZSUyMiUzQTE2OTU1OTAzNTQxNDElN0QlMkMlMjJNR1hfVlMlMjIlM0ElN0IlMjJ2JTIyJTNBMSUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTUwNjY1NTU4MjMlN0QlN0Q=; _dd_s=logs=1&id=77317f41-6451-4fb8-8c6b-9b6a2a8bc27e&created=1695064753570&expire=1695065653570; __attentive_id=f4958b3d70ed43a1948dcaa72d690473; _attn_=eyJ1Ijoie1wiY29cIjoxNjk1MDY0NzU2MDU1LFwidW9cIjoxNjk1MDY0NzU2MDU1LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcImY0OTU4YjNkNzBlZDQzYTE5NDhkY2FhNzJkNjkwNDczXCJ9In0=; __attentive_cco=1695064756060; __attentive_dv=1\",\"host\":\"www.miraclebrand.co\",\"origin\":\"https://www.miraclebrand.co\",\"referer\":\"https://www.miraclebrand.co/blogs/journal/comforter-vs-blanket?fbclid=IwAR1Mk54RxCuIIqqJ7MZExex0Ou-Ub7cFfTersuyhw14WgRjIDT1tZqeN79Q\",\"sec-ch-ua\":\"\\\"Chromium\\\";v=\\\"116\\\", \\\"Not)A;Brand\\\";v=\\\"24\\\", \\\"Google Chrome\\\";v=\\\"116\\\"\",\"sec-ch-ua-mobile\":\"?0\",\"sec-ch-ua-platform\":\"\\\"Linux\\\"\",\"sec-fetch-dest\":\"script\",\"sec-fetch-mode\":\"cors\",\"sec-fetch-site\":\"same-origin\",\"user-agent\":\"facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)\",\"x-forwarded-proto\":\"https\",\"x-real-ip\":\"2a03:2880:10ff:f::face:b00c\"},\"reqcc\":{}}","outsmartly-original-cache-control":"max-age=1800000","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=tsZK4XJd2gRB4P7BFvoNrbFT22datyZBRKWkz95CyqPA9Ioj5hI77uh81I8noEdK4NVivFHo524X4i9u5RtwANyzodjknguSCgAZN9zgE%2BNxVMbW%2BuZf7dFPzPxjZfTuGsonaqo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","server":"cloudflare","server-timing":"imagery;dur=39.790, imageryFetch;dur=38.760, cfRequestDuration;dur=75.000048, cfRequestDuration;dur=17.000198, cfRequestDuration;dur=16.000032","strict-transport-security":"max-age=63072000; includeSubDomains; preload","timing-allow-origin":"*","vary":"Accept-Encoding","x-content-type-options":"nosniff","x-dc":"gcp-us-central1,gcp-us-central1","x-request-id":"d5134549-7ada-4e6f-9481-fea2becd39b6","x-sorting-hat-podid":"-1","x-xss-protection":"1; mode=block"},"rescc":{"max-age":"1800000000"},"m":"GET","u":"https://www.miraclebrand.co/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js","h":"www.miraclebrand.co","a":true,"reqh":{"accept":"*/*","accept-encoding":"gzip","accept-language":"en-US,en;q=0.9","cf-connecting-ip":"2600:4041:5889:c600:bdfc:260f:dd6b:6e55","cf-device-type":"mobile","cf-ipcountry":"US","cf-ray":"8137acbe79bb5e62","cf-visitor":"{\"scheme\":\"https\"}","connection":"Keep-Alive","cookie":"BxC9ZQ4vbx_wThuq2kDSqid=720d93d4-dd71-5f13-b703-3c1e12117700.1696695780.2.1696865530.1696695810.0fd4cb7b-2ffd-4c29-85b5-5ac60f24a95a; BxC9ZQ4vbx_wThuq2kDSqses=*; MGX_UC=JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZGIyNWU0MzctYjZlYS00YjZjLTg4NDQtYzgzMjdiYWU4Mjg1JTIyJTJDJTIyZSUyMiUzQTE2OTczOTExMzAzNTIlN0QlMkMlMjJNR1hfQ0lEJTIyJTNBJTdCJTIydiUyMiUzQSUyMmEyYjFmN2E4LTFhNDUtNDVjMC1iNmU4LTYyMGQ1NmUzZWY3YiUyMiUyQyUyMmUlMjIlM0ExNjk3MzkxMTMwMzUzJTdEJTJDJTIyTUdYX1BYJTIyJTNBJTdCJTIydiUyMiUzQSUyMmQyN2U2MTUwLTVjMmUtNDE4MS1hY2IyLWIwNTJmYmRmYmU1OSUyMiUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2OTY4NjczMzAzNTMlN0QlN0Q=; __attentive_id=e26676c8fee846fbb39b9a8fad244b67; __orly_aid=4iILsxr7ChpgdywhvXIKV27H4-xDpRp2skwb; _attn_=eyJ1Ijoie1wiY29cIjoxNjk2Njk1NzgwMTkwLFwidW9cIjoxNjk2Njk1NzgwMTkwLFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcImUyNjY3NmM4ZmVlODQ2ZmJiMzliOWE4ZmFkMjQ0YjY3XCJ9In0=; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USNY%22%2C%22sale_of_data_region%22%3Afalse%7D; _gcl_au=1.1.1836375512.1696695779; _s=c90154d4-53e5-4ae3-8e29-6aa38545e442; _shopify_s=c90154d4-53e5-4ae3-8e29-6aa38545e442; _shopify_y=9a1f3d10-19e6-4ffd-ac97-b88c5f8c9c16; _y=9a1f3d10-19e6-4ffd-ac97-b88c5f8c9c16; _dd_s=logs=1&id=97e8f097-05bc-4dce-b995-eb5346b471b3&created=1696865530331&expire=1696866430331; _nb_sp_id.0dba=fe870cb4-9cc2-4bb5-9066-9729155f8fdf.1696695780.2.1696865531.1696695810.877243a7-176c-4ae3-8271-a668aedeee9e; _nb_sp_ses.0dba=*; _sp_id.0dba=9a3c2d3fbb3d2395.1696695780.2.1696865531.1696695810; _sp_ses.0dba=*; cart=54cbd381041700580d8a00ad1151af9d; cart_currency=USD; cart_sig=ce544945b0db44871ac603f21874d3cc; cart_ts=1696865530; cart_ver=gcp-us-central1%3A33; secure_customer_sig=; shopify_pay_redirect=pending; unique_interaction_id=e5e18a51-0ca1-431d-8931-d18fc9045a29; yotpo_pixel=5faadd05-9ef4-47e9-815e-514dbcc8fb40; __orly_vs=70; _fbp=fb.1.1696695778224.5978712964; _svsid=e2650513f728511553e60be919783f01; Outsmartly-Session=81277c63b8c141f8; __HOST-_orly_vs=70; __HOST-fbp=fb.1.1696695778224.5978712964; cjdata=XxOfDB8WXww; cjevent=c6b40175652d11ee827d02aa0a82b82d; keep_alive=4f9884bc-0ce2-4be9-b1aa-f0244c4e3a31; localization=US; _sctr=1%7C1696651200000; cto_bundle=kuOEDF9xQ3gxOThmRzNIbERCdEZHa2gzaiUyRmclMkZ3UHpGYmVNRElNS3FIaWUlMkZER3hvMnJFNU9Kckg5WFZHcUswaWxtSiUyRkFWeWVleXFnS3doVmdPMHJlempzJTJGVnpsQVFtbUclMkZsaUQwJTJGbnQ3UTQlMkJBYjAlMkZhRyUyRlFXVU92JTJCSk5rQTFObzhlcGJJQnB5dm5nVTdoUkpRYTNFcUhCZjdyTnR6TEkwJTJGT3c3dFo1UDJjMmUyVkElM0Q; mp_139deeeff16104d87877b31cf8b846e8_mixpanel=%7B%22distinct_id%22%3A%20%22%24device%3A18b0af30d8515f6-0dac1ca6dd486c-1b291106-505c8-18b0af30d8515f6%22%2C%22%24device_id%22%3A%20%2218b0af30d8515f6-0dac1ca6dd486c-1b291106-505c8-18b0af30d8515f6%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.sleepfoundation.org%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.sleepfoundation.org%22%7D; _lc2_fpi=06860a8fb6fb--01hc5f631t1ezhpr8s7890nz4c; _lc2_fpi_meta={%22w%22:1696695782459}; _scid=264c4cca-2fce-42c7-b845-04cd3a862dd0; _scid_r=264c4cca-2fce-42c7-b845-04cd3a862dd0; _scsrid=; _scsrid_r=; cjConsent=MXxOfDB8WXww; cjUser=9ecf6c65-8b4c-4b39-b67d-16e340a3c3d7; cjevent_dc=c6b40175652d11ee827d02aa0a82b82d; _geuid=a0164521-bc84-4d5c-95de-7d6ae411ebbb; addshoppers.com=2%7C1%3A0%7C10%3A1696695782%7C15%3Aaddshoppers.com%7C44%3AZTUxNGQwY2ZhNzdmNDRmNWI1ZDk4ZmI2MzBmZmU1YTM%3D%7C1de7d8b5b1e49a70fcbc39c50b0d1dc1d04ffa72f19a68b144348c0f9567f7b7; po_visitor=oXAVgKCXIgTA; _ga_SPDGV600TP=GS1.2.1696695781.1.0.1696695781.60.0.0; _pin_unauth=dWlkPU0yVmlNVFF3TWpFdFlURXlPUzAwWXpRMkxXRTNPR010WVRReFpXVmhaakpqTkdFNA; AMP_9bdc728a74={\"deviceId\":\"09c948c2-2ed3-407e-bae5-8f740276333b\",\"sessionId\":1696695781650,\"lastEventTime\":1696695781676,\"optOut\":false}; _ttp=vTStm0MjV-_h3KXWM-N1j4R7Bv5; _ga=GA1.2.1067171633.1696695781; __attentive_cco=1696695780192; __kla_id=eyJjaWQiOiJPREk1WW1KbU9UWXRNemMwTVMwME9XVTNMVGs1TldZdE1UQmlPVEZsWVdFeU0yRXciLCIkcmVmZXJyZXIiOnsidHMiOjE2OTY2OTU3ODEsInZhbHVlIjoiaHR0cHM6Ly93d3cuc2xlZXBmb3VuZGF0aW9uLm9yZy8iLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cubWlyYWNsZWJyYW5kLmNvL3Byb2R1Y3RzL2V4dHJhLWx1eGUtbWlyYWNsZS1waWxsb3ctY2FzZXMtc2V0LW9mLTI/Y2pkYXRhPU1YeE9mREI4V1h3dyZjamV2ZW50PWM2YjQwMTc1NjUyZDExZWU4MjdkMDJhYTBhODJiODJkIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjk2Njk1NzgxLCJ2YWx1ZSI6Imh0dHBzOi8vd3d3LnNsZWVwZm91bmRhdGlvbi5vcmcvIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lm1pcmFjbGVicmFuZC5jby9wcm9kdWN0cy9leHRyYS1sdXhlLW1pcmFjbGUtcGlsbG93LWNhc2VzLXNldC1vZi0yP2NqZGF0YT1NWHhPZkRCOFdYd3cmY2pldmVudD1jNmI0MDE3NTY1MmQxMWVlODI3ZDAyYWEwYTgyYjgyZCJ9fQ==; _tt_enable_cookie=1; _landing_page=%2Fproducts%2Fextra-luxe-miracle-pillow-cases-set-of-2%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3Dc6b40175652d11ee827d02aa0a82b82d; _orig_referrer=https%3A%2F%2Fwww.sleepfoundation.org%2Fbest-sheets%2Fbest-pillowcases-for-acne; smartDash=5076e7fb-d04c-4b0a-b6e8-5964b91b82f6","host":"www.miraclebrand.co","origin":"https://www.miraclebrand.co","referer":"https://www.miraclebrand.co/products/extra-luxe-miracle-pillow-cases-set-of-2?cjdata=MXxOfDB8WXww&cjevent=c6b40175652d11ee827d02aa0a82b82d","sec-fetch-dest":"script","sec-fetch-mode":"cors","sec-fetch-site":"same-origin","user-agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 16_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/117.0.5938.117 Mobile/15E148 Safari/604.1","x-forwarded-proto":"https","x-real-ip":"2600:4041:5889:c600:bdfc:260f:dd6b:6e55"},"reqcc":{}}
cf-ray: 81590e241ca343d6-EWR
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid: -1

