offthegridsurplus.com Open in urlscan Pro
23.227.38.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Effective URL:
https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Submission: On December 29 via api (December 29th 2021, 5:31:42 pm UTC) from US — Scanned from CA

Summary HTTP 225 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 38 domains to perform 225 HTTP transactions. The main IP is 23.227.38.65, located in Canada and belongs to CLOUDFLARENET, US. The main domain is offthegridsurplus.com.
TLS certificate: Issued by R3 on December 18th 2021. Valid for: 3 months.

This is the only time offthegridsurplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	23.227.38.65 23.227.38.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
82	2a04:4e42:a00... 2a04:4e42:a00::268	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:807::2008	15169 (GOOGLE) (GOOGLE)
8	18.185.191.84 18.185.191.84	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:46::70 2620:1ec:46::70	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	67.205.138.90 67.205.138.90	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	13.225.63.100 13.225.63.100	16509 (AMAZON-02) (AMAZON-02)
6	104.198.248.251 104.198.248.251	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1cb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::70 2620:1ec:bdf::70	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
2	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3	13.225.63.75 13.225.63.75	16509 (AMAZON-02) (AMAZON-02)
1	52.88.109.193 52.88.109.193	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4023:1407::9d	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 7	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:80a::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
25	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:e87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:1db4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
6	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	52.218.29.24 52.218.29.24	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:731	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:22f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:d2f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:4436	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:210... 2600:9000:210b:4a00:7:67fb:be80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:210b:cc00:16:4701:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:c7d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21e... 2600:9000:21ea:4800:11:4cd0:7f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:210b:ea00:2:3d40:da40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.23.99.5 52.23.99.5	14618 (AMAZON-AES) (AMAZON-AES)
225	46

5 23.227.38.65 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

offthegridsurplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2a04:4e42:a00::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com

manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

config.gorgias.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::70 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn2.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.205.138.90 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

reginapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-100.ewr53.r.cloudfront.net

cdn.avmws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.198.248.251 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 251.248.198.104.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1cb4 (United States)

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::70 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn1.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.63.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-75.ewr53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.109.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-109-193.us-west-2.compute.amazonaws.com

services.mybcapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1407::9d (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

796512322.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e87 (United States)

ASN13335 (CLOUDFLARENET, US)

mccdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1db4 (United States)

ASN13335 (CLOUDFLARENET, US)

client-builds.production.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

analytics.getshogun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.29.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

easy-redirects.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:731 (United States)

ASN13335 (CLOUDFLARENET, US)

files-shpf.mageworx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:22f2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.octaneai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d2f8 (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4436 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.verifypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:4a00:7:67fb:be80:93a1 (United States)

ASN16509 (AMAZON-02, US)

intg.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:210b:cc00:16:4701:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.routeapp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

cdn.rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:631 (United States)

ASN13335 (CLOUDFLARENET, US)

apps.mageworx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:c7d (United States)

ASN13335 (CLOUDFLARENET, US)

rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ea:4800:11:4cd0:7f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

shopify.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:ea00:2:3d40:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)

protection-widget.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.99.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-99-5.compute-1.amazonaws.com

api.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	shopify.com cdn.shopify.com	1 MB
25	facebook.com www.facebook.com	17 KB
17	fbcdn.net static.xx.fbcdn.net	183 KB
9	klaviyo.com static.klaviyo.com static-tracking.klaviyo.com fast.a.klaviyo.com static-forms.klaviyo.com	107 KB
8	snapchat.com 1 redirects tr.snapchat.com intg.snapchat.com	6 KB
8	manychat.com manychat.com widget.manychat.com	118 KB
7	rebuyengine.com cdn.rebuyengine.com rebuyengine.com	258 KB
6	gorgias.chat config.gorgias.chat client-builds.production.gorgias.chat assets.gorgias.chat	247 KB
6	shopifysvc.com monorail-edge.shopifysvc.com	3 KB
5	shopifycdn.com fonts.shopifycdn.com	103 KB
5	offthegridsurplus.com offthegridsurplus.com	49 KB
4	facebook.net connect.facebook.net	196 KB
3	route.com shopify.route.com protection-widget.route.com api.route.com	166 KB
3	octaneai.com app.octaneai.com	89 KB
3	google.ca www.google.ca	719 B
3	google.com 1 redirects www.google.com	679 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	sc-static.net sc-static.net	23 KB
3	google-analytics.com www.google-analytics.com	40 KB
3	googleadservices.com www.googleadservices.com 796512322.privacysandbox.googleadservices.com	16 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	stamped.io cdn2.stamped.io cdn1.stamped.io	69 KB
2	routeapp.io cdn.routeapp.io	36 KB
2	mageworx.com files-shpf.mageworx.com apps.mageworx.com	72 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	tapad.com 2 redirects pixel.tapad.com	889 B
2	unpkg.com 1 redirects unpkg.com	16 KB
2	googletagmanager.com www.googletagmanager.com	86 KB
1	verifypass.com cdn.verifypass.com	2 KB
1	backinstock.org app.backinstock.org	25 KB
1	amazonaws.com easy-redirects.s3-eu-west-1.amazonaws.com	15 KB
1	getshogun.com analytics.getshogun.com	17 KB
1	mccdn.me mccdn.me	94 KB
1	mybcapps.com services.mybcapps.com	17 KB
1	shop.app shop.app	1 KB
1	avmws.com cdn.avmws.com	2 KB
1	reginapps.com reginapps.com	105 KB
1	gorgias.io config.gorgias.io
225	38

	Domain	Requested by
77	cdn.shopify.com	offthegridsurplus.com cdn.shopify.com
25	www.facebook.com	offthegridsurplus.com connect.facebook.net
17	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	tr.snapchat.com	1 redirects cdn.shopify.com offthegridsurplus.com
7	manychat.com	offthegridsurplus.com manychat.com cdn.shopify.com
6	cdn.rebuyengine.com	offthegridsurplus.com cdn.rebuyengine.com cdn.shopify.com client
6	monorail-edge.shopifysvc.com	cdn.shopify.com
5	static.klaviyo.com	offthegridsurplus.com static.klaviyo.com
5	fonts.shopifycdn.com	offthegridsurplus.com
5	offthegridsurplus.com	cdn.shopify.com
4	connect.facebook.net	cdn.shopify.com connect.facebook.net mccdn.me
3	app.octaneai.com	offthegridsurplus.com cdn.shopify.com
3	assets.gorgias.chat	config.gorgias.chat offthegridsurplus.com
3	www.google.ca	offthegridsurplus.com
3	www.google.com	1 redirects offthegridsurplus.com
3	sc-static.net	cdn.shopify.com tr.snapchat.com intg.snapchat.com
3	www.google-analytics.com	cdn.shopify.com offthegridsurplus.com www.googletagmanager.com
3	fonts.googleapis.com	cdn.shopify.com client
2	static-tracking.klaviyo.com	static.klaviyo.com
2	cdn.routeapp.io	offthegridsurplus.com cdn.routeapp.io
2	fonts.gstatic.com	fonts.googleapis.com
2	pixel.tapad.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	cdn1.stamped.io	cdn2.stamped.io offthegridsurplus.com
2	config.gorgias.chat	cdn.shopify.com client-builds.production.gorgias.chat
2	unpkg.com	1 redirects offthegridsurplus.com
2	www.googletagmanager.com	offthegridsurplus.com cdn.routeapp.io
1	api.route.com	cdn.shopify.com
1	protection-widget.route.com	cdn.routeapp.io
1	shopify.route.com	cdn.shopify.com
1	rebuyengine.com	cdn.shopify.com
1	apps.mageworx.com	cdn.shopify.com
1	static-forms.klaviyo.com	cdn.shopify.com
1	fast.a.klaviyo.com	cdn.shopify.com
1	intg.snapchat.com	offthegridsurplus.com
1	cdn.verifypass.com	offthegridsurplus.com
1	app.backinstock.org	offthegridsurplus.com
1	files-shpf.mageworx.com	offthegridsurplus.com
1	easy-redirects.s3-eu-west-1.amazonaws.com	offthegridsurplus.com
1	analytics.getshogun.com	offthegridsurplus.com
1	client-builds.production.gorgias.chat	offthegridsurplus.com
1	mccdn.me	widget.manychat.com
1	796512322.privacysandbox.googleadservices.com	offthegridsurplus.com
1	stats.g.doubleclick.net	cdn.shopify.com
1	services.mybcapps.com	cdn.shopify.com
1	widget.manychat.com	manychat.com
1	shop.app	cdn.shopify.com
1	cdn.avmws.com	offthegridsurplus.com
1	reginapps.com	offthegridsurplus.com
1	cdn2.stamped.io	offthegridsurplus.com
1	config.gorgias.io	offthegridsurplus.com
225	52

This site contains links to these domains. Also see Links.

Domain
otgsurplus.myshopify.com
facebook.com
twitter.com
instagram.com
www.youtube.com
wholesale.offthegridsurplus.com
www.shopify.com
manychat.com

Subject Issuer	Validity	Valid
offthegridsurplus.com R3	`2021-12-18` - `2022-03-18`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-05-03` - `2022-06-02`	a year	crt.sh
config.gorgias.io GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-06` - `2023-01-07`	a year	crt.sh
cdn2.stamped.io DigiCert TLS RSA SHA256 2020 CA1	`2021-04-21` - `2022-04-21`	a year	crt.sh
reginapps.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2022-04-10`	2 years	crt.sh
avantlink.com Amazon	`2021-04-29` - `2022-05-28`	a year	crt.sh
monorail-edge.shopifysvc.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
gorgias.chat Cloudflare Inc ECC CA-3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
shop.app R3	`2021-11-25` - `2022-02-23`	3 months	crt.sh
cdn1.stamped.io DigiCert TLS RSA SHA256 2020 CA1	`2021-04-24` - `2022-04-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-08` - `2022-01-06`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
widget.manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-03-18` - `2022-04-18`	a year	crt.sh
*.mybcapps.com Amazon	`2021-04-14` - `2022-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mccdn.me Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.getshogun.com R3	`2021-12-04` - `2022-03-04`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-08`	a year	crt.sh
static.klaviyo.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
intg.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-28` - `2022-07-28`	a year	crt.sh
*.routeapp.io Amazon	`2021-05-24` - `2022-06-22`	a year	crt.sh
cdn.rebuyengine.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
fast.a.klaviyo.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
static-forms.klaviyo.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.route.com Amazon	`2021-06-22` - `2022-07-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Frame ID: F4EB54247C2FB393210E33064BC55CBB
Requests: 181 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=85b9b802-6e2e-4926-a484-f63f172d2bf0
Frame ID: 6622C98D20BE249293F8FBD2B968D248
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: EBD467E8422EC1DB2D34A1B0327705DB
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1640760638463&pnid=140&pcid=19c5c036-a346-46ad-8715-b55c302d4539
Frame ID: 4E32976D51844FA8834DA03152A6B148
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Frame ID: 78CD09CED0830119CB18AC7D3034C096
Requests: 39 HTTP requests in this frame