GET
H3 200 pushowl-main.js Show response
cdn.pushowl.com/latest/sdks/ 126 B
512 B 104ms
30ms Script
application/javascript 2600:9000:2501:e400:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-main.js?environment=production&guid=836764a5-f1aa-435f-ac93-4255093ab5e7
Requested by: Host: cdn.pushowl.com
URL: https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=mad-duck-posters&environment=production&guid=836764a5-f1aa-435f-ac93-4255093ab5e7&shop=mad-duck-posters.myshopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2501:e400:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e6466d84cc37becd5953e20c48fcb63af51250fda7fa1849b19cfe8819c6effe

Request headers

Referer: http://qhbwql.click/
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 05:20:10 GMT
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
age: 127540
x-amz-cf-pop: IAD55-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 126
x-request-id: 6449b03a-859c-4abf-ad15-d5c4f8622054
last-modified: Thu, 12 Oct 2023 05:12:48 GMT
etag: "be2f6bb6b4716ea1c05e32b7fc7aafec"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: ImageKit.io
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: qeTbOhdRoFTXBxHVn1a23zJ-teFYp3xHe81Kz21x7H4SO2aRepKIEA==

GET
H/1.1 200
OK shopify-widget-min Show response
app.marsello.com/bundles/ 7 KB
8 KB 35ms
34ms Script
text/javascript 52.71.154.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.marsello.com/bundles/shopify-widget-min?56761215

Requested by

Host: app.marsello.com
URL: https://app.marsello.com/Portal/Custom/ScriptToInstall/5bd61adf811f9e0da8cba346?aProvId=5bd61ad1811f9e0da8cba2ff&shop=mad-duck-posters.myshopify.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.154.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-154-118.compute-1.amazonaws.com

Software

/ ASP.NET

Resource Hash

d158bb4b78b06653601fcc0faae9658194e300922ff5a87a9e3018e1059410c3

Security Headers

Name	Value
X-Frame-Options	AllowAll

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires: Sat, 12 Oct 2024 16:45:50 GMT
Date: Fri, 13 Oct 2023 16:45:49 GMT
Last-Modified: Fri, 13 Oct 2023 16:45:50 GMT
X-Powered-By: ASP.NET
Vary: User-Agent
X-Frame-Options: AllowAll
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Connection: keep-alive
Content-Length: 7409
Request-Context: appId=cid-v1:7804b745-8118-4815-98f0-f13c273591c7

GET
H/1.1 200
OK lightgallery.min.js Show response
app.marsello.com/Content/widget/ 27 KB
7 KB 30ms
30ms Script
application/javascript 52.71.154.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marsello.com/Content/widget/lightgallery.min.js
Requested by: Host: app.marsello.com
URL: https://app.marsello.com/bundles/shopify-widget-min?56761215
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.154.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-154-118.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 737b5b64e397feae483dfe69ac126a5998fc7d4784485cb70ce42d22fe5c4e9c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2022 17:02:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0e3913a93ddd81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7209

GET
H/1.1 200
OK PortalModalCss.css
d2pkcwbsyjj2rs.cloudfront.net/ 22 KB
4 KB 107ms
80ms Stylesheet
text/css 2600:9000:24f2:ae00:16:9033:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2pkcwbsyjj2rs.cloudfront.net/PortalModalCss.css
Requested by: Host: app.marsello.com
URL: https://app.marsello.com/bundles/shopify-widget-min?56761215
Protocol: HTTP/1.1
Server: 2600:9000:24f2:ae00:16:9033:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abe907fa4d9bcfc8010c4d3c2c0bd090646b789be3d1ad687501ffb340b34f70

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 20:47:19 GMT
Content-Encoding: gzip
Via: 1.1 4244245835579031ffc201ddc6d644a2.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Dec 2017 04:35:09 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD55-P1
Age: 71912
ETag: W/"ad09f42ebe791c30586fbb48403cfd02"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: cm4_QOO1LzLyQe1KN9DRdWDfrkIlKPrObJnZvBz3e4BVy2xlMdo7Ag==

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 117ms
100ms Script
text/javascript 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/54fd457fe86a760a0c6dcf574/e7b2a3f0548ecad7977560fce.js?shop=mad-duck-posters.myshopify.com

Protocol

HTTP/1.1

Server

142.251.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

f335b1ec434a6666408e82502eeb2504ad49d135d563c3e3abada965e67ca4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:45:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3749668661095780777
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 17301
X-XSS-Protection: 0
Expires: Fri, 13 Oct 2023 16:45:50 GMT

GET
H3 200 pushowl-bootstrap-8157084e.js Show response
cdn.pushowl.com/latest/sdks/ 87 KB
23 KB 30ms
30ms Script
application/javascript 2600:9000:2501:e400:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-bootstrap-8157084e.js
Requested by: Host: cdn.pushowl.com
URL: https://cdn.pushowl.com/latest/sdks/pushowl-main.js?environment=production&guid=836764a5-f1aa-435f-ac93-4255093ab5e7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2501:e400:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3c6149e435ab8248077fcc83a0fb7fb7fd5b8cba45a1fd3a6e5ed9a373617060

Request headers

Referer: https://cdn.pushowl.com/latest/sdks/pushowl-main.js?environment=production&guid=836764a5-f1aa-435f-ac93-4255093ab5e7
Origin: http://qhbwql.click
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 05:13:12 GMT
content-encoding: br
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront)
age: 127958
x-amz-cf-pop: IAD55-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: 9b90ac97-6eac-4e3b-a6f8-9a28543f7232
last-modified: Thu, 12 Oct 2023 05:12:48 GMT
etag: W/"093934a9074180e10c9802b1c96da30d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 45ufTjKACn05LoyDY56nyf1g49EXOjEAlmViE8kXWhTD4WHC4OV6TQ==

HEAD
H2 404 countdown-timer-9689c988_1541871999.html
vcdn.powr.io/v/countdownTimer/shopify/ 0
0 204ms
108ms Fetch
application/xml 2606:4700:10::6816:32f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcdn.powr.io/v/countdownTimer/shopify/countdown-timer-9689c988_1541871999.html
Requested by: Host: www.madduckposters.com
URL: http://www.madduckposters.com/cdn/shop/t/53/assets/booster.js?v=158059060312486237061578615884
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:32f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-guploader-uploadid: ADPycdstGHi4v9KNrLWQc1qjyq5ruAKA9eEM9QVGs19PXk8Crkhov-05K1tUkGuj4XDpAPCZMZ8zxZtIL0KG4DQak8pwXJaGjscd
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private, max-age=0
cf-ray: 81590e258dd743b0-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Oct 2023 16:45:50 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/804341383/ 3 KB
2 KB 153ms
58ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/804341383/?random=1697215550293&cv=9&fst=1697215550293&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fqhbwql.click%2F&tiba=Limited%20Edition%20Fine%20Art%20Prints%2C%20Screen%20Print%20Movie%20Posters%2C%20%26%20More!%E2%80%93%20Mad%20Duck%20Posters&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627f841870e859679ddee4ba5dfab4533e965a5d8c7ba4417a0474f1d9dea2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1417
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 46AUGazJoSr.css
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/ Frame 256F 557 KB
137 KB 156ms
64ms Stylesheet
text/css 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/46AUGazJoSr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: socialplugin.facebook.net
URL: https://socialplugin.facebook.net/v3.0/send_to_messenger.php?app_id=369783430202516&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3265b1f0b121a%26domain%3Dqhbwql.click%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fqhbwql.click%252Ff25ae4adf9c3cdc%26relation%3Dparent.parent&color=blue&container_width=0&cta_text=SEND_TO_MESSENGER&locale=en_US&messenger_app_id=369783430202516&page_id=524354171059792&ref=OPT_IN_FROM_SEND_TO_MESSENGER%3Aatc_popup%3Aaa95b3586c174a56aa15b7a4452a12e0&sdk=joey&size=xlarge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