Frame: https://cdn.routeapp.io/route-analytics/index.html
Frame ID: 45EE2FDB1FDA38B25435EE7AB7780174
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mens Tops – Off The Grid SurplusAmazonAmerican ExpressApple PayDiners ClubDiscoverEloGoogle PayJCBMastercardPayPalShop PayVenmoVisa

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Amazon Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<meta id="amazon-payments

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

ManyChat (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

widget\.manychat\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

scrollreveal(?:\.min)(?:\.js)

Page Statistics

225
Requests

98 %
HTTPS

59 %
IPv6

38
Domains

52
Subdomains

46
IPs

4
Countries

3512 kB
Transfer

9882 kB
Size

33
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://otgsurplus.myshopify.com/products/gift-card
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://facebook.com/offthegridsurplus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/offthegridsrpl
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/offthegridsurplus
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqdspBpkr4Asj6zh82TGNlw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://wholesale.offthegridsurplus.com/
Title: Wholesale

Search URL Search Domain Scan URL

URL: https://www.shopify.com/?utm_campaign=poweredby&utm_medium=shopify&utm_source=onlinestore
Title: Powered by Shopify

Search URL Search Domain Scan URL

URL: https://manychat.com/?utm_medium=Growth+Tool+Branding&utm_source=User+Websites&utm_campaign=Viral&utm_content=bar
Title: Powered byManyChat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://unpkg.com/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js HTTP 302
https://unpkg.com/@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js

Request Chain 104

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eJvMYfGwHYmNoPMPuua4eA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eJvMYfGwHYmNoPMPuua4eA&cid=CAQSKQCNIrLMAfSiqrKRD9phWdh-hMWfYArpYKuLD0N47nk36POnNGDBEPH9&random=2649502605&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ca/pagead/1p-conversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eJvMYfGwHYmNoPMPuua4eA&cid=CAQSKQCNIrLMAfSiqrKRD9phWdh-hMWfYArpYKuLD0N47nk36POnNGDBEPH9&random=2649502605&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 112

https://tr.snapchat.com/cm/s?pnid=140&cb=1640799096672 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640760638463%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640760638463%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1640760638463&pnid=140&pcid=19c5c036-a346-46ad-8715-b55c302d4539

225 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mens-tops Show response
offthegridsurplus.com/collections/ 265 KB
45 KB 583ms
535ms Document
text/html 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

ad56135c8709b7aa95518e30ba3bf70697ccaa6aad01b7d154f16f45f752e1e6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 53
x-sorting-hat-shopid: 25921126454
x-storefront-renderer-rendered: 1
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-alternate-cache-key: cacheable:ea52b2e2a5fd147e098045f3c7e76f96
x-cache: miss
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 25921126454
x-shardid: 53
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id: c117b792-5dfd-4628-bcac-b18358dae85d
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c54c3475ece7145-YUL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 27 KB
9 KB 66ms
35ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/lazysizes.min.js?v=904086309542630101

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

80ecdc5ea27ad0b02e22221601221ddd61b0492e09a122808b151b8013af7314

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.788,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 8994
x-xss-protection: 1; mode=block
x-request-id: f3170efe8c9261b9b8e769d6ede82c34
x-served-by: cache-lga21946-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.531963,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/lazysizes.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 theme-critical.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 99 KB
20 KB 60ms
29ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme-critical.css?v=3561221114399344517

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

210f80b61e1976137c421022760989a5f915d4fcd1c6f80a2513f9d4d18db40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.091,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 19665
x-xss-protection: 1; mode=block
x-request-id: c4673e4256891fef486ce07b192220bf
x-served-by: cache-lga13627-LGA, cache-yul12820-YUL
last-modified: Tue, 31 Aug 2021 12:06:05 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.531518,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:46 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme-critical.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 scrollreveal.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 16 KB
5 KB 68ms
38ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/scrollreveal.min.js?v=16078805829794449500

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

96b38302cfbad43622521e7e10577027299bc0070b50c2f0ab29afb927fa4f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.881,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5007
x-xss-protection: 1; mode=block
x-request-id: 2ebb9ca99a90e50db07968f11371edc3
x-served-by: cache-lga21962-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.531971,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/scrollreveal.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 jquery.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 87 KB
30 KB 21ms
16ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/jquery.min.js?v=6093865874309170411

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.010,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 29991
x-xss-protection: 1; mode=block
x-request-id: 05f424d6255b1f9661d7f5fe754a35bb
x-served-by: cache-lga13624-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.613713,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/jquery.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 vendor.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 165 KB
46 KB 35ms
29ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/vendor.min.js?v=14334393756238526063

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

ffe5ded2b2f74a469739ae0672374c397de9c5a11acd3eaf29f496bbe681eb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.199,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 46472
x-xss-protection: 1; mode=block
x-request-id: daecbc78e0ba639e1416d7b8397dd16f
x-served-by: cache-lga21978-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.616679,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/vendor.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 ajax-cart.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 11 KB
3 KB 31ms
26ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ajax-cart.min.js?v=1036481553876729424

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

981d749dfea45279e6980db98c3578386fdcee15377afcb7fe27b7c3622bf46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.826,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2803
x-xss-protection: 1; mode=block
x-request-id: ff9fe85f09710805e1b893657ace83ce
x-served-by: cache-lga21956-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.616730,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ajax-cart.min.js>; rel="canonical"
x-cache-hits: 1, 5

GET
H2 200 theme.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 129 KB
18 KB 43ms
13ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.css?v=6691975211223715560

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

b09f95c67a1eeb461621224361d070461774ac807df1110cd23614d217f1beec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.814,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 17860
x-xss-protection: 1; mode=block
x-request-id: 3955c46e9fd21c2248ca43e6537ba98a
x-served-by: cache-lga21954-LGA, cache-yul12820-YUL
last-modified: Fri, 19 Nov 2021 17:33:28 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.531596,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:44 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 theme.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 65 KB
14 KB 32ms
26ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.min.js?v=16509411633783335105

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

18754e2fd15b48c74422a969233fbf8a6a0dcbf128964539dc88571b9cae165a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.786,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 13955
x-xss-protection: 1; mode=block
x-request-id: c4819744c8def274cf55b292e603cae3
x-served-by: cache-lga21927-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.616788,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 custom.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 1 KB
695 B 30ms
25ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/custom.js?v=16496594066256000078

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

79885c42f306535793fe4985a6e7ad95e81f1c7cd6eed6cd487dd979c296b718

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.762,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 453
x-xss-protection: 1; mode=block
x-request-id: fcf2e14a8cadb8fbe8d4066c507d55c0
x-served-by: cache-lga13622-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.616817,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/custom.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
3 KB 59ms
16ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12829-YUL /

Resource Hash

7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.132,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2784
x-xss-protection: 1; mode=block
x-request-id: 95e989fd3a1c222210ddb099c866308f
x-served-by: cache-lga21922-LGA, cache-yul12829-YUL
server: cache-yul12829-YUL
x-timer: S1640799096.654785,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js>; rel="canonical"
x-cache-hits: 2, 1708755

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
17 KB 67ms
24ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12829-YUL /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.191,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17353
x-xss-protection: 1; mode=block
x-request-id: f385e1ea40508a21c089c34d84c5ffab
x-served-by: cache-lga13621-LGA, cache-yul12829-YUL
server: cache-yul12829-YUL
x-timer: S1640799096.654863,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 1, 1358045

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 72ms
29ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12829-YUL /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.158,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: e624e9bc29b60a2db5947e2486240d8a
x-served-by: cache-lga21932-LGA, cache-yul12829-YUL
server: cache-yul12829-YUL
x-timer: S1640799096.654961,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 1, 2115776

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
50 KB 136ms
43ms Script
application/javascript 2607:f8b0:4006:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-796512322

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9efdec42c1791c4bf61a58fe45fb959e475944316465d67aafccd2967052a458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51187
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 17:31:35 GMT

GET
H2 200 boost-pfs-init.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 65 KB
8 KB 48ms
24ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-init.css?v=8092767899613970855

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

e7a6d0d9baf1317fa11a820ed536426566a6df1b427239ccaac8b47228cb88f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.877,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7754
x-xss-protection: 1; mode=block
x-request-id: 47a07501fba646e35cc0d586d3a35bc8
x-served-by: cache-lga21952-LGA, cache-yul12820-YUL
last-modified: Tue, 31 Aug 2021 12:06:21 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.531634,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:56:52 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-init.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-general.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 92 KB
10 KB 62ms
40ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-general.css?v=3032076038615898097

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

04c4578362c0c9da6a4cc6b6adb7af9d7e358494cb4e1f5ac6f0094f8454ea78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.632,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 9409
x-xss-protection: 1; mode=block
x-request-id: fe8174591fa140620cc275573000d8b4
x-served-by: cache-lga21970-LGA, cache-yul12820-YUL
last-modified: Tue, 31 Aug 2021 12:06:21 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.531663,VS0,VE2
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:56:59 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-general.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-otp.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 60 KB
7 KB 49ms
27ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-otp.css?v=16475972099793984020

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

32340fee25d1a7886b385adccc9f7fa08cdb2b3dab04c734f81cf77003d9689e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.865,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7174
x-xss-protection: 1; mode=block
x-request-id: d81b5973b47383e576ce66df00a5e8d4
x-served-by: cache-lga21940-LGA, cache-yul12820-YUL
last-modified: Tue, 31 Aug 2021 12:06:21 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.531706,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:56:52 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-otp.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-custom.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 35 KB
6 KB 63ms
41ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-custom.css?v=3231033471792619898