013ab89b2c592a5cfeaf7016fe94881679bbfd80a44287dbb57e7679c7a207c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5i24KcH6jmtO4SWOTw3N2A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139165
x-fb-debug: pN4M9tY6nZi5SkZu/+BwFGUDRle+6Ch4Z+CqhnzZFZ9+RQ9frynldH/4rl3WqRtLMTZXOuwZ3tsld1VKNxPQGg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 12 Oct 2024 09:58:50 GMT

GET
H2 200 dMagF2ZQ3vU.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ Frame 256F 3 KB
1 KB 246ms
155ms Stylesheet
text/css 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/dMagF2ZQ3vU.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c0f75e4f542241910497c29e0329ab7d74828f72ea78e624ec828e3f48ed5fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: p2sYjs0WZhvv3WDdA7X1Tw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1044
x-fb-debug: a1ZGDMV+Te7/gNmh0Mf1pjduRn5JeRkNO5ZwfUFZLbjrKU/F5z7dnpKB7Sgbnp7T5vcVj4rTemPGX3O7VSM2Wg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:03:46 GMT

GET
H2 200 Ox4ISMKHmA2.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ Frame 256F 8 KB
2 KB 246ms
154ms Stylesheet
text/css 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/Ox4ISMKHmA2.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9ce754f2e3100373d90f6f935b0f02674d0d6466e129252b911c8c64287228b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AshEEuGLij/CcTA1za2wJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2045
x-fb-debug: Y+l5i+ZnQLoRNRyPNZSWaU5O4487tNCBSQ58pFg/ykV/cL/trj9TwAJjN+AymJG7ce1nWOyK0rpzQNLtcBWUPw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:58:21 GMT

GET
H2 200 R2oOyt8zLzV.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 256F 4 KB
2 KB 156ms
65ms Stylesheet
text/css 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/R2oOyt8zLzV.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1c245d320bceb2cca67d5c22a3ba5f4a754a8083a739ef920d8e2026b0e9633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ri1L771Lnwms1eJFgiNxFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1403
x-fb-debug: ImTLo/u3eG+RzLlyhnNhfhwldZJZ8cVUbnwRyVIRIWTgC0u1OwXkmBi5klrVAI4Rt5gd+Q1I/l7BdwgXLF4buw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:24:07 GMT

GET
H2 200 J7WmBMD4Opg.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/ Frame 256F 2 KB
1 KB 157ms
66ms Stylesheet
text/css 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/J7WmBMD4Opg.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f542999143b908b608ccb9f63913aeea647d5799a96aa593c0eb9ea2a57346f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5kYDtSSV/Y9ByXYvEPA19w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 856
x-fb-debug: 1VVumTSOQQpGcsfTV1uZhgzz82cK2GOBMDPa9yrR8hT+fu1F5KBdJ6ZCyE8prM7piGiBxrJMWPOoOVYhkj3I+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 05 Oct 2024 08:08:25 GMT

GET
H2 200 kOkd6HZtIYJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 256F 318 KB
85 KB 255ms
164ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1825ae8372632b13b6f288a191c32501195ac607b38c3ec62a55b6e73c33dfab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gJFFRvXQxpdIs2gMwnAiAg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86637
x-fb-debug: JSlMdImVu+yC+aDlHgPMla3tLHTjS33CvQKL1+rj5axQx8ROsABLYgptg5G5BJQibxkb2JhPeFq//6smrhKk7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 22:34:03 GMT

GET
H2 200 8ZU4_G4j_iT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 256F 11 KB
4 KB 157ms
66ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/8ZU4_G4j_iT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da3d5ad8285943eb5a913394e9f7b90072344a5fc5f1400a92ec9bc70ec8398f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Mgz1Ilrwftxtn1hM9VC2iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3434
x-fb-debug: 3PUTpL49DV/CPTMZ5tqDTtpeiQ0+giJa7rv/4hg/+UWOKKJzxieVTWQDMoWsoxCIwynFvTE6TOqDCHiTXr0ODQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:23:57 GMT

GET
H2 200 BQn1Lzzcmjv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 256F 21 KB
7 KB 255ms
165ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/BQn1Lzzcmjv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04fa70d745a02583923149155f46cc354b77680fc4eeec390e25d8fbb908f563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZoRV6oKPN9f9JmyPs4Tjbg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6667
x-fb-debug: QhstSEbioXUTgyqt50OfUIso9y6D8uFa+ckFLoxgv8dOj3wMs7HFP+E0NMvZdJu2EnyZjtuzqQbBxRTjcUYO/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 00:17:34 GMT

GET
H2 200 SeW64FDUgJN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 256F 26 KB
9 KB 256ms
165ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/SeW64FDUgJN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc67a366322d5c67f655c67e85b3daaa484b2b284f75670d1abaf40d46fae919

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fO89F7WisgRigs7t+/OvSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8846
x-fb-debug: TZ++y1zSoWbBbCLJ0UwRRmJo/n2yL+gfZQCRvHUfdmLHzqNleK4bq2kN8BluXPqNRjzSB731eO/OfwBKk9sr1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:42:14 GMT

GET
H2 200 d4QqVJOdC1V.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 256F 5 KB
2 KB 332ms
241ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/d4QqVJOdC1V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

063e386c552520bd431067f695ea56fb554da4e9546d64e86b3a07ab6d68919e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ibx/YS3+M1U14eOcawxFtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2161
x-fb-debug: zyriTvBZyeVymKuP70kIVbGTxpwMigsQmwHW2wuh2KuIEfC3sDHM5ZppkqjgxoZeqjoqu3k8z8Un/y3C/WZctg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 05 Oct 2024 08:07:01 GMT

GET
H2 200 zu5VneofH2Q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 256F 27 KB
9 KB 304ms
214ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/zu5VneofH2Q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d548b29025880c9fec717ba9239bfeb7737c4679fe3b952feb5ce5a630a545fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CcHeDG59UK59433GwkjDgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8565
x-fb-debug: I1YA8wK5Ic1qbMV9gbcepHVNb4/rxZaIoJvbF5gl+eS3lhhPM12KXIWxlXCqrfpL05NJBH7qxyk9Rfvf89t/fA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 10:11:53 GMT

GET
H2 200 sbtg-3HJ6G1.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 256F 43 KB
12 KB 256ms
165ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/sbtg-3HJ6G1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af11727b1e311ec0a68a4d0cfb9b12fdaf2fa97e8ef9604b04a520be36175915

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9pDW+nsmWN5T+H2TKhnoSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12101
x-fb-debug: V1vEgEGu9kLGdZmhrbMvDtZ5VQUP1hVA6+33uwBl2HWTUu7h8nOJTSGVeZlq47FwCYMjulUuAQ+qu7c7ULamMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:24:10 GMT

GET
H2 200 Mrfpd_OhKdt.js Show response
static.xx.fbcdn.net/rsrc.php/v3iqES4/y3/l/en_US/ Frame 256F 47 KB
14 KB 304ms
214ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iqES4/y3/l/en_US/Mrfpd_OhKdt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

839950ad09020075dff472cb93f377a77377fc97d4b70b5aee7c8f970cdef9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KLZvQ7YUMAJZ/xpEgn2CDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14582
x-fb-debug: JnaEHlMwM/Q0y0yYsp7vY+3gDulJoenykGuGYsBm7YHIDYNayNeOP+rMzGGqBITkaRpAy/fhkpMyIG5F+CjP9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:21:58 GMT

GET
H2 200 W05zXvyfqL2.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 256F 9 KB
3 KB 304ms
213ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/W05zXvyfqL2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e825b684002d69a494baae818ca032ab7e046c73b37a273b55e93563f394d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4JjxF8jamPE6vFIV82Pm6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3241
x-fb-debug: 9hzKXA1Fgz63csMX9lE1b17qAZ/U2ml5db5OOIdAB1vfB01/3iB6f5DOxyDIBilmsx2Fc4VBLUkegQcOyrLrUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 07:18:51 GMT

GET
H2 200 dhilu680R51.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 256F 38 KB
11 KB 303ms
213ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/dhilu680R51.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c06e528b5302c86ef2835aba37c0873924bbc67c786fbb63f97bf19f313452a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jgrpm6lV5AFfCkMZbzDq+g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11255
x-fb-debug: udmWGpdOP61tXdOZclZWf51Tovaf3uieDd2SxtP5C1bBa6OtLMgF2PIRuDQB8crytAWydLNOiTBkDMA39tIKoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 20:42:27 GMT

GET
H2 200 9iU16a8sRlZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 256F 29 KB
8 KB 304ms
214ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/9iU16a8sRlZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a63db3f2a564e08e2c20962d1ccbbf16c9fe7a7e6742eac73d2c60b7f952036

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Wl7yOczHjwmySEJHEguXLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8048
x-fb-debug: pwoRAy4VDMkgKitwe3L+LZ+1RhYcs/MH32XhvOOzw160sTAZ+5WttNk5l3gSRZQaEoxuCslvTd0jKAaiAoMM4Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:41:59 GMT