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

04d7ca922b067aabd6a958b6bfc780390d9b6df764c1ca1b27f1639303726cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.950,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5462
x-xss-protection: 1; mode=block
x-request-id: 3eb8276581cebdd6516fa4d229f49df6
x-served-by: cache-lga21924-LGA, cache-yul12820-YUL
last-modified: Tue, 31 Aug 2021 12:06:21 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.531760,VS0,VE2
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:49 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-custom.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 shopify.js Show response
manychat.com/static/js/ 155 KB
58 KB 419ms
196ms Script
application/javascript 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 81f7da941a82546d2f6d2e09319016668484769b4586f698e171f57c9cf464dd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
cache-control: public, max-age=600
last-modified: Fri, 24 Dec 2021 10:28:39 GMT
server: openresty/1.19.3.2
content-encoding: gzip
etag: W/"61c5a0d7-26a05"
content-type: application/javascript; charset=utf-8

GET
H2 200 form-builder-script.js Show response
cdn.shopify.com/extensions/61cd9773-46b7-43cf-97c3-2ef40a4ae389/1.1.0/assets/ 2 KB
1 KB 28ms
24ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/61cd9773-46b7-43cf-97c3-2ef40a4ae389/1.1.0/assets/form-builder-script.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

9cb727cf2682c975a79366d9b2a86dbae1709904c579a19e4270f02e56ac0fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.156,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 567
x-xss-protection: 1; mode=block
x-request-id: 687d47165012104080521c66990f231b
x-served-by: cache-lga21940-LGA, cache-yul12820-YUL
last-modified: Thu, 21 Oct 2021 07:08:59 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.616886,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 11 Nov 2022 04:38:32 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/61cd9773-46b7-43cf-97c3-2ef40a4ae389/1.1.0/assets/form-builder-script.js>; rel="canonical"
x-cache-hits: 1, 82

GET
H2 200 Off-The-Grid-Dark-LOGO_300x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 8 KB
8 KB 48ms
43ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Off-The-Grid-Dark-LOGO_300x.png?v=1575529671

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

369486ccabc778f274609c968be0dec7417f815c887db9b1ef6fab0d6a1e64da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.527,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7940
x-xss-protection: 1; mode=block
x-request-id: a8d615a88606732fdde5c74607aa5456
x-served-by: cache-lga21979-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.616949,VS0,VE2
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Off-The-Grid-Dark-LOGO_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FALL19-3_300x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 21 KB
21 KB 32ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_300x.jpg?v=1575534171

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

db5a1af6805feccb072ef3f8f4b0fd2de21422dcf655e34208782d411b03c22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.014,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 21622
x-xss-protection: 1; mode=block
x-request-id: 788c1dd4778013c5217097491eaa4907
x-served-by: cache-lga21946-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.616992,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_300x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 403 Oro0V7LQ5Wx9d83N.js
config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/ 0
0 118ms
65ms Script
application/xml 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/Oro0V7LQ5Wx9d83N.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

loop-onstore-sdk.js Show response
unpkg.com/@loophq/onstore-sdk@1.0.9/dist/
Redirect Chain

https://unpkg.com/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js
https://unpkg.com/@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js

44 KB
16 KB

24ms
24ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f22f4fcb3beaf7ceed8d48827a9b505351ca31318ba468ec98e33f190f7e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21625665
fly-request-id: 01F3Z43KX6BFJWRGY7A30BGEN1
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"b075-ZDPHTV1gI86R7rryPtcb4aHID98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c54c34c38cd7157-YUL

Redirect headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FR3KGFK3EMWZKGHNTX3ZR3CJ
server: cloudflare
age: 462
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c54c34bafff7157-YUL
access-control-allow-origin: *

GET
H2 200 widget.min.js Show response
cdn2.stamped.io/files/ 89 KB
26 KB 153ms
26ms Script
text/javascript 2620:1ec:46::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.stamped.io/files/widget.min.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 92cb1d5813aa2552b90961426870a4b29be2518a7353082bf19f726483420f9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 17:31:35 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 09:21:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yjvFhLKLCvM8k51+QGf8yg==
etag: 0x8D9AB3DF5225B5C
x-azure-ref: 0d5vMYQAAAADPYG9yXzRLQYFk2kyxQHEkWU1RMDFFREdFMDkxOQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: d33c759d-401e-003a-4330-fcd6cc000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0TFLMYQAAAACE6BjNMlT1Roy922r+xIa8U04xRURHRTIxMTEAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj

GET
H2 200 boost-pfs-vendor.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 213 KB
72 KB 31ms
28ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-vendor.js?v=331947207859668870

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

12b8f46d36c08ebd4b8b3727043d3be59ae9bc616dd0c1ce814e319727b4c0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.056,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 72990
x-xss-protection: 1; mode=block
x-request-id: a551bbcc2cb62450155d359317824d72
x-served-by: cache-lga13625-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.617035,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-vendor.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-core.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 387 KB
61 KB 48ms
44ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-core.js?v=16375029052719698201

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

9b24aa83d9a2fdd11b220589363528e3f6022811e0fa140177ff91fa7f0956fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.679,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 62264
x-xss-protection: 1; mode=block
x-request-id: a2f830e47854774e880adf044421b00c
x-served-by: cache-lga21969-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.617083,VS0,VE2
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-core.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-otp.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 225 KB
67 KB 64ms
61ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-otp.js?v=15964960967741483550

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

7b90244307a6ab8c4cc068e4afc74ed01128c2592c1783368eac106529c004c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.395,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 68543
x-xss-protection: 1; mode=block
x-request-id: 9a8d5acd289672f595692b138a440978
x-served-by: cache-lga21935-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.626535,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-otp.js>; rel="canonical"
x-cache-hits: 196, 1

GET
H2 200 boost-pfs-filter.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 29 KB
10 KB 62ms
59ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-filter.js?v=649470522005690111

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

392f73589721cf428857976d649a537a783a4a5efb1ccae6ca6cfd7d5d528f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.976,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 9802
x-xss-protection: 1; mode=block
x-request-id: 7f73feec3c7a813e0bdee74fde14098c
x-served-by: cache-lga21951-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.626603,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-filter.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-instant-search.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 306 B
473 B 61ms
58ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-instant-search.js?v=16674080522246747681

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

55bfef53c0f1364e940a613be14eaeddd95641a48710b51b2456271d570dd0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.802,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 197
x-xss-protection: 1; mode=block
x-request-id: 416fbd85fd05e4d76c09d2264e80606d
x-served-by: cache-lga13622-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.626709,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-instant-search.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-init.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 441 B
493 B 63ms
60ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-init.js?v=18321486475260673524

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

f18ffe3c0db4fb9f98235581ffc3020d6388fc6a1df8a9f51051c107c8ada786

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.030,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 211
x-xss-protection: 1; mode=block
x-request-id: 08ae895edb559ce45b35c05c750adca4
x-served-by: cache-lga21938-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.626741,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-init.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H/1.1 200
OK limitsify.min.js Show response
reginapps.com/limitsify/javascripts/ 105 KB
105 KB 126ms
34ms Script
application/javascript 67.205.138.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://reginapps.com/limitsify/javascripts/limitsify.min.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.205.138.90 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: e0e7a66791325527c20e666694fc3c1dbbf4056420b5b28eb775b15ad0dd5002

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 17:30:38 GMT
Last-Modified: Wed, 17 Nov 2021 06:12:45 GMT
Server: nginx/1.10.0 (Ubuntu)
ETag: "61949d5d-1a4d6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107734

GET
H2 200 trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js Show response
cdn.shopify.com/s/ 77 KB
16 KB 58ms
55ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.253,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 16113
x-xss-protection: 1; mode=block
x-request-id: 890388141c9e3f50940e20290c408200
x-served-by: cache-lga21927-LGA, cache-yul12820-YUL
last-modified: Wed, 15 Dec 2021 16:30:30 GMT
server: cache-yul12820-YUL
x-timer: S1640799096.626810,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 15 Dec 2022 16:30:43 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js>; rel="canonical"
x-cache-hits: 3, 1521005

GET
H2 200 shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 7 KB
3 KB 59ms
57ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.166,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2437
x-xss-protection: 1; mode=block
x-request-id: 1e9e805e1961fb6c1fcc228b5cc58289
x-served-by: cache-lga21980-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.627020,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js>; rel="canonical"
x-cache-hits: 1, 1634241

GET
H2 200 montserrat_n3.e9c2ec7697570c33b13645dbd15f3f729c5e921b.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
22 KB 55ms
20ms Font
font/woff2 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n3.e9c2ec7697570c33b13645dbd15f3f729c5e921b.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=7bf5cb85c6dca4f62eefa03b91f785ce431e738d934dbe59e921f596c6e7d39f
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a4210ade60d5b7d00769d91619148e738767108818212e45edbf32996c9adf00

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 varnish
age: 11182624
x-guploader-uploadid: ADPycdufs759nUoTztwNvQg09yKwfFjTcRYeIYi4BEUvp-ktMVCR7zAucPrPIbeCpWSoVtgLx1gNEIWkwpqFq_1oZaA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22336
x-request-id: 2df1ab2ddb9266dbe3558c891623f19a5fac920d1028837d66a1b97a4d4f7015
x-served-by: cache-yul12830-YUL
last-modified: Fri, 12 Mar 2021 19:42:37 GMT
server: UploadServer
x-timer: S1640799096.657370,VS0,VE0
etag: "1df66b81c35c93ff3be36d05682f2713"
x-goog-hash: crc32c=G//kLw==, md5=HfZrgcNck/87420FaC8nEw==
content-type: font/woff2
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 07:14:31 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 13358

GET
H2 200 roboto_n4.da808834c2315f31dd3910e2ae6b1a895d7f73f5.woff2
fonts.shopifycdn.com/roboto/ 20 KB
20 KB 64ms
29ms Font
font/woff2 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/roboto/roboto_n4.da808834c2315f31dd3910e2ae6b1a895d7f73f5.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=df10176f2ad3c00799cd5a2a386e098f8692b5c75a2fa27134672215ee77f5fb
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2deee13a48ba2fddd9440dd1b711193236285f8cc73ed5692055527a100cb35b

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 varnish
age: 17648856
x-guploader-uploadid: ABg5-UyJfpCcxeXeWLRO42dglGQpafz3rx1lTG4eC9-KqrqNfYZrwq6DvslBV1t270cCzoAxLb4itwHk-NFBhuuAxb0
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 20448
x-request-id: dcca555c33cc53e149b6c114bb2727a5ff76045eb718789da4b9d58036c88326
x-served-by: cache-yul12830-YUL
last-modified: Fri, 12 Mar 2021 22:45:11 GMT
server: UploadServer
x-timer: S1640799096.657483,VS0,VE0
etag: "c32845986a55e184047e928fbede46bb"
x-goog-hash: crc32c=8fXJzw==, md5=wyhFmGpV4YQEfpKPvt5Guw==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 11:03:59 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 221913