GET
H2 200 -qe0SDjvR6a.js Show response
static.xx.fbcdn.net/rsrc.php/v3itDX4/yx/l/en_US/ Frame 256F 22 KB
7 KB 246ms
156ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3itDX4/yx/l/en_US/-qe0SDjvR6a.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f58c64171390dfcb9b8d1c335d1a504e5366b9d205af01c89afe7b96cacf350

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZRcD9A4LGrInuBUQao2V5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7196
x-fb-debug: 1t8B77qRBwDiG7sJhiQyQiUO+lhqWHsLO7HgpBY3AZbOs2Vi0aXVr89qaBihMQv695+ccoWNaUEsZijVXxWLyw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:58:21 GMT

GET
H2 200 VE50Ak15pC2.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 256F 42 KB
12 KB 303ms
213ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/VE50Ak15pC2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f50ee014490128ac854deb356f11a7f831cf2139a5399f920e262dbcff649dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LvsfWGiueU5kQApZHYciag==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12491
x-fb-debug: dN/dH/uXSgPZRHEm7VA4jsqH3eN0rIlrz8KCpFScDcePUpdVuRahNSXUekJe3vXEjgye5KolzCOa1qp2bVXhRw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:41:49 GMT

GET
H2 200 JqPW1v4qt3f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 256F 12 KB
4 KB 330ms
241ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/JqPW1v4qt3f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

830e011e670ec916bfba3f218478ded7650f9dc56e0e9527a7f0d8571ada1b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lK3mQGB10ZmCuPnpc2uL8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4104
x-fb-debug: OO0nbjo0gK2u/6yKciphNZ22N73w8DfQurAmuYgSxHT0pHNjwmyrCSmDlc8dVvDLMiwJkwrVUVVSHFq2K+Pwwg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:42:14 GMT

GET
H2 200 Jga1OTQHsy4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 256F 13 KB
4 KB 155ms
65ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/Jga1OTQHsy4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d16880404e99c59140dd39c160b7d40d1b38c41c642f175a5450e1660abc0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LBfnmFYiwtGuL8wCpBMcow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3869
x-fb-debug: oqO7xeR2gX7auRkcE4rlOeSQMq8cE2dPNasoJXvEPlOTAIvCRZLiImyOm5PxLgPmFsEImXWsKWYw73c8hAgvYQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:41:49 GMT

GET
H2 200 P8DLAFRlDfy.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 256F 7 KB
2 KB 154ms
65ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/P8DLAFRlDfy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9c97dae799e128c412f581e451e4a7cb226c60935acbbc1d949f46e102ab014

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iTYL4Q4IIdp6/eEGIvSe6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1985
x-fb-debug: coMzd26Rr3ymvWbzk4kblWdAhncW9tAlWbGKh7GRz4Tqw5E2zZ0B5NLFW75TK1da34o4st81hUYFsEr49cJdrg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:23:57 GMT

GET
H2 200 9689c988_1541871999 Show response
www.powr.io/countdown-timer/u/ Frame 1BF8 103 KB
18 KB 250ms
249ms Document
text/html 2606:4700:10::6816:32f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/countdown-timer/u/9689c988_1541871999

Requested by

Host: www.powr.io
URL: http://www.powr.io/powr.js?powr-token=mad-duck-posters.myshopify.com&external-type=shopify&shop=mad-duck-posters.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146fb4e3498b323f54c058cad2e9a44b0a54dee1ec42c675526dca23d890f193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://qhbwql.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=1800, public
cf-cache-status: MISS
cf-ray: 81590e2639248c51-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 13 Oct 2023 16:45:50 GMT
link: <https://public.powrcdn.com/latest/assets/packs/style_packs/views-145de447d5e5ffe0336f-7741182.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/views/countdownTimer-04df25f0ed8dc3b39366-7741182.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js>; rel=preload; as=script; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/countdownTimer-31598e247267b71c2560-7741182.js>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-origin-instance: gke
x-request-id: 27822eac-9ec1-489f-a33d-6b75e67e19e8
x-runtime: 0.075536
x-xss-protection: 1; mode=block

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 256F 1 KB
1 KB 32ms
32ms Image
image/jpeg 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://socialplugin.facebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1131
x-fb-debug: IPwNMMYTAXEQ4A4NbIQtetk7OOYI9QO8y92hg5ByjxdaWrMEF3ccSYKeiHTTTjdDBI8mKxsbfsf9fXbGdOWT7Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=2,i
expires: Sat, 28 Sep 2024 19:53:39 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/804341383/ 42 B
455 B 211ms
68ms Image
image/gif 2607:f8b0:4004:c1d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/804341383/?random=1697215550293&cv=9&fst=1697212800000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=http%3A%2F%2Fqhbwql.click%2F&tiba=Limited%20Edition%20Fine%20Art%20Prints%2C%20Screen%20Print%20Movie%20Posters%2C%20%26%20More!%E2%80%93%20Mad%20Duck%20Posters&async=1&fmt=3&is_vtc=1&random=2318989322&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://qhbwql.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 16:45:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK produce
qhbwql.click/.well-known/shopify/monorail/v1/ 18 B
695 B 85ms
84ms Ping
text/html 2606:4700:3031::6815:2781
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://qhbwql.click/.well-known/shopify/monorail/v1/produce
Requested by: Host: qhbwql.click
URL: http://qhbwql.click/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:2781 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

Referer: http://qhbwql.click/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Oct 2023 16:45:50 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06zNH%2FjZDnCGFFIFxxz0j8Nu8UOndsDpDjgRCnr9R2VQetWhacI%2FTlYst%2BI4SS7tul06hyRkIk6LCN6SubVepN0C8jtfDmKI2Q2AZd93u6Rm3Aqv0H6NVLTiQ39tONfUwAPxQOF69Xk%2BMgY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 81590e26ac055e78-EWR
alt-svc: h3=":443"; ma=86400

GET get_id
api1.shoptimally.com/users/ 0
0

GET
H2 200 views-145de447d5e5ffe0336f-7741182.css
public.powrcdn.com/latest/assets/packs/style_packs/ Frame 1BF8 384 KB
39 KB 178ms
76ms Stylesheet
text/css 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/style_packs/views-145de447d5e5ffe0336f-7741182.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff2ab0589be50f9328d6b86b9e656d83184ed0540442f0b8d650acd037a3f244

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-amz-version-id: H8ZsACKgOe3N2Zg4HNGWbrp76jzqvYd3
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1247Y2GN38QK8MFM
age: 2707
cf-polished: origSize=470967
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vUjqS1083QRLpp2XZapZWeiHP35W1rqTkUWY4IRTqCnYJOVL/Yhw3YshhIPFHYci8slz6igYgAA=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:53:53 GMT
server: cloudflare
etag: W/"ec6c5dd3e71a480b602c3e246cc9fec5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPZE%2FhUG%2FwjARWwMrh%2FS%2BrFqGNMmbfRQqD8jAAhtMoA%2Bgg9bnnpinZ5osTilVj68DM%2B46XdDhcwMNo7rsaHD42%2Fsf0zZVSwYXz9E909pQLZqBf96G%2BTeQSLSpPmxeGyWcBzJGHZrmLPJvj4%2FK5TeV8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81590e287f0fc345-EWR

GET
H2 200 countdownTimer-04df25f0ed8dc3b39366-7741182.css
public.powrcdn.com/latest/assets/packs/apps/views/ Frame 1BF8 235 KB
34 KB 153ms
51ms Stylesheet
text/css 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/apps/views/countdownTimer-04df25f0ed8dc3b39366-7741182.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4aa141ad2d7860da7ee5a6d53dc59d6916ed14cab69225cd608b7fe5caf1a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-amz-version-id: y5BcbxclBF_lGsUc1eqB5PMo.CkBgPRF
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C10YDTVM89SYWA9F
age: 1792
cf-polished: origSize=290301
alt-svc: h3=":443"; ma=86400
x-amz-id-2: amEAdUTHM+WYjVuKs2C3W/R7RjPSZRAt10bslb6dI9Bvby6eoX7vq/x2T+L5bNqA+Xi0qy1Hz8U=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:53:40 GMT
server: cloudflare
etag: W/"a99322a25083656b4bed86bc53d71c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GB0u5%2FvxGWQNiwQV5%2BDPuqJVbEpg2YhtPI61zbGJ%2FmxjS61cFCbE8wH%2BYXXJNP%2F%2BgUEwB9DErSGEYqJ8z6P3rWmPup9ZQNP%2B0Pt7s4YzcRm%2BeK%2FYzKur%2BZOQgCRLbzThPqpvcqu3LzCeVmvuQZuXinc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81590e287f0dc345-EWR

GET
H2 200 apps-view-f3957dceeb1240a7c153-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 713 KB
175 KB 183ms
81ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a19ec2ab3413e19d3e5f70b03fda05ffc6b2d2ab5bb1665e541aa1cd60e6e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-amz-version-id: m4fqiBBYnSgjly1c7UUlfWO0hoPvI8Rr
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 12436THNQNMDANRR
age: 2707
cf-polished: origSize=1175963
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1whOCX22Qs2P3kHgSddnII3vIGlWUyzrA6iqrx/b4+tWGRN/XIWQ6YbDL6JENyUSNYDBRsE7C0I=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:49 GMT
server: cloudflare
etag: W/"0e8dd4781b9290d75cdcd2c1348b4cf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRRkkdv5rDoJYQKFqP4NdVRl8wZo82JEAgtk1fXTNVeLgdTq15uBxtPbyPdfs9WnXHEUjiEgGsYu8n4wy4JGeLt5XrDo3HnOxLDbdWFy0KWTGaLa8xrphoqqUSnE%2B9FmvKzYXDgXP5olBETho2RtmWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e287f10c345-EWR