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1e6a9ba802ea841ae37cf17c683478c8175ed42f0852ccb7c603ef8b3a33e1

Request headers

Referer
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 oswald_n5.22b74dce86cb1e4738ccceb326c9284bc24641e9.woff2
fonts.shopifycdn.com/oswald/ 19 KB
19 KB 64ms
29ms Font
font/woff2 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/oswald/oswald_n5.22b74dce86cb1e4738ccceb326c9284bc24641e9.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=f322052e1f0f0920b9d77487d44e69f09158afdb2aa173021988e02367a866f8
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2e1af76b32424786d5f7c29d536a46040b1d80f4480d71d5956a80abbe65df59

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 varnish
age: 17649561
x-guploader-uploadid: ABg5-UysU7fiqB4fcHbD0z-Bh-5zrlm9FRg04mDyscE5JXN2OMvQs5qrqBEbPKJtvQvWtEylOANS1j4h_b6fzP_UIswJ2HRsUg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 19020
x-request-id: 2526209ce2c3ad269ab6eb5a1405317ab9214ea7652dbe7f7c61637ce4457b7e
x-served-by: cache-yul12830-YUL
last-modified: Fri, 12 Mar 2021 22:44:47 GMT
server: UploadServer
x-timer: S1640799096.657555,VS0,VE0
etag: "db4d6828540600e7a90a5b32cf9b3e29"
x-goog-hash: crc32c=wHV1wA==, md5=201oKFQGAOepClsyz5s+KQ==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:17 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 16762

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Destroyer_Flannel_Front_Navy_OffTheGridSurplus_1_4fcc345b-9526-4f66-9da4-829976e2f804_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
3 KB 24ms
21ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Navy_OffTheGridSurplus_1_4fcc345b-9526-4f66-9da4-829976e2f804_50x.jpg?v=1637187141

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

db25d19f94b4e7d012f94d05bcc6e276b65b4d40701bbf16bfa06a585248ab6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.752,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2240
x-xss-protection: 1; mode=block
x-request-id: 64c289176d5801959fa0ff90d7f35ab2
x-served-by: cache-lga21922-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.667688,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Navy_OffTheGridSurplus_1_4fcc345b-9526-4f66-9da4-829976e2f804_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Heather_Grey_Front_OffTheGridSurplus_1_f28866c3-000b-4460-a9dd-5a9d020751f5_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
2 KB 23ms
12ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Heather_Grey_Front_OffTheGridSurplus_1_f28866c3-000b-4460-a9dd-5a9d020751f5_50x.jpg?v=1637187125

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

14fc7825102f0dc6cf11734a114ea27eb98e0783c2d907d8843ac720b7eb1475

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=2.793,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2206
x-xss-protection: 1; mode=block
x-request-id: 563e9cf19361258e8797b01354f57c2c
x-served-by: cache-lga21939-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.668970,VS0,VE3
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Heather_Grey_Front_OffTheGridSurplus_1_f28866c3-000b-4460-a9dd-5a9d020751f5_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Front_Army_Green_OffTheGridSurplus_1_a030087c-edd7-47e9-b88b-6712e7ebb90d_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
2 KB 24ms
4ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Army_Green_OffTheGridSurplus_1_a030087c-edd7-47e9-b88b-6712e7ebb90d_50x.jpg?v=1637187190

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

0728780b4b82349f776f0a02453f90b2b9927bd838c501d4b83794dc53f84381

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.778,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2142
x-xss-protection: 1; mode=block
x-request-id: 2dc1399a890c5fdc4c65abb30bf30edb
x-served-by: cache-lga21940-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.678310,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Army_Green_OffTheGridSurplus_1_a030087c-edd7-47e9-b88b-6712e7ebb90d_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Front_Deep-Red_OffTheGridSurplus_1_0aedcf23-5e6a-4c4c-9ab9-1494b595eff0_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
3 KB 26ms
6ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Deep-Red_OffTheGridSurplus_1_0aedcf23-5e6a-4c4c-9ab9-1494b595eff0_50x.jpg?v=1637187113

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

fad12d868b24d7ebc093481e6cd8fce73cd3baa3b7108fd1512ad24b04c9c8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.196,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2260
x-xss-protection: 1; mode=block
x-request-id: 7f7211cad7783bb95ef48f4fc3d18c30
x-served-by: cache-lga13628-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.678439,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Deep-Red_OffTheGridSurplus_1_0aedcf23-5e6a-4c4c-9ab9-1494b595eff0_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 34525_b_fl_50x.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
2 KB 32ms
6ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/34525_b_fl_50x.png?v=1636026860

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

d4d5fb1161305d7d2ddf97dcdc67ad850ccbf4f50623f2a2033255d98619dec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.706,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1758
x-xss-protection: 1; mode=block
x-request-id: 07fb1184ec150727eaf173fca81a3191
x-served-by: cache-lga21971-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.687091,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/34525_b_fl_50x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 LFOD_50x.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
2 KB 31ms
7ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/LFOD_50x.png?v=1636026803

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

8af58e90172230facb650303601db667ed8bb7e149e842384415638fb0b3c70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.631,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1886
x-xss-protection: 1; mode=block
x-request-id: 9b415816e1d6b74281341abf0b03d3f0
x-served-by: cache-lga21978-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.696336,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/LFOD_50x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Willys_Tee_Navy_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 37ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Navy_Off_The_Grid_Surplus_50x.jpg?v=1624469365

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

546ab4b073e1f9c80d12d5ab38315399fdb41240430ee24173a7d6c53c92e69f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.758,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1378
x-xss-protection: 1; mode=block
x-request-id: 91c4e64e50e6d0f610f7356b2e297172
x-served-by: cache-lga21960-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.702804,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Navy_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Willys_Tee_Maroon_Off-The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 36ms
13ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Maroon_Off-The_Grid_Surplus_50x.jpg?v=1624469365

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

2af2b7f88ab3e6576c237c1fdedf3283b91913a8b57a88a4706cf6046342daac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.403,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1454
x-xss-protection: 1; mode=block
x-request-id: abceaa20b5d6b02df4cae5024d3f14ae
x-served-by: cache-lga21921-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703088,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Maroon_Off-The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Stacked_Mens_Tee_Asphalt_Front_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 39ms
16ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_Mens_Tee_Asphalt_Front_Off_The_Grid_Surplus_50x.jpg?v=1620492763

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

d72990add621f49f021a0e527a7f91be7ec71570c024c55eab5d14dfd5b2c4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.849,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1416
x-xss-protection: 1; mode=block
x-request-id: cdcaab7adb100593b781f4d2e41658ea
x-served-by: cache-lga21948-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703156,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_Mens_Tee_Asphalt_Front_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Stacked_mens_Tee_Athletic_Heather_Front_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 38ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_mens_Tee_Athletic_Heather_Front_Off_The_Grid_Surplus_50x.jpg?v=1620492763

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

e304bd3f1e292076d36fc6bd4f82dfa1168a2d3e1c3121705f7f27e5a89581a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.757,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1250
x-xss-protection: 1; mode=block
x-request-id: badcdbd4f40b4cf08265c772ade37f30
x-served-by: cache-lga21951-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703178,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_mens_Tee_Athletic_Heather_Front_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
3 KB 40ms
18ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_50x.jpg?v=1614972298

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

28fbf3b536dee83b18754f754eb2cbb33c3a4e3cd1592c37fade9b4d7c7e281e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.147,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2306
x-xss-protection: 1; mode=block
x-request-id: adfd25a7008ce796ce9be10db43818ed
x-served-by: cache-lga13628-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703278,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Lightning_Bolt_Short_Sleeve_Front_1_Pale_Blue_Offthegrid_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
3 KB 38ms
17ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_1_Pale_Blue_Offthegrid_50x.jpg?v=1614972298

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

b8cd11c961a4abc8d9211c50fa4e3c93e11752b14c529a3a09ae25432b3fdd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.892,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2540
x-xss-protection: 1; mode=block
x-request-id: 3457141a60b7c9f5a6f31bae39bb50bf
x-served-by: cache-lga21926-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703440,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_1_Pale_Blue_Offthegrid_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Lightning_Bolt_Short_Sleeve_Front1_Pale_Red_Offthegrid_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 2 KB
3 KB 40ms
20ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front1_Pale_Red_Offthegrid_50x.jpg?v=1614972298

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

b64c860968abd8c89c202b115db4768b5d97422c9bfadd51ef2a8c64db4a4c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.105,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2500
x-xss-protection: 1; mode=block
x-request-id: 4b4406307026ecec8c8507ff720788aa
x-served-by: cache-lga21971-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703395,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front1_Pale_Red_Offthegrid_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 A-Train-USA-MADE-TEE-BLACK-OFF-THE-GRID-SURPLUS_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 44ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A-Train-USA-MADE-TEE-BLACK-OFF-THE-GRID-SURPLUS_50x.jpg?v=1596668642

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

5be5b9b53afe130122b4acc8748c5cf17225eb0f2dc5850c7111eca37e8afd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=10.926,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1516
x-xss-protection: 1; mode=block
x-request-id: e3d01ee59766e99051a71a249452e6d2
x-served-by: cache-lga21964-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703606,VS0,VE11
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A-Train-USA-MADE-TEE-BLACK-OFF-THE-GRID-SURPLUS_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 A_Train_Tee_Army_Green_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 38ms
19ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A_Train_Tee_Army_Green_Off_The_Grid_Surplus_50x.jpg?v=1608332037

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

126904f2376de8b9f8e3862bbed7ca39cd9304c738a4167e4ec7594ec2df56f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.804,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1276
x-xss-protection: 1; mode=block
x-request-id: 5948d1964f1ccad45cd72757c1f4c721
x-served-by: cache-lga21923-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703652,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A_Train_Tee_Army_Green_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Solid_Logo_Tee_Black_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 40ms
20ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Black_Off_The_Grid_Surplus_50x.jpg?v=1620490279

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

214762c449322bc1e6937fbb85062c4cd6dcbe12bd43ffa98ece1b72b212998a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.925,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1390
x-xss-protection: 1; mode=block
x-request-id: 4b4ba778c880124a2d0704c6deedafb1
x-served-by: cache-lga21951-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.703623,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Black_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Solid_Logo_Tee_Heather_Grey_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 42ms
22ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Heather_Grey_Off_The_Grid_Surplus_50x.jpg?v=1620490279

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

3767b20b36502d9e11f6cd5e6005679fcbfa50447d358bd5296b4ae4eb892df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.929,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1206
x-xss-protection: 1; mode=block
x-request-id: 94ff209c7bab551d24d70a4912c9279a
x-served-by: cache-lga21980-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.709872,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Heather_Grey_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Solid_logo_Tee_Navy_Front_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 40ms
21ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_logo_Tee_Navy_Front_Off_The_Grid_Surplus_50x.jpg?v=1620490290

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

1ae5e315d9a282e45e5c7f1515f05482eebd4be770acfb7579168f2c466c327c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.579,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1508
x-xss-protection: 1; mode=block
x-request-id: 760d78b10d16062fab9bbdfa2a007579
x-served-by: cache-lga13625-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.709914,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_logo_Tee_Navy_Front_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Solid_Logo_Tee_Military_Green_Front_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 46ms
27ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Military_Green_Front_Off_The_Grid_Surplus_50x.jpg?v=1620490663

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

9d7d00fa3933186713cab4f9bb9889b25bdfc52f4a6629c1268b234a4c140bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=8.702,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1300
x-xss-protection: 1; mode=block
x-request-id: d0210844ed6394c2572526b76ff764af
x-served-by: cache-lga21954-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.709957,VS0,VE9
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Military_Green_Front_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Old_Fashioned_Tee_Charcoal_Front_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 42ms
23ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioned_Tee_Charcoal_Front_Off_The_Grid_Surplus_50x.jpg?v=1608332935

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

e83049ad4d62a3d853e19ee2bcf30b7695582e92793b173719723eeae428628a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.839,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1272
x-xss-protection: 1; mode=block
x-request-id: 4d3bc0816595d5087427f2e2fa3f64a9
x-served-by: cache-lga21970-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.710045,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioned_Tee_Charcoal_Front_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Old_Fashioned_Tee_Denim_Blue_Front_Off_The_Grid_Surplus_50x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 1 KB
2 KB 40ms
22ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioned_Tee_Denim_Blue_Front_Off_The_Grid_Surplus_50x.jpg?v=1608409715

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

c47aee1e311f6815ef6af5b97db497cca533522f5b76218174eeac0c825c3fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.710,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1316
x-xss-protection: 1; mode=block
x-request-id: 1dbb52534b97f5735fd1bc081be552dc
x-served-by: cache-lga21951-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.710097,VS0,VE1
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioned_Tee_Denim_Blue_Front_Off_The_Grid_Surplus_50x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 oswald_n7.f71e68b857a7b8128a7629452b9c6bf9468356a7.woff2
fonts.shopifycdn.com/oswald/ 19 KB
19 KB 31ms
12ms Font
font/woff2 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/oswald/oswald_n7.f71e68b857a7b8128a7629452b9c6bf9468356a7.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=fbe3335a45108f0bef6563fb2de4b87745e8ea62606403dea088c7df628d50f3
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fbe5c6d5f501249b3a91381155a58a017883450ea5483688a98014a16963066a

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 varnish
age: 17649296
x-guploader-uploadid: ABg5-UzjQe4eq-72_sPG72NvMcwbUWzO0P6oAMdJ6vgdDnLNiLrAoNnG9sR-7XvQyC44IsCZkxE8Jq2V-l61_yZez4k6syP8hA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 19080
x-request-id: 33d3295fe5762b44bd77eaec505b623be4175cba3aef31df73f9e262e41c0628
x-served-by: cache-yul12830-YUL
last-modified: Fri, 12 Mar 2021 22:44:43 GMT
server: UploadServer
x-timer: S1640799096.702040,VS0,VE0
etag: "a00f503ce2b5c30a4f74198fde864012"
x-goog-hash: crc32c=/gGFqw==, md5=oA9QPOK1wwpPdBmP3oZAEg==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:56:39 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 36965

GET
H2 200 montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
23 KB 30ms
12ms Font
font/woff2 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=deec0a9f79123ed251dfdc0e1af35e40a87d220241907dd687e2173c23eaab8b
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
via: 1.1 varnish
age: 17649616
x-guploader-uploadid: ABg5-UyJOzlPq7GjwvtDGuOQ54Uy0G_RseiDIBPt6bLPX3vw4CPbwgRxr_EyPxTYsXKNb-luCY4zrRu4wqpPNUrzd7LsmOj_CQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22716
x-request-id: 9a671833982b19e510f20665a428ea3c82d6279fc56dbdab6e39bcdb8fe91292
x-served-by: cache-yul12830-YUL
last-modified: Fri, 12 Mar 2021 19:42:32 GMT
server: UploadServer
x-timer: S1640799096.702169,VS0,VE0
etag: "2b2b7174f2b09919c27c5fd48454e722"
x-goog-hash: crc32c=zel/7g==, md5=KytxdPKwmRnCfF/UhFTnIg==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:51:20 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 265914

GET
H2 200 / Show response
cdn.avmws.com/1020789/ 4 KB
2 KB 102ms
25ms Script
application/javascript 13.225.63.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avmws.com/1020789/
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-100.ewr53.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a688b2f6a4f1192454b282c3c48eceef618d23c7d8e5e50fd9c814397c2a2730

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:02:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Dec 2021 12:27:42 GMT
server: Apache/2.4.29 (Ubuntu)
age: 2521
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C1
content-length: 1608
x-amz-cf-id: xNudMtwP-vwfQQAEmGS2fmPsjV1RZwM7BUEKLW42By8T6vbvuBdyrw==

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
480 B 182ms
64ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 2c8aa1cf-676e-445c-855c-987e543c54da

GET
H2 200 6898 Show response
config.gorgias.chat/applications/ 106 B
734 B 1054ms
1010ms XHR
application/json 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/applications/6898

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd6d17801d56024162590291490d1560ef06d1831ed0721d2191841367a74b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6a-4PkSe+On63JNphqVNt3lxDP8LVs"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 6c54c34d6e637151-YUL
expires: Wed, 29 Dec 2021 21:31:36 GMT

GET
H2 200 cart.js Show response
offthegridsurplus.com/ 283 B
329 B 83ms
81ms XHR
text/javascript 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

d0fef5189d5f409384831d0a7878d155f1aa3caf0ef510e0f05bcaf2463cf453

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 25921126454
x-request-id: ddba68d5-ceeb-42f3-abf8-ed15abae6785
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 6c54c34d68b27145-YUL
x-sorting-hat-podid: 53
x-cartjs-updatedat: 0

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 4 KB
2 KB 14ms
13ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12829-YUL /

Resource Hash

895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.109,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1475
x-xss-protection: 1; mode=block
x-request-id: 4692b08a322ba3b91d78db1a6b340d32
x-served-by: cache-lga13625-LGA, cache-yul12829-YUL
server: cache-yul12829-YUL
x-timer: S1640799096.946132,VS0,VE0
date: Wed, 29 Dec 2021 17:31:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits: 1, 3359

GET
H2 200 session Show response
shop.app/pay/ 18 B
1 KB 130ms
92ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,us-east1
p3p: CP="Not used"
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7f3d4757-4fff-4564-aa34-0f964212a642
x-runtime: 0.003787
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://offthegridsurplus.com
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6c54c34e0b68714a-YUL
x-sorting-hat-podid: -1
access-control-expose-headers

GET
H2 200 widget.min.css
cdn1.stamped.io/files/ 111 KB
17 KB 120ms
25ms Stylesheet
text/css 2620:1ec:bdf::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.css
Requested by: Host: cdn2.stamped.io
URL: https://cdn2.stamped.io/files/widget.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 12c32726157ba0336b4c3ed889cc847c1f1e4d4db7c6ea1d02903957f1abbf63

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 17:31:35 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 08:16:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: FufXVD5mlFP/fWnRF5Iq9w==
etag: 0x8D9B959F0A2D37C
x-azure-ref: 0eJvMYQAAAABLrXaaDf8URoV90uo4xJAVWU1RMDFFREdFMDkyMQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b23ba083-101e-012d-5a92-f850fa000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0ImvJYQAAAACJAS2KEIx0SpHUxhv9YjcfU04xRURHRTIxMTcAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 159ms
37ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/jquery.min.js?v=6093865874309170411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 15:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 17:31:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 17:31:36 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 188ms
83ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-796512322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 17:31:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 67ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: BzjjO7i2f1z4DPGEJfNOzHfjsmRIhdU4z+sjSfgXdc/7+NaP1ChIJpGyKU7RNKMr8Jp3TG2r4uegTlhU2MIbIA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
25ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3037
date: Wed, 29 Dec 2021 16:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 18:40:59 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 104ms
48ms Script
application/javascript 13.225.63.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-75.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
x-amz-cf-id: UhqyMXptMQr-PbKZC5Cp_j-l847HMfMEFR1o1bCqF6inExKHtElYgg==

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
18 KB 15ms
14ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.104,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17388
x-xss-protection: 1; mode=block
x-request-id: b3ae10cedc8093f40a60dd92858b8e57
x-served-by: cache-lga21967-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.145891,VS0,VE0
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 1, 4434114

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
479 B 53ms
52ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: c59f9601-e6f1-49a2-b144-cbd8df41062c

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
479 B 51ms
50ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: db0636d7-2b43-423b-852f-ba3fac9be4cd

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
479 B 57ms
54ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: c8c02c9c-0694-4736-84ed-0737146848f4

GET
H2 200 shopify.css
manychat.com/static/ 2 KB
785 B 108ms
108ms Stylesheet
text/css 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/shopify.css?1640799096181
Requested by: Host: manychat.com
URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: b75e2eaf064cf7619e6e397cb613befd6b3490714b02f4e8071646b26389b83d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: gzip
last-modified: Fri, 24 Dec 2021 10:28:39 GMT
server: openresty/1.19.3.2
etag: W/"61c5a0d7-8fb"
content-type: text/css
cache-control: max-age=432000
expires: Mon, 03 Jan 2022 17:31:36 GMT

GET
H2 200 440003476104865.js Show response
widget.manychat.com/ 2 KB
2 KB 415ms
102ms Script
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.manychat.com/440003476104865.js
Requested by: Host: manychat.com
URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: cc0471d6ed70bbf70f3ea7c0d4d0237544907cd43f6259b0c239720dbd3cbba7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
cache-control: no-store
server: openresty/1.19.3.2
content-encoding: gzip
content-type: text/plain; charset=utf-8