GET
H2 200 countdownTimer-31598e247267b71c2560-7741182.js Show response
public.powrcdn.com/latest/assets/packs/apps/ Frame 1BF8 302 KB
58 KB 166ms
64ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/apps/countdownTimer-31598e247267b71c2560-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cafb54894a5429f20ab7b09a36ea665ec8aa08abaa780b4d87fc60fc90b2e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-amz-version-id: 5zGB7QaFiGiNL5P66vVfynC0t9Gg1PDL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C10QJPTNX99JX66T
age: 1792
cf-polished: origSize=508175
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5aJlcci6cPaVupon2au4FFgGVLC00hx0mUxRWsLVLTD0ZzBBqLwjlPWuBD7H6hq3iN4xqMskfKA=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:53:09 GMT
server: cloudflare
etag: W/"6b38cd91793c937b8271ccaa41ea4a18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n5HkqmGEpnEu%2FjdyNuXop29LVIdd3m1q%2BXnQ2rDJ8s2HTwX7EXlQErnr8HgnCN82wfw1Mo8AUQVBrhrTRvrtKB5JUEBDCdiB%2F3Bp4MyKEXgHAtwxsr1ebRhrLOb2EcHP1Gonu88wLcDK3hSMrasj1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e287f11c345-EWR

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/ Frame 1BF8 95 KB
17 KB 135ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css

Requested by

Host: www.powr.io
URL: https://www.powr.io/countdown-timer/u/9689c988_1541871999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 12039031
cdn-cachedat: 2021-05-25 10:52:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a4648743958925952550af3e2804f32d
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 81590e286a0e17e1-EWR
cdn-requestpullsuccess: True

GET
H2 200 all-SKMA4YPA.js Show response
public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/ Frame 1BF8 1 KB
1 KB 145ms
49ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/all-SKMA4YPA.js
Requested by: Host: www.powr.io
URL: https://www.powr.io/countdown-timer/u/9689c988_1541871999
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 041b7044b29a121c0cfa23f378beb43bd066e8bb0ad38f71eb6cf446221e79f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-amz-version-id: 1ZybU1sD6Ef2UBgYKTv6m9_n9KqzMRad
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: G0NGKG531N8KEGK3
age: 793
cf-polished: origSize=1419
alt-svc: h3=":443"; ma=86400
x-amz-id-2: crJmCTr9ub57pcFE2MFnYp+K3soE1apxL+EcxZiFOqgmx7h8CzBGhmWW+p4ukGPnTvCtpPzClng=
cf-bgj: minify
last-modified: Tue, 26 Sep 2023 06:58:45 GMT
server: cloudflare
etag: W/"ba910abd3e66629d490a0a2ec3cb8b6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqVpLlLWss3ompdUEucKGHNS9Mu2%2BJjsb1Tup1BCUp6ZVtgsRRfYiCRhLU9xCImAG%2B3YYYGOHlqIROdRpVz9b%2FWJj7duz8Av40QkB89qig%2FiiCAn6QJaReVhYi9CcLgA%2F7CIrgUSCRpgG5O%2BA65ynTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e287f12c345-EWR

GET
H2 200 XcDw7EbXxh2.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yw/l/en_US/ Frame 256F 51 KB
15 KB 40ms
37ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yw/l/en_US/XcDw7EbXxh2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4e9521c8212ae892b956c5262ccffbeda297d752421fa781b015d8d739209a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: il+0QvjxoiNqJL7gu9nBOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14725
x-fb-debug: E9Tu7QEUoHzMABN+EwdnPgcXB/VV4IM8/qIG2DVo+PNwMakJMIHt2RPfLMks45tucwBYr70OgXcOncJ8kPLBnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:42:14 GMT

GET
H2 200 bpW4eEg-2_W.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 256F 1 KB
750 B 38ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/bpW4eEg-2_W.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2e9563151d6fe3775811cfcfbd2c2c73874ce0f024020021e4cba3c9441e0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8ndYwl3CZ0NTcsbY5+0Flw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 554
x-fb-debug: yDaZDPdUPz+ZWdORZrs9158wRweWVQEjmZ/F0kVy9bg3+nd81oZXJCrHV1dAAVwTCRIWH+KowW6Ep8NlK3KOjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 05 Oct 2024 05:44:56 GMT

GET
H2 200 0a-2OJv2B_E.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 256F 28 KB
8 KB 49ms
46ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/0a-2OJv2B_E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40cfb2ccb2ae7cd26f58508edf5b4d16adb90b2b3b9157af8d95bb41ce323ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B3BntyLtA+Q/zHrVu4BNqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7615
x-fb-debug: Sc9Z23CP6vMY9SZXaothY5elT6SQlOwkqyKRAaMNuKvBdzMUrlyzjjv1LNc1wnRu8rEZXDhvX56QWXkzVKS3Jg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 09:29:19 GMT

GET
H2 200 BTdUGzsTGVy.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 256F 6 KB
3 KB 39ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/BTdUGzsTGVy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1af4a64548b3003042221ee0b21d889fd6420ccf1a981a1122dee5face97e4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PldG2K93jqRXo+UeJQgnnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2429
x-fb-debug: dS6TnXfc3PXjcSQxdDmojaIS4rr5rcd3UjgmwS97wXbIyUS6v6UMAc21LIr9mMCC9D1guVTMqh4f8jU+z2z8rQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 05 Oct 2024 10:14:24 GMT

GET
H2 200 LpzMIw_PA4t.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 256F 7 KB
3 KB 38ms
36ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/LpzMIw_PA4t.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4d29d29723d8d2b9fd2513c8013262d2c2e58f23bdba095fcfb2fc2b20c4cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TQBfcEs/Hg+mdoqHBOgHdg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2478
x-fb-debug: rS33I00BmLQehX0EkGyTcOaUpVb8u7UcRu3HbkOLMtaHj02/GA6c33DzX0IxOixk+DjMmeYzGB9LsusVQrhcOA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 17:09:44 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 256F 507 B
486 B 43ms
40ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: Cn0HQZ6lJJUqHHn3esXXsp5PYEFzj143ex3Yl0bIRz6qAFzCeSMDoIvf67babxHtp4Dm921IF7OwkQNAR9r5Uw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 06:56:17 GMT

GET
H2 200 DiuE6-0r1L8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 256F 7 KB
3 KB 48ms
46ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/DiuE6-0r1L8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64bd55ec76107155855847028165ee347c0b6d0c53f7aed16dd3ed1c42743e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MUhJoDB+G7fnn38AYH9QqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2741
x-fb-debug: Vqo2cokuEh/5WqEKGS+x25xyEZtE4g1nBvHZR++AywebskGgwhQ0yCzcF2CZaIRD+pcRXZGwAtL7nQqicUYz2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 09:31:35 GMT

GET
H2 200 lFK_RCKM9IT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 256F 15 KB
3 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lFK_RCKM9IT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ad9956095340bb1c1689eb7f5868feb2e18d5c5c155fb3349f188c2ceea7ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8dfASsSkIxmrAAqQotd3rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3066
x-fb-debug: QSE6+oYu7sSqW6y0uK4D/odeRXyiV93WVfYooRCUiNokrYr8QQYhsNDFNvWT51+UeAZ90RfD714g0J6s4BU3zg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 05:22:40 GMT

GET
H2 200 lo85HUm3JvU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 256F 26 KB
8 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/lo85HUm3JvU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d999df13b94de2a055c9a96293d7ba892f7017601ff06f254d9c4377082d9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7rZTlZ7JDr6nblp3i7UE9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8265
x-fb-debug: bbO9R+y+tttvplLDWNyH/9/6DcD5NTWurtAJnADEmECY8TyY9jGXBMgwRDr2CSW3gnHnPtq+e5z4oLZ1UQWmHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 10:11:32 GMT

GET
H2 200 YTq6Pf6JO1U.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 256F 14 KB
5 KB 49ms
47ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/YTq6Pf6JO1U.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81350e7d0e7736d853fa722259a2a96d48d62d1f6a855202cf4713ef8c82a7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nksfm/T7QNCKUYfXU2Tlhg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4859
x-fb-debug: JOj46fn+cqydjgwDYFyskKoQVCvgQwuif7RJJLG0Tzi9iO/gCJ07fMe+oN6WO3g0UOTcJvCQegUKE9senP0o4g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 20:26:09 GMT

GET
H2 200 ViG5szSobJ4.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ Frame 256F 5 KB
1 KB 36ms
35ms Stylesheet
text/css 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ViG5szSobJ4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/kOkd6HZtIYJ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cb48ef78b4bb7d123eb86b076618580cf3e349099895e0f130956d2c5648094

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://socialplugin.facebook.net/
Origin: https://socialplugin.facebook.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kGxiexub6HOQQNRKM4ms/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1229
x-fb-debug: Co1lHB0dxNAOx2+o3iC0r/zs4wmio8mjnd1Tw4VgkNiI1K4iRdMQS3qvOQmpjHzbfr99Frc2nkqua45Z/cA90Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 11 Oct 2024 17:41:49 GMT

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ Frame 1BF8 27 KB
11 KB 130ms
33ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1184.min.js

Requested by

Host: www.powr.io
URL: https://www.powr.io/countdown-timer/u/9689c988_1541871999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 varnish
date: Fri, 13 Oct 2023 16:45:51 GMT
strict-transport-security: max-age=300
x-amz-request-id: KGMGB1BTGWZ26FY4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11141
x-amz-id-2: KPxchNOrxmg6KOYU3JPWGlWQFfXL41Z7BPAMqIMSNKJVy8R9uPcfrsDfcWVHOL+36LqWUf37sXw=
x-served-by: cache-ewr18152-EWR
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1697215551.052533,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 38

GET
H2 200 css
fonts.googleapis.com/ Frame 1BF8 5 KB
862 B 43ms
43ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

994e7e3a132576fa52e22a56f7de8cd897e18198419918c6258ebb642aa9652a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Oct 2023 16:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 16:45:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Oct 2023 16:45:50 GMT