GET
H2 200 filter Show response
services.mybcapps.com/bc-sf-filter/ 152 KB
17 KB 398ms
138ms Script
text/javascript 52.88.109.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services.mybcapps.com/bc-sf-filter/filter?t=1640799096253&_=pf&shop=otgsurplus.myshopify.com&page=1&limit=28&sort=created-descending&display=grid&collection_scope=170069557302&tag=&product_available=false&variant_available=false&build_filter_tree=true&check_cache=true&callback=BoostPFSFilterCallback&event_type=init

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-core.js?v=16375029052719698201

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.109.193 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-109-193.us-west-2.compute.amazonaws.com

Software

Resource Hash

afdb988e1e395fd09e6db7b8c07a13acaf3aab7cea668159573c73907155b6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-headers: X-Requested-With
etag: W/"25e00-d1mZQu5U3hYEvhwhrD45ZskLHkc"
strict-transport-security: max-age=31536000;
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-content-type-optionas: text/javascript
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6b297b1797d720234e19a4d5208f10120afc9cb8eda8db02b55ea8fa1e7b3cf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b05a23e1e7b9cb24f820034e79b75822dc585533a91d6a34faa47cd3e3088a87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
479 B 63ms
56ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 3c615f0e-2d20-49b2-ab2c-471073b599f4

GET
H2 200 IND4000C-TCMO_2048x_74ce4909-75e1-43ca-899c-eb3ce9e8a3e2_360x.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 51 KB
52 KB 40ms
37ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/IND4000C-TCMO_2048x_74ce4909-75e1-43ca-899c-eb3ce9e8a3e2_360x.png?v=1640721557

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

b53fe824d949cf67350f05e471946b50432a5ccbe8223e01c01379760056dc99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.625,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.758,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.647,cdnOriginTTLB;dur=10.674
content-length: 52564
x-xss-protection: 1; mode=block
x-request-id: 133b86add4b46113716992570a4348e9
x-served-by: cache-lga21962-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.341865,VS0,VE11
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/IND4000C-TCMO_2048x_74ce4909-75e1-43ca-899c-eb3ce9e8a3e2_360x.png>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Destroyer_Flannel_Front_Navy_OffTheGridSurplus_1_4fcc345b-9526-4f66-9da4-829976e2f804_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 42 KB
42 KB 16ms
13ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Navy_OffTheGridSurplus_1_4fcc345b-9526-4f66-9da4-829976e2f804_360x.jpg?v=1637187141

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

f33c6ba574d801c2090a4e8027e6a551dfc17d5fd5c08f9ea59a5fee7a4cd359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.153,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 43124
x-xss-protection: 1; mode=block
x-request-id: 27e8ff7deed4b5c9d65d1ebd0227340f
x-served-by: cache-lga21939-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.342408,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Navy_OffTheGridSurplus_1_4fcc345b-9526-4f66-9da4-829976e2f804_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Heather_Grey_Front_OffTheGridSurplus_1_f28866c3-000b-4460-a9dd-5a9d020751f5_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 33 KB
34 KB 28ms
25ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Heather_Grey_Front_OffTheGridSurplus_1_f28866c3-000b-4460-a9dd-5a9d020751f5_360x.jpg?v=1637187125

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

c3eb4175a08fcf646254c229c413f13ad74519b71c0a1c83040d4065c310ccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.055,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 34076
x-xss-protection: 1; mode=block
x-request-id: 5909cad9667480a36758a50325db7d47
x-served-by: cache-lga21920-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.342653,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Heather_Grey_Front_OffTheGridSurplus_1_f28866c3-000b-4460-a9dd-5a9d020751f5_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Front_Army_Green_OffTheGridSurplus_1_a030087c-edd7-47e9-b88b-6712e7ebb90d_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 41 KB
42 KB 27ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Army_Green_OffTheGridSurplus_1_a030087c-edd7-47e9-b88b-6712e7ebb90d_360x.jpg?v=1637187190

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

3adf315100cc7bc9c2745077441147d9d10fdea4e915911b0a1831fad357b71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.924,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 42366
x-xss-protection: 1; mode=block
x-request-id: e0d68be97f09fce206461ea950bb5879
x-served-by: cache-lga21966-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.342715,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Army_Green_OffTheGridSurplus_1_a030087c-edd7-47e9-b88b-6712e7ebb90d_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Front_Deep-Red_OffTheGridSurplus_1_0aedcf23-5e6a-4c4c-9ab9-1494b595eff0_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 41 KB
42 KB 29ms
26ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Deep-Red_OffTheGridSurplus_1_0aedcf23-5e6a-4c4c-9ab9-1494b595eff0_360x.jpg?v=1637187113

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

23555278462a12a92d6ca5838bf005032ba0be3d348e66e31673e98c42e22f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.616,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 42204
x-xss-protection: 1; mode=block
x-request-id: 049aa5f29127c4e7d1dbd116998ddfd8
x-served-by: cache-lga21957-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.344625,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Front_Deep-Red_OffTheGridSurplus_1_0aedcf23-5e6a-4c4c-9ab9-1494b595eff0_360x.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 34525_b_fl_360x.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 12 KB
13 KB 28ms
27ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/34525_b_fl_360x.png?v=1636026860

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

95c1f4870b98942e5b675c5c70f103dd5bcbc1c8098b2c5580291452557f945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.284,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 12668
x-xss-protection: 1; mode=block
x-request-id: eca143096be911773c91313092bb839d
x-served-by: cache-lga21933-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.354483,VS0,VE0
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/34525_b_fl_360x.png>; rel="canonical"
x-cache-hits: 59, 3

GET
H2 200 LFOD_360x.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 14 KB
14 KB 30ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/LFOD_360x.png?v=1636026803

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

9c503c9a47449bfe285503dbd9987ab6f8dad57d340b50baa9f397f12a2737d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.675,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 14564
x-xss-protection: 1; mode=block
x-request-id: b2cd533dd8e4c60c76c5c02cdd182ecf
x-served-by: cache-lga21955-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.354712,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/LFOD_360x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Willys_Tee_Maroon_Off-The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 7 KB
8 KB 28ms
27ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Maroon_Off-The_Grid_Surplus_360x.jpg?v=1624469365

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

643bd02ad14ba953146cf016d6781ad6320e694214bbb3c455ad1b0f383c4915

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=0.977,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.348,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.323,cdnOriginTTLB;dur=10.203
content-length: 7562
x-xss-protection: 1; mode=block
x-request-id: e94863ee19b31c8840ea727a1b3f016c
x-served-by: cache-lga21956-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799096.354753,VS0,VE10
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Maroon_Off-The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H3 200 152908632034579 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 97ms
74ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/152908632034579?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e7c72159cc27c709e5cd6857eb1ec68a7ab4935a791b076d59eb52f30e025cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: akZfhsHPtTdiYk8R8JG7NZPCDep5zQ87z/Z7weDawp57iz27mdfMnxCdhUkgvmeKW6tisAsKeAob4yHbiIObTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 157ms
57ms XHR
text/plain 2607:f8b0:4023:1407::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-112975948-1&cid=1858008651.1640799096&jid=305091963&gjid=345032649&_gid=1174306788.1640799096&_u=YGBAgEABBAAAAE~&z=1677652426

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1407::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 29 Dec 2021 17:31:36 GMT
content-type: text/plain
access-control-allow-origin: https://offthegridsurplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
21ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1644399250&t=pageview&_s=1&dl=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&dp=%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&ul=en-us&de=UTF-8&dt=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=305091963&gjid=345032649&cid=1858008651.1640799096&tid=UA-112975948-1&_gid=1174306788.1640799096&did=BwiEti&z=1238622733

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 03:03:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52108
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/ 2 KB
2 KB 95ms
40ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/?random=1640799096418&cv=9&fst=1640799096418&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c1d5e470cfce1de724cf121822b91bb691496f00b43a92126a8bd46e7e25f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/796512322/ 2 KB
1 KB 79ms
45ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/796512322/?random=1640799096422&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

53362d8dc2432d62569537c9e3e74f63faeb6c6c3cb504e2117fed3c729136eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
796512322.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/796512322/ 0
0 105ms
38ms Image
text/html 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://796512322.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/796512322/?random=1640799096422&cv=9&fst=1640799096422&num=1&fmt=3&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 77ms
42ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=85b9b802-6e2e-4926-a484-f63f172d2bf0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

fcd0e1cc60c87c8b844e2203e61394ce838b4b020b5ad26ecc1a3aadd849d903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 6622 672 B
1 KB 82ms
53ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=85b9b802-6e2e-4926-a484-f63f172d2bf0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

server: nginx/1.17.3
date: Wed, 29 Dec 2021 17:31:36 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 p Show response
tr.snapchat.com/ Frame EBD4 0
15 B 66ms
49ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://offthegridsurplus.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

server: nginx/1.17.3
date: Wed, 29 Dec 2021 17:31:36 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Stacked_Mens_Tee_Asphalt_Front_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 17 KB
17 KB 34ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_Mens_Tee_Asphalt_Front_Off_The_Grid_Surplus_360x.jpg?v=1620492763

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

a0fb3fa8869c0f8ed9cc4c170d50e2f4c7d377e78b2e03d8e25735085194ef9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=0.921,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.563,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=8.536,cdnOriginTTLB;dur=10.479
content-length: 17252
x-xss-protection: 1; mode=block
x-request-id: df9a735a06c5bd8873a2a629df6ad45a
x-served-by: cache-lga21931-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799097.544442,VS0,VE11
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_Mens_Tee_Asphalt_Front_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 49 KB
49 KB 20ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_360x.jpg?v=1614972298

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

23c50cb52b7a844d64106e8d4b8ff612a9d1fe60e5f98dcec7ee3005b41f2886

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.147,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 49744
x-xss-protection: 1; mode=block
x-request-id: 17e0e470279a6c59bb6ce4cf4cb5ff63
x-served-by: cache-lga21983-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799097.546801,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 A_Train_Tee_Black_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 10 KB
11 KB 35ms
29ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A_Train_Tee_Black_Off_The_Grid_Surplus_360x.jpg?v=1608332038

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

442e79c2635c1adb9c77d3c375f35df5ab745da630e7e306905c980249ff9b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=0.822,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=9.252,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=8.429,cdnOriginTTLB;dur=9.158
content-length: 10302
x-xss-protection: 1; mode=block
x-request-id: 0d2a7ad1abf512acd821742de7c9f382
x-served-by: cache-lga21974-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799097.547097,VS0,VE9
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A_Train_Tee_Black_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Solid_Logo_Tee_Black_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 8 KB
9 KB 31ms
26ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Black_Off_The_Grid_Surplus_360x.jpg?v=1620490279

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

decadbf784d4b18cb48d1d98ac47344173662f4a62eb4f6552e3487aec1ac1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.931,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 8612
x-xss-protection: 1; mode=block
x-request-id: 8bf1ffe6ad5934622d263ccfa40b0573
x-served-by: cache-lga13626-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799097.547308,VS0,VE1
date: Wed, 29 Dec 2021 17:31:36 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid_Logo_Tee_Black_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H3

200

/
www.google.ca/pagead/1p-conversion/796512322/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.ca/pagead/1p-conversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

73ms
44ms

Image
image/gif

2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eJvMYfGwHYmNoPMPuua4eA&cid=CAQSKQCNIrLMAfSiqrKRD9phWdh-hMWfYArpYKuLD0N47nk36POnNGDBEPH9&random=2649502605&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-conversion/796512322/?random=1032297283&cv=9&fst=1640799096422&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fcollections%2Fmens-tops%3Bpage_title%3DMens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&auid=568739921.1640799096&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eJvMYfGwHYmNoPMPuua4eA&cid=CAQSKQCNIrLMAfSiqrKRD9phWdh-hMWfYArpYKuLD0N47nk36POnNGDBEPH9&random=2649502605&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/796512322/ 42 B
548 B 94ms
41ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/796512322/?random=1640799096418&cv=9&fst=1640797200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&async=1&fmt=3&is_vtc=1&random=749394802&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/796512322/ 42 B
154 B 107ms
40ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/796512322/?random=1640799096418&cv=9&fst=1640797200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&tiba=Mens%20Tops%20%E2%80%93%20Off%20The%20Grid%20Surplus&async=1&fmt=3&is_vtc=1&random=749394802&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 78ms
23ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=152908632034579&ev=PageView&dl=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&rl=&if=false&ts=1640799096581&sw=1600&sh=1200&v=2.9.48&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1640799096567.1936642933&it=1640799096394&coo=false&eid=073f5234-D9DD-4265-0102-26AB9A489B15&exp=p0&rqm=GET

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 29 Dec 2021 17:31:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 41ms
39ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-112975948-1&cid=1858008651.1640799096&jid=305091963&_u=YGBAgEABBAAAAE~&z=900896901

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 47ms
40ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-112975948-1&cid=1858008651.1640799096&jid=305091963&_u=YGBAgEABBAAAAE~&z=900896901

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 17:31:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.js Show response
mccdn.me/assets/js/ 389 KB
94 KB 83ms
36ms Script
application/javascript 2606:4700:20::681a:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mccdn.me/assets/js/widget.js
Requested by: Host: widget.manychat.com
URL: https://widget.manychat.com/440003476104865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1785d5d792bf4a89a05b874067db9ce766a324be2031adb48dca6c000cbbee5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Dec 2021 15:43:37 GMT
server: cloudflare
age: 6457
etag: W/"61cc8229-6150d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5E9v3Q1s6W4tBOzCU7Dguzb%2BG3n4G8yqHHa0b%2BsOI29oo4o%2FZ%2Fc8bXPpJ68IqQCxa%2FcuIyTEbUzEQKOG%2F8jhy89bzv72YY1NPwUuv2vLZCUTYmzEVJJTVro9r7F4DV4oIPGBsID"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c54c3524ec3ecee-YUL

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 6622 18 KB
7 KB 24ms
23ms Script
application/javascript 13.225.63.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=85b9b802-6e2e-4926-a484-f63f172d2bf0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-75.ewr53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 22:35:35 GMT
content-encoding: gzip
server: CloudFront
age: 68161
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR53-C1
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 2ead2a81ff8cd9f180f8ec7fa0607b6e.cloudfront.net (CloudFront)
x-amz-cf-id: HdgCTnmFdMEOdxRQJNGE7kzcgVAaQTSh_E3iJHv0jOSZMe6N9fGc8A==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 4E32
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140&cb=1640799096672
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640760638463%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640760638463%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1640760638463&pnid=140&pcid=19c5c036-a346-46ad-8715-b55c302d4539

0
15 B

57ms
56ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1640760638463&pnid=140&pcid=19c5c036-a346-46ad-8715-b55c302d4539

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.17.3
date: Wed, 29 Dec 2021 17:31:36 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Wed, 29 Dec 2021 17:31:36 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1640760638463&pnid=140&pcid=19c5c036-a346-46ad-8715-b55c302d4539
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 gorgias-chat-bundle-loader.js Show response
client-builds.production.gorgias.chat/new_bundle/ 734 B
1 KB 835ms
780ms Script
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-builds.production.gorgias.chat/new_bundle/gorgias-chat-bundle-loader.js?applicationId=6898&ignore=/static/js/main.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5c092e95f38248ca06af625b3acb600ed031ed46274bf1050f78c11787bc34d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
surrogate-key: chat-bundle-loader-script chat-bundle-loader-script-6898
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2de-ZudqwpIm/2qO4+ZRUsZzaI362P8"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400, s-max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 6c54c354591eecea-YUL

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 313ms
103ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://offthegridsurplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.19.3.2
date: Wed, 29 Dec 2021 17:31:37 GMT
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ 1 KB
407 B 67ms
37ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a29ba0f6932eb8739dd912132b404719aee8a8506e428f4395fd7816f8312cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 16:16:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 17:31:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 17:31:37 GMT

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 104ms
104ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: gzip
server: openresty/1.19.3.2
content-type: application/json

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bd4d468b438f2707631042f0650b5627be90b48a90b527ebd29cf5d8a056d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lk7ue7tZbIAu4FS1QOcuEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: ZcToJFL1J5bU2EnED3JrvFFBVX7cRMDsu2CvBUUAcoEgcGrDZ8u82Kbj+6xBQ/1+f5788qzxM0/SAVg6RVN6gw==
x-fb-content-md5: c7a9d88a5fa22391e8c76c998434f662
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9e51889f57845760e1e13c86c9fa4d78"
timing-allow-origin: *
priority: u=1,i
expires: Wed, 29 Dec 2021 17:35:23 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 73ms
21ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 04:58:07 GMT
x-content-type-options: nosniff
age: 45210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 04:58:07 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 85ms
34ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:34:02 GMT
x-content-type-options: nosniff
age: 129455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 05:34:02 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 50ms
24ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=152908632034579&ev=Microdata&dl=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&rl=&if=false&ts=1640799097153&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mens%20Tops%5Cn%E2%80%93%20Off%20The%20Grid%20Surplus%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Off%20The%20Grid%20Surplus%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%22%2C%22og%3Atitle%22%3A%22Mens%20Tops%22%2C%22og%3Atype%22%3A%22product.group%22%2C%22og%3Adescription%22%3A%22We%20make%20apparel%20for%20the%20motor-driven%20adventurist.%20Brought%20to%20you%20by%20action-sports%2Foutdoor%20clothing%20designer%2C%20Josh%20Patterson.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0259%2F2112%2F6454%2Ffiles%2FFacebook-URL-image_1200x1200.jpg%3Fv%3D1596578496%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0259%2F2112%2F6454%2Ffiles%2FFacebook-URL-image_1200x1200.jpg%3Fv%3D1596578496%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A60%2C%22w%22%3A148%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2F%22%2C%22logo%22%3A%22%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0259%2F2112%2F6454%2Ffiles%2FOff-The-Grid-Dark-LOGO_300x.png%3Fv%3D1575529671%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1640799096567.1936642933&it=1640799096394&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 29 Dec 2021 17:31:37 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 55ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=01b3543bbab27e6a24c3a0fb900585da

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f915d80c2c9926d77acfacd0a3ea95c4c7eaf0381797051f4b3319e7c4e584a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sN/Fa/1wfXZu21z/QyQbvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83418
x-fb-rlafr: 0
x-fb-debug: Da41yHvoBDKmvZQD245GdjvgQk851rlwgSq5+Bu1RBr0q6NAlbzrYyXaQ+wqqvOFTM3q4Wx4ahTmLXOVcpOGzg==
x-fb-content-md5: f0f6a46ead5c9e330e06b28d8f92081b
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "cd18460bf9ed96e345c6825e993724d4"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Dec 2022 16:12:38 GMT

GET
H3 200 send_to_messenger.php Show response
www.facebook.com/v12.0/plugins/ Frame 78CD 53 KB
16 KB 118ms
117ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=01b3543bbab27e6a24c3a0fb900585da

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7eb561c2cafef5ecec6ee529c1563d0cd43db7e2fcc3efcc958425ad870b9a1e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: vbaVSJQfPEL+OV/rCUoAHaX2C+Shy12bY3DF/WaznijJdh/OLHYUeAgHFnfisWj8evvLefP6gMP7PuKSSowETA==
date: Wed, 29 Dec 2021 17:31:37 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 24ms
23ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532160876956612&ev=fb_page_view&dl=https%3A%2F%2Foffthegridsurplus.com%2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS&rl=&if=false&ts=1640799097417&sw=1600&sh=1200&at=

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 29 Dec 2021 17:31:37 GMT

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 104ms
104ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://offthegridsurplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.19.3.2
date: Wed, 29 Dec 2021 17:31:37 GMT
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 104ms
104ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: gzip
server: openresty/1.19.3.2
content-type: application/json

GET
H3 200 mens-tops.json Show response
offthegridsurplus.com/collections/ 209 B
1 KB 101ms
100ms XHR
application/json 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/collections/mens-tops.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

ebcf92a57322f2cc58e0e0866c10b32364b592d60ae0703a3ab8f7cbe9e41eb0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
x-cache: miss
content-type: application/json; charset=utf-8
x-alternate-cache-key: cacheable:9198f27291694229f3f118924b571647
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 25921126454
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: e9b5f72d-2e71-4b2d-888a-79b57426c191
cf-ray: 6c54c357199c7157-YUL
x-sorting-hat-podid: 53