GET
H2 200 powrconsv4.ttf
www.powrcdn.com/static/powrconsv4/ Frame 1BF8 71 KB
72 KB 154ms
54ms Font
binary/octet-stream 2606:4700:3034::ac43:cbba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.powrcdn.com/static/powrconsv4/powrconsv4.ttf?x949ix
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/style_packs/views-145de447d5e5ffe0336f-7741182.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cbba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2099d79f85c61ea61b0c084fb5870f9824d7be079620f6e3a98c3c601b0149

Request headers

Referer: https://public.powrcdn.com/
Origin: https://www.powr.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: null
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DW8CPBX5QWF4MN3J
age: 291858
alt-svc: h3=":443"; ma=86400
content-length: 73188
x-amz-id-2: p6ZC+1NHpFlSPOk7PGubv90UkA7s+ek0ko57ugknxXVkLYTPx4rjcoRCmm3a1hEyy39zasswXWE=
last-modified: Mon, 15 Jun 2020 11:47:22 GMT
server: cloudflare
etag: "f5cd59ea52174bf745f2a96d6dccdd88"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, POST
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nm6IJk7AGVavxP2ubhbg%2B1DeBeVVulG8j6ZkWYtvUpKwNHZs%2FQ%2B%2F%2Bllf1LWqAciltnZalU6NGJZLY9MgPn3CcxjZeqaYA1%2FoT3n7vdbNfuvd40sk2dpaRLMBwlmAb7SmJYVUVpq8Y%2Fl3RyQjluA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 81590e2a4da58cb3-EWR

GET
H2 200 74-514408ee10b21da0b99c-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 9 KB
4 KB 36ms
34ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/74-514408ee10b21da0b99c-7741182.js
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74168275adb6a98796a63b6a69fc4c0efb4b45a8d23be7c7954da06687db7042

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:50 GMT
x-amz-version-id: mHct00MB5iJMcVMaIyZfxHg11FljX7PD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ1D5VM95RPT47AQ
age: 2713
cf-polished: origSize=11740
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xhVO3mfTb9seMzjIZHlQ+K0wF3LBHwIvii1HrCTFX0/hwVZHB9J0UgvfEKRBfCrJ5T2ilFuMFjA=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:47 GMT
server: cloudflare
etag: W/"3c9f91036b25b61d765e6fb3e27b7765"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQo4MM8z%2F3hRQHaXe2CFuozW4N05wQKiTWtmmzzh0VkSzR5U9hGfedt0mGmNDia9OOB3jp0xQlvMNu62EarwIRjlALZo0spKFKCLXZTwl5vMyiSxO6mRyW0hnaazik5riNl401zixzqcuubPypLITNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e29a834c345-EWR

GET
H2 200 75-0277b5ee04421bb4fb12-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 121 KB
39 KB 42ms
41ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/75-0277b5ee04421bb4fb12-7741182.js
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d847d97665dac8a0143ba8c445a51d898678943f96fb4a2c6ad18c59ee94b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: K0O77DrVoY82fVu0WsfaDWkSEt2p8kEW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ18JFS3EFMH8009
age: 2713
cf-polished: origSize=125532
alt-svc: h3=":443"; ma=86400
x-amz-id-2: M+ZNz5MvVJE0cmCG64wt9UPN+GXEsfqH/2AiCOyln4Gn4cWeC9UCFTnlIT2xIk7jcIbqYpB/q1g=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:47 GMT
server: cloudflare
etag: W/"f58da8ff639b8b57a58d62b68eba462c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT0PNs%2FjmUnCQQPd7tAyYh3QN8kPP%2Fxphd%2FYf18SiqtOXhe%2FTf%2BDd3nIK9%2FR6FqfOyKRFS7SQMOHzcn4DHT%2BQ8jZjezMcMDlALuiG2yF6oBqCf1ZzIgpALTs1nVJPO%2BkRFraK%2BOz6h%2Fl3yXI6SDE1nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e29a837c345-EWR

GET
H2 200 102-654b99ed4dc5fb512b20-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 123 KB
34 KB 60ms
59ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/102-654b99ed4dc5fb512b20-7741182.js
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd53b56779f1bdc6b3f2e56c12bf02c8ba2dd098f6d03c060133ebb4a790ed5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: MKBipNRFneNq.xWV9JQYYeeJORg3I_lu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ14KF97VZEPQCDW
age: 2714
cf-polished: origSize=192509
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9TgopiU06L9taS99ukwhQeWOPm074ANtQ/g1NMBjIiwEJ97yEJIlcbCI/6QixGb879IkMcIfms0=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:46 GMT
server: cloudflare
etag: W/"967c346428b92d4159d12ae9409b3a71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUWxlYhgPLqwx0yAuuW9y%2BDL8zCP7eyl8Dj%2FzBue4WQdM7eP3eU5IBuacEE0H4u%2ByfZHRUSwMO6hbxGMket7eZFjE5QFTY0fEB%2FJa1ywwlIYBJE2Bc8aQKEanWAFPXuBveW%2B8Zu9UM7oZr2S9J7rhQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e29c85ec345-EWR

GET
H2 200 20-d7c3cec41dcca1052c20-7741182.css
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 4 KB
2 KB 38ms
37ms Stylesheet
text/css 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/20-d7c3cec41dcca1052c20-7741182.css
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04a7b92b6272ae94f8f1bbe8fdd481ab5fff492c0fba4c733cb2209fe7df21ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: 9Gwx.KU.4kOtxW8Mh_gAt6XdQ9KwrFeA
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ1ESGDV5FG96KH2
age: 2713
cf-polished: origSize=5010
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pUyvDHp9uSo2kVdHY/DEvoxK4ptRzqVZ6Lmp1pndHWX05J8M03O9co6tRAM1/t/YxHF0HjzgAXI=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:46 GMT
server: cloudflare
etag: W/"14fa8ab63138607c796aa769bc8df6ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=actxxy12t7hy2FSANfQGXyH7CByw5aZCNyynfIObj2snyqAvddHUi%2FugWxB%2BJu6WiuWwxJlFD9owB6rEE4XzlS8SRht8K5fGREhlfTPNGk1fwFcs78d9%2Bv8BV8rP187ZSSUSLXopKCQw7VbTu6kBCEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 81590e29a836c345-EWR

GET
H2 200 20-afd09e11641dea3c477c-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 444 KB
104 KB 73ms
72ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/20-afd09e11641dea3c477c-7741182.js
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb76f9781a87e354e51e890881d74f2f9f6a233d0b3bbc3ceda0324f7ff9797

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: fhaKHeUX4bCuXgqY_HOZ.sl1pv2l8To0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ136VS1FBPSDS3T
age: 2714
cf-polished: origSize=532390
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iDzFDsr/dUHun8yONkEvkZB+JxIKcl0mLEKFCcRQgX/9T550ZG5CyDAJpXXed3x1OvJS2SX0mrk=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:46 GMT
server: cloudflare
etag: W/"7d510357cee454ec859d917a31f2f450"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7EWSKs%2BBkAQBYBF%2Ba18G68yVqEaIdPMCpUgpt9elIXk45tV8udUh16MVkAR1ej0UCK4eKueuKuGwm4QuVgYGHyU33Bg7PLozbfZ3MXoKZLfeMsoLGR%2B87FgsECWYkqI2%2BWp1KStqz3xOL1srj%2B%2FPsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e29c860c345-EWR

GET
H2 200 103-7b945470a5a9caaf5e12-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 17 KB
6 KB 57ms
56ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/103-7b945470a5a9caaf5e12-7741182.js
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d07dff0b280df7d5ce294fb31652b05f2edfbcee800c29a99b6973fc3dac0ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: ybokcHHEdtnYyoUS_GYabvj_1MyAxVRK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ1CYSE2KNRV0A4D
age: 2714
cf-polished: origSize=21629
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9Dg3slqFLzZry0OgrgSh8nAJTSS2IzUEiCajTVvmQC47g/FtjFAGJ1Q/FPdoxkWm0mgqfmnnmJ0=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:46 GMT
server: cloudflare
etag: W/"edf889db4f155d35b9b56ebbf1bb16c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOp5TY2rDOOn7b%2BwvPgBnj0fO3QDGQQlgvnn5kYUzNcWkBN%2Bce8C%2BY30go6LyrmLHpqHZ0q0cihZ7vQGF5Qoyc2NN15UXfHHa1TL560KY6RiyRtFSdrb6TJOnah1sVqZV20aM3nqatc6GtAoUkigUtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e29c861c345-EWR

GET
H2 200 84-ab2852495a4016538f22-7741182.js Show response
public.powrcdn.com/latest/assets/packs/ Frame 1BF8 106 KB
19 KB 58ms
57ms Script
application/javascript 2606:4700:3036::6815:2528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://public.powrcdn.com/latest/assets/packs/84-ab2852495a4016538f22-7741182.js
Requested by: Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps-view-f3957dceeb1240a7c153-7741182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9b979c8cd78a51aba5391cb06f5c594b62d0a8141d4274704b64479dbede766

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
x-amz-version-id: EZPQO0EP9CrArSug.oQERPYF4DafCg.Q
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GJ17DBZY7QPG9JRG
age: 2714
cf-polished: origSize=131387
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rZBnz5qKPSKK16VfcYxSL0u3suYvHYCB2jJbiGWXrVN7zzHV1epfWXusMzZDrC3gHlSMN7l9Kn8=
cf-bgj: minify
last-modified: Fri, 13 Oct 2023 05:52:47 GMT
server: cloudflare
etag: W/"fbb78c3593c774b0dfdbc4fe09c9c664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k%2FpXQvU0rdzAuWVUguH6x%2FF6yBi8kBwlA2s9mAkwHQoXPEhP%2B2Jq4UwTiH0f4tRgoZ%2BRsjpjGbQP89gMcyZBrAEj4HommgN9NrGQvtlq%2F%2BDIj7iVVsjbXYOf8Czo6xIHwKHE2rIPSOrv2CUerTVzCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 81590e29c862c345-EWR

GET
H/1.1 200
OK 4474f5c124 Show response
bam.nr-data.net/1/ Frame 1BF8 56 B
490 B 178ms
58ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=682&ck=1&ref=https://www.powr.io/countdown-timer/u/9689c988_1541871999&be=453&fe=520&dc=519&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1697215550420,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:250,%22rpe%22:285,%22dl%22:257,%22di%22:519,%22ds%22:519,%22de%22:519,%22dc%22:519,%22l%22:519,%22le%22:520%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.powr.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 16:45:51 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-lga21966-LGA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: u0altfd679.execute-api.us-west-2.amazonaws.com
URL: https://u0altfd679.execute-api.us-west-2.amazonaws.com/prod/api/appstats

Domain: u0altfd679.execute-api.us-west-2.amazonaws.com
URL: https://u0altfd679.execute-api.us-west-2.amazonaws.com/prod/api/appstats

Domain: api1.shoptimally.com
URL: http://api1.shoptimally.com/users/get_id?user_agent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F118.0.5993.70+Safari%2F537.36&api_key=fdd4f6117ed041bd8b69b3d513bed9cc&client_ver=1.3

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.boldapps.net/	1970-01-20 15:26:57	Name: __cf_bm Value: 7is6pXrrpsV4jcafcUZA4zXd9NVQvqfd31HPI_IzEg4-1697215548-0-AQmRBFWfU2kOl870zzkQ63byVAZCJ53OExpcdHmY6/bcTvhT5zUescmSX4YEpFCKpU3Q3uXydmszHKSSNqq/mYI=
qhbwql.click/	1970-01-20 15:26:57	Name: baMet_visit Value: 8c38b0323d604c0385efde1515e6b5a4
qhbwql.click/	1970-01-20 15:26:59	Name: shopify_pay_redirect Value: pending
.qhbwql.click/	1970-01-21 00:05:19	Name: _y Value: 29ee17e5-7AD0-40A5-9312-2AB185722A4B
.qhbwql.click/	1970-01-21 00:05:19	Name: _shopify_y Value: 29ee17e5-7AD0-40A5-9312-2AB185722A4B
.qhbwql.click/	1970-01-20 15:26:57	Name: _s Value: 29ee17ec-FDC9-486B-B5B9-8E95F0C0B884
.qhbwql.click/	1970-01-20 15:26:57	Name: _shopify_s Value: 29ee17ec-FDC9-486B-B5B9-8E95F0C0B884
.qhbwql.click/	1970-01-20 15:26:57	Name: _shopify_sa_t Value: 2023-10-13T16%3A45%3A49.421Z
.qhbwql.click/	1970-01-20 15:26:57	Name: _shopify_sa_p Value:
.qhbwql.click/	1970-01-20 15:28:21	Name: _gid Value: GA1.2.1360203603.1697215550
.qhbwql.click/	1970-01-20 15:26:55	Name: _gat Value: 1
.qhbwql.click/	1970-01-20 17:36:31	Name: _fbp Value: fb.1.1697215549624.1700339227
.qhbwql.click/	1970-01-21 01:02:55	Name: _ga_SMB1R4MDNQ Value: GS1.1.1697215549.1.0.1697215549.60.0.0
.qhbwql.click/	1970-01-21 01:02:55	Name: _ga Value: GA1.1.1768460850.1697215550
.pinterest.com/	1970-01-21 00:12:31	Name: ar_debug Value: 1
.qhbwql.click/	1970-01-21 00:12:31	Name: _pin_unauth Value: dWlkPU5EVTJaR1JsTVRBdFkyRm1aUzAwWWpWaExUbGhabVl0WkRGbU1qVTROMkU0TXpGaQ
.ct.pinterest.com/	1970-01-21 00:12:31	Name: _pinterest_ct_ua Value: "TWc9PSZWWTErSUVqdzBuSEo5d215cmFPeTVYSm5SN2NxZytrNVBBSTlMZU9qdHBtc0tMcVczMXZPUnNscSs3eFZYOCt1OENsQUZ6NGNkc0VxWXp4MGVCd1hjQW50M2tzWnZPaGZrLzZHcE9NMlZpND0mYmVWRFpDT0swS2Jra1lkYTZ5aGluZFYxMFNrPQ=="
qhbwql.click/	1970-01-21 00:12:31	Name: po_visitor Value: 3jz3z4z5bDgb
.doubleclick.net/	1970-01-20 15:26:56	Name: test_cookie Value: CheckForPermission
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e8cba0bc84a296c1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://u0altfd679.execute-api.us-west-2.amazonaws.com/prod/api/appstats Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://vcdn.powr.io/v/countdownTimer/shopify/countdown-timer-9689c988_1541871999.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
api1.shoptimally.com
app.marsello.com
bam.nr-data.net
cdn-images.mailchimp.com
cdn.pushowl.com
cdn.shopify.com
chimpstatic.com
connect.facebook.net
ct.pinterest.com
d2pkcwbsyjj2rs.cloudfront.net
d5zu2f4xvqanl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
public.powrcdn.com
qhbwql.click
ro.boldapps.net
s.pinimg.com
s3-eu-west-1.amazonaws.com
shop.app
socialplugin.facebook.net
static.xx.fbcdn.net
stats.g.doubleclick.net
u0altfd679.execute-api.us-west-2.amazonaws.com
vcdn.powr.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.madduckposters.com
www.powr.io
www.powrcdn.com
api1.shoptimally.com
u0altfd679.execute-api.us-west-2.amazonaws.com
104.108.97.97
13.249.38.183
142.251.167.154
151.101.66.137
162.247.243.29
2001:4860:4802:36::181
2001:4860:4802:38::178
23.227.38.33
23.227.38.74
23.227.60.200
23.62.164.202
2600:1408:c400:18b::1931
2600:9000:24f2:ae00:16:9033:f200:21
2600:9000:2501:e400:7:6365:89c0:93a1
2600:9000:26c1:ae00:19:5216:dc40:21
2606:4700:10::6816:32f5
2606:4700:10::ac43:592
2606:4700:3031::6815:2781
2606:4700:3034::ac43:cbba
2606:4700:3036::6815:2528
2606:4700::6810:6c12
2606:4700::6812:bcf
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::93
2a03:2880:f003:c07:face:b00c:0:2
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
52.218.42.3
52.71.154.118
013ab89b2c592a5cfeaf7016fe94881679bbfd80a44287dbb57e7679c7a207c9
041b7044b29a121c0cfa23f378beb43bd066e8bb0ad38f71eb6cf446221e79f5
04a7b92b6272ae94f8f1bbe8fdd481ab5fff492c0fba4c733cb2209fe7df21ed
04fa70d745a02583923149155f46cc354b77680fc4eeec390e25d8fbb908f563
063e386c552520bd431067f695ea56fb554da4e9546d64e86b3a07ab6d68919e
07cafb54894a5429f20ab7b09a36ea665ec8aa08abaa780b4d87fc60fc90b2e4
0b2b05e6637f981d2751c962934c46f23867c0d6ed4d7538ba0c69831cecf358
0c76c3b439b78f7fe01636ecd4572b12cd11e01ead36ad25d6131340bc03c81f
0cb48ef78b4bb7d123eb86b076618580cf3e349099895e0f130956d2c5648094
0d16880404e99c59140dd39c160b7d40d1b38c41c642f175a5450e1660abc0c2
0f58c64171390dfcb9b8d1c335d1a504e5366b9d205af01c89afe7b96cacf350
1070f8aea416f4c74efceeef302e2dee84a0b4a887fdca1df6ccd2f3a86aa0f5
10ff2ce566260b63e39a96e76243d339b86fbfaa54358943d4e05885139fae97
146fb4e3498b323f54c058cad2e9a44b0a54dee1ec42c675526dca23d890f193
1825ae8372632b13b6f288a191c32501195ac607b38c3ec62a55b6e73c33dfab
1af4a64548b3003042221ee0b21d889fd6420ccf1a981a1122dee5face97e4b3
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21fda898a8879dbd4f8b83b6864220c699221f205e9fcac0eb592691fed3e5fb
23c692b3dcfadcb9504e64da5ca02ab947a477b3a204a60451b8717b01bfc34d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26c539eedbfd3f5afe4a73e33f3d86f52c36759476c1ff02fcb455eefccd0e2c
275a7dccb9a6430faf3905ab4e4f5abdc3019e906895f1d8276434989ec22571
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3ad9956095340bb1c1689eb7f5868feb2e18d5c5c155fb3349f188c2ceea7ae4
3b8ade65cdcf068e5090561b0245d444480f77259fe669f817b08163832c5c92
3c06e528b5302c86ef2835aba37c0873924bbc67c786fbb63f97bf19f313452a
3c6149e435ab8248077fcc83a0fb7fb7fd5b8cba45a1fd3a6e5ed9a373617060
3d4f19e27ee9a32aa646c33e89666ff5b295cfd9d96cb4a983edb4ae3c011dbd
3f50ee014490128ac854deb356f11a7f831cf2139a5399f920e262dbcff649dd
40cfb2ccb2ae7cd26f58508edf5b4d16adb90b2b3b9157af8d95bb41ce323ae2
42777ea38c41d2f6a4de0aebbc3ede0b3baf394a6f1af632a532ae6f31dfb480
4412f8883cb25e54d78f5541f913d0249f5215a01650ee92bcad2bc5274019bc
45d0ff54548c6452cbf5b377066b629d689db2710e5dd5999c9ab4997835fa3b
479a05c9362bfb1c8736339169a47a2d8a38139adcc136b8e794d691ff2de41a
4976a98ce9cd3e9b515730ee2ba2db2f3be3878fd4a2b1228d3e51ee879c389e
4a63db3f2a564e08e2c20962d1ccbbf16c9fe7a7e6742eac73d2c60b7f952036
4d4aa141ad2d7860da7ee5a6d53dc59d6916ed14cab69225cd608b7fe5caf1a4
4ea44fb2522415170fceef45ab9bad5b52b75e835b12a6d9172e3f63d0e03543
53e6d6153970efa6638ea68cc09d67db4fbb6f70361b70aed725d3bdda37cc91
58ceb438225f71673b80975fcfebb7da632f185398911d5d5b3ae05d979d8e85
5d07dff0b280df7d5ce294fb31652b05f2edfbcee800c29a99b6973fc3dac0ec
627f841870e859679ddee4ba5dfab4533e965a5d8c7ba4417a0474f1d9dea2fa
64bd55ec76107155855847028165ee347c0b6d0c53f7aed16dd3ed1c42743e69
66780379d336459234ec580dff67bdb5bd9a738ae3df59186689929ef548e072
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9245d787b61fc0ed2d35218586c49e107e0a8ade00ab4aa0da137fb728455a
6e825b684002d69a494baae818ca032ab7e046c73b37a273b55e93563f394d7c
728731c7a039773b25702c0acb4ce65bbd32c27d78bde5b13ecb46a1cf902cc8
7334f378ca0a448224bf06bbd36a91475fe026ad8237c16ce98af37e3f72ea4a
737b5b64e397feae483dfe69ac126a5998fc7d4784485cb70ce42d22fe5c4e9c
74168275adb6a98796a63b6a69fc4c0efb4b45a8d23be7c7954da06687db7042
75677e44f0fb36681ce0d5260f65120bb79d0b56dac9973b5e9bc00167421706
75de8be29844c0a550d073aea30a3c02be1a8e5b61f4da6fa7905d698b5ff99e
75f1964cde99e65f2838fce81d13dc6a1519333f9b74c093e343a6814ece2c25
770cff337a3f303cf3ab33859920745beabd5cd18aa6c6e7ed813672b6879ace
7739836cfc45853b0152c931176fda465b382e576f42d27c9db239422a65f5ea
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
781c597a57a400d556cafe8182086e160e7419aa7c1759a912c51f1e7035d155
7b2099d79f85c61ea61b0c084fb5870f9824d7be079620f6e3a98c3c601b0149
7b6e6ed893fb441e3dd9f00f7db379892ba86d7c1a861425c3d175152190177b
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
7e0837decee30e14e7b38d6cc1c8c8a2bd5010c7d663582f9a68c32f389fd231
80c50d13e60ea631a2b8d35e6a25f84504ef8c86db4d86ee9076cd990ca98c62
81350e7d0e7736d853fa722259a2a96d48d62d1f6a855202cf4713ef8c82a7f2
830e011e670ec916bfba3f218478ded7650f9dc56e0e9527a7f0d8571ada1b5f
839950ad09020075dff472cb93f377a77377fc97d4b70b5aee7c8f970cdef9c8
86041e7dabc5d04080161288ea7710ea0a2f21463ed220aca67dec471b21bb0c
870c3f9831b0c508b844bd6f95280a51d56d7ebe802b2c03439c796aac5a9012
87876fa245af19cbd14aa886ed59c6aa8a27c45d24dcd7a81cf2d2323506233e
88177d4b195d2c5dbddb7e69a7b2e5c9012b1dcd768ef9573de02cca4024eb12
8d30b37dff693e8a09a3b7b1cdd6dfc30361c51be03b3c402c29a7efbf3b05c7
8d999df13b94de2a055c9a96293d7ba892f7017601ff06f254d9c4377082d9b8
8df74e1215b109ead8c80599cadfc93d9eca19ab7f41c59ad8b87b2917b679c6
8fc4aa58eba36944f49a93d645f69635e8d5643cde97ac4ab14c025d2a4d70bc
932bdc4c22755a8e867cc1dd8c24649a15dc6924fe8bb8bbfc58e2b8f25a99fe
95c2e623a4ad1b2b28b87e57188159ad94063d4e192d5777fa3a27c40b257db7
991206ef2808b8c5c1534bccd1043e4ad69fd5ef0cea9846e84347d855487230
994e7e3a132576fa52e22a56f7de8cd897e18198419918c6258ebb642aa9652a
99b89fc22651c36f0b0a4a610c0c0d0d3c3cc2809317be682057ed02abf23762
9a19ec2ab3413e19d3e5f70b03fda05ffc6b2d2ab5bb1665e541aa1cd60e6e11
9aece54c0f768c27562a22b89d10622c02d35a096c14023f6ebb41ca38541051
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ea5394d42d5d7ebf5804cd17595cc4005c0f2bfd9174712aab0eba8ae29fd71
a2d444786d996da5634fbbaeeffe6104ee672440dfa6cdcaebfb27dceaaf9c0f
a73dd8a2631ade8a524f0614c15882f71e1acc9ae457b36b1e93f709fa633ae6
a7c63dba65ccddc484f77541dc8ca437e60e1e9e297fe1c3faebf6523a0ede9b
abe907fa4d9bcfc8010c4d3c2c0bd090646b789be3d1ad687501ffb340b34f70
af11727b1e311ec0a68a4d0cfb9b12fdaf2fa97e8ef9604b04a520be36175915
af92da21738c67ca40f8ff13592d7254f208f7fc49b7778df99c38b10fd9385a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b99531a2c6320bb5951c9592b7e34366118eeaa2512ef1f02a021b78b5142fe6
b9c97dae799e128c412f581e451e4a7cb226c60935acbbc1d949f46e102ab014
b9ce754f2e3100373d90f6f935b0f02674d0d6466e129252b911c8c64287228b
bd50432350f75a122aa6dbfee483a70af61a42278a3876b7fcb8a796637f52e7
bf49d0c4a03c2b29a05c1700fc645271948e3b72729aba035443fd344d8e0912
bff115e2669939bba137932cea2a9edcb57233fc3929feaf7ff3dd07b94d7469
c0f75e4f542241910497c29e0329ab7d74828f72ea78e624ec828e3f48ed5fb8
c1c245d320bceb2cca67d5c22a3ba5f4a754a8083a739ef920d8e2026b0e9633
c4de3616f1ade3989ec471da620a3152eff9dad22c45ca6495c0a547b5ad436c
c4e9521c8212ae892b956c5262ccffbeda297d752421fa781b015d8d739209a6
cbb76f9781a87e354e51e890881d74f2f9f6a233d0b3bbc3ceda0324f7ff9797
ceda93fdd45567d77a4fc11a416d5a4496cff2e3c1303bb6e2ae728718f873bd
d0f387e5f3411a35691da3e37847ccfaf180043c63e8cfd59097191158b9923d
d158bb4b78b06653601fcc0faae9658194e300922ff5a87a9e3018e1059410c3
d19fb257b7de1754617d38f623d8d3e62b9ddac2c3b4e51962066cdcfa265371
d2e9563151d6fe3775811cfcfbd2c2c73874ce0f024020021e4cba3c9441e0e6
d393393fdfb9045182fe36e17fd043ba413d2c4d9930e89cc75cd65252aba6ae
d548b29025880c9fec717ba9239bfeb7737c4679fe3b952feb5ce5a630a545fe
d7344e74172e06ef21dd248e8b278aea120e466d63d75efda3eaf29e7a3402bd
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d947fccd2f862f3725dcc828d841e7eb20fd3b40501d87c22c2bf574a2296941
d9b979c8cd78a51aba5391cb06f5c594b62d0a8141d4274704b64479dbede766
da3d5ad8285943eb5a913394e9f7b90072344a5fc5f1400a92ec9bc70ec8398f
dd0b4c9ac455a708c74cbfdcc9aff7d5bcea8e1ccbeb34e4ce2cd4aefaf2d3a0
ddd53b56779f1bdc6b3f2e56c12bf02c8ba2dd098f6d03c060133ebb4a790ed5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557
e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d29d29723d8d2b9fd2513c8013262d2c2e58f23bdba095fcfb2fc2b20c4cd3
e54ce47c8b237311d6660f4348a4dd538a4c1f41f33f3d32c8885ace247dcf9b
e5d847d97665dac8a0143ba8c445a51d898678943f96fb4a2c6ad18c59ee94b7
e62ad20de0cbe8e879b5949e8ef1270b34b980894b8569b6c9aad81f1cb09b3a
e6466d84cc37becd5953e20c48fcb63af51250fda7fa1849b19cfe8819c6effe
ea28d1ae691c1fbee80f5ab485a399c693bc71e14edec6db5acb4a891aa30ad0
ec6f5d22be781f235caf3e4d6b803eb692916c00f98ae3dfa20b716531aad466
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f335b1ec434a6666408e82502eeb2504ad49d135d563c3e3abada965e67ca4de
f542999143b908b608ccb9f63913aeea647d5799a96aa593c0eb9ea2a57346f5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb86404c18511d968ec732972f8f512f756a48184cb55e7b10f58fdc85107d0a
fc67a366322d5c67f655c67e85b3daaa484b2b284f75670d1abaf40d46fae919
ff2ab0589be50f9328d6b86b9e656d83184ed0540442f0b8d650acd037a3f244
ff9de458357a4af27094e33ba0598aff3f3e4b3b51d7fc70bda5fdeb3af4516f

qhbwql.click Open in urlscan Pro 2606:4700:3031::6815:2781 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

166 Requests

61 %HTTPS

68 %IPv6

29 Domains

37 Subdomains

34 IPs

3 Countries

4552 kBTransfer

9752 kBSize

20 Cookies

5 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

qhbwql.click Open in urlscan Pro
2606:4700:3031::6815:2781 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

61 %
HTTPS

68 %
IPv6

29
Domains

37
Subdomains

34
IPs

3
Countries

4552 kB
Transfer

9752 kB
Size

20
Cookies

166 HTTP transactions
0 data transactions