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 86ms
85ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: rMaO3bwdFKSdx4+fz+8ZCr6Y6l0zPkrpmxsEFnBd9FTeTTaaCMLYmo4Rv7ypN59XYS1vckucvTZrHzrKPFdf8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 75ms
75ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: T/D3XUEBUjVjGYx3JZMnWPbZmdQ4cxG0+iDtbIONKGvZxjxouZnWBBLDkx3vCMF32RTMODpkflyELVgT2iPk0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 76ms
76ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: hoMmzCnkHqshr9JJXm2KiScY32SG7lYzRiMh9OT0KwmZD06gLKyWzp8oHUnBuRJzG/hDyjpa51Ua4gLXs4DqQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 77ms
77ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: /6UsWcJEgvW/8+EsZh/BnpmEO7o9q4iCG7oGgLUyZ/yxm+m2sssy6u41M9fJ8gykJpS800V/vxneMjJmny/F6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 75ms
74ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: WlzsQHrmB98oeOKLSz2g1Z5yVNXHix6zTvGl0bnmYHH/yjCdezZNBzpNmCyByhj0nhRhOaQRbW/d5zKGVMMSEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 82ms
82ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: LOBPCoX3QEpA4zozeYXTzBCtCxmuBnxoCedhCGhRNK6cU44PwuTOe3MKr6ppHGE2Ka4ATwKdC3HtTAFgOnbMzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 78ms
77ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: v8Ae1a8Xoh/AVJzV4eTxFKhOA1ckv/qLMAzGe9SV8WYTV7EzOm02RM1F6t6U2VsRnRo6HjOkrHBbNSRG8tstxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 79ms
79ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: XrOajutLWOcEpKvHFbTS+a/MlYFNRViJii76P52UpSCKdPSQRE3XpzTT2FNEYaYiJUR1soRXeub4J4nBuC63tg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 80ms
80ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 8o/y9+/2TWfWmaoG4CZU466aS/djNnu5EosqKdU4a2GieLD/haVnsaFr86iM0s0p4So6xCVA/8moE9QiJUfDVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 79ms
78ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: TYqZyNpqEOTkw0KG7O2xN6GzIatUCgyr63N+dngyClnBgrWxTroaoNio7jiaIa87qGThJPgP3pliD5qdkMzmVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 81ms
81ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: o8FcqlqVWBNmEhGDkhXo66QmMG0I2f7uIeLed8p0wQDnOgCmTBra9qpUVsk+MzRZJF7wa1+5W7hj4UKxUi5aSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 77ms
76ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: JE1NVmO3FjOj7kbRAeWN7z9iN4O3j6L2Cep2rcbl0merhkggIGC+tfUgwwFU1QkpkLIL6auKWNjsBzDN2CQjrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 79ms
79ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: gl5ccqjERITIT6Nfu+YxFFM+dDs6NUzGaEnUxkdc442lgw8MVf8qA5YxPEss09N4a+z0/z6CqNhtMdWE/6Egew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 81ms
81ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: e4ievNHSUDSRdAcFvMivvNFe0yhY+uETUB5C10LFFHFMOs9UH1r/JITdIovrMgii7N1VXiaGLhXuUg/Dn8NlQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 87ms
87ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 0QwjS9jZeuHfLsww/hLRlUE/NvupJ1MowWY8M6PLwGK1dWxDv8yB2htx2XAdcgXvEQvLoOU49f1p3JrrN8Ir1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 83ms
83ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: zenVQ8IDDdx2BneCkWGcQl5UYycIS8dRK5obBquH/W3v0zOkgQziAyEks0GMQpZX5ZCUpWtsMT1yMDsXOKBHEQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 75ms
74ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: wIpgIjAjzlNywP4QstoWnItUNbMiAur5DkXj2+ChBCm+m/8ITPoSkD0fgtxR0kyTgqPrG+9obgw7jfjlvlNe6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 87ms
87ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: tF2A94jDG92uBaloufmP7wMYEcrL3ITQmCnkr7GtcCc/G+2H3jEUq8yeGp1Vmp6snvnwA26ZpUQdVtagTJnVTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 82ms
82ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: NKOdxSWghHU+glDEaYhaRP/gaa//F5E6B8LACdq7mjcvgKwGRl4zkBsByON4ZVS2oA85ij81YVNasKkps9bvkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 80ms
79ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: BpD0diVs8cqa8VWmUZthdaIyjDgXnwta33HlDmCxer5cS38xkVkuAUssR8zSXSTKFOfIsuBwxq/J8d6LzatMVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 78CD 0
30 B 85ms
85ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: ch/8fYQ2gW/2sMBi2raXZRwYAQ2gNQqjEjsyV+0f9dpZrpi6uJAr62Hi382Tq8cfwKc6b9Oc4VFALW67RixfAQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 17:31:37 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 w8Erou-n76P.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ Frame 78CD 3 KB
1 KB 74ms
25ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/w8Erou-n76P.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15eedb54f09344%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff88158d6a4dcec%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_a4f75bfaa6b51657dd9bb84e234cb42ec3c05a4d_2c58cd54-eeec-51b7-bd2c-d34fe1d44bc0&sdk=joey&size=xlarge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8299e7fed6a486f5288d1669989742db5e3bb247aa4651169b0d3bc7c6268d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w8jq+vLV6FxK+X7F79xmPw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 869
x-fb-rlafr: 0
x-fb-debug: wVwLFeVRDIse/Eq5/9yRiXT1ALEYjazJ6rg5OIkXo2rLMxAN+zzH0Sh5jCPJGP/IR1kXEoo/tTHwg9cQfoNMyQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Dec 2022 16:05:32 GMT

GET
H2 200 0oiiXW4nSxH.css
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/ Frame 78CD 18 KB
5 KB 72ms
23ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/0oiiXW4nSxH.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc933bda55f83479e438bcdc85b0c408b5575e61b52cfab78faa76739646d528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G1hgHHEkAX9dpDZ1wrdPUQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4695
x-fb-rlafr: 0
x-fb-debug: IQCINqjJbMzS9HoUT7wTEzX3xNw7Eaw5vWCEIYmQ1YbixS5Y5vgeuMoXA3Osa0/lTvV2vcH6IP+J1WuU+LGx2Q==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Dec 2022 15:05:48 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 78CD 2 KB
1007 B 73ms
24ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 815
x-fb-rlafr: 0
x-fb-debug: vnsbWR6chFEsoNFRh6wY/YzGyGltHhS8QEFbZ6Mr/K8hysPwRxFcvtPC9aLppyv0MTbOVJNluhjmgfi0Iz2Ueg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Dec 2022 23:16:45 GMT

GET
H2 200 ILZYH7e9dyY.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ Frame 78CD 1 KB
613 B 71ms
23ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ILZYH7e9dyY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9629c5ec5688788c0b42eb2b9ba3b9c5fc17e54f641cbd48a176e01b55342c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MeT4k+euyQ5XUZf3DJ9khg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 420
x-fb-rlafr: 0
x-fb-debug: IggZcaY9yGKEapWHij62gw5HZbvJKnfX+aQigkrQAWBQqCwVadfq6TCEWUxTy9j8y+taUzn1djcwBHr4aViiSg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 15 Dec 2022 23:40:20 GMT

GET
H2 200 _NOVLGKyrR9.css
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/ Frame 78CD 19 KB
6 KB 71ms
24ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/_NOVLGKyrR9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

627769b33c02240b8125d37b8cb27eb06e15e158e60b89e3cba5547d9ac9a002

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +Y4r3EinsdubpTZAjZCwlQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4646
x-fb-rlafr: 0
x-fb-debug: JwdGZAw6k+l45ZAa921dYDERCDS33TkGzDim+hOIa8YJwJmN449jnDEfda0yPgiLQiXbDhTe9GGwRY4K/WVI8g==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Dec 2022 15:57:20 GMT

GET
H2 200 48t_-mn1SY7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 78CD 307 KB
83 KB 90ms
43ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ed035221de592eca192ee5188314f9879f9516ba6be35c782510c9964be6fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 73nT2ycd14UFUPADKUUxjQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84528
x-fb-rlafr: 0
x-fb-debug: adtBm4I4Dbzg0n5IrfAKvCZl+ygVW2RjxPm+Wgogv5UMBfZCR/eED2zGOy4ZRx6369hYTk5v+eR+MMXA0dcdXw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 16 Dec 2022 21:39:23 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 78CD 5 KB
2 KB 83ms
36ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: J26uyKV1MpMYImHu8jnttkHOj5x2wXEBFrGUGJ2W5OvOZ6XVeJUz2PV+fQjemSzWjkfedIniQaWattQM9EZ05w==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 26 Dec 2022 15:01:22 GMT

GET
H2 200 T8BJ7ETas0v.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 78CD 41 KB
13 KB 71ms
25ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T8BJ7ETas0v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VOcZ8I8uJKc3nOE1gwDd/g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 13499
x-fb-rlafr: 0
x-fb-debug: hQyyBv0phLc1t6/8slDoyZ+c9jAKgTu4Fqb59EmjUR7H+Vyo9y4XOj+ulN+7DWswrMSVh0KdrLX50YXd+q0Omg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H2 200 xyCIQCGmYe4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame 78CD 46 KB
15 KB 82ms
36ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/xyCIQCGmYe4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sR6bQ1Us80pnn5qvyfl2lg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 14881
x-fb-rlafr: 0
x-fb-debug: /N2c5NsXEug2OhWIqg7z8xqEUew3nPIrFnjcAcTV0xCMQpJ8xmjF4nw30++hSqhL49r8clKGObnETwAQAbZzqQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 78CD 1 KB
1 KB 21ms
21ms Image
image/jpeg 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: JR/IThXJaHP52LX6+/uQ9uNF89cu6WCbEHg+YzdGGQodyQ6UhVyCQyY5gLzM3iWJh7mpAzKD683o3TcDmuo/fg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Dec 2022 07:07:31 GMT

GET
H3 200 WSHYg2coDhd.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 78CD 707 B
760 B 21ms
20ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/WSHYg2coDhd.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/w8Erou-n76P.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0b9959b58ce19a6cb1023d60b40a23216f2ce95996e50f3b8e7e177b65e8a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/w8Erou-n76P.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
x-content-type-options: nosniff
content-md5: biEGnrcqG9oA/B9m3ok9hQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 707
x-fb-rlafr: 0
x-fb-debug: tMhKbwtKa7jqk73DDj6nowBg1XVwz7CbB9jNzC2BTJgLPtWeUW8v7s0mAwJbe2mwjguy16VmBxrUJLbPow5BzA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Dec 2022 08:49:59 GMT

GET
H3 200 x9ZrO_yAkJs.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/ Frame 78CD 82 KB
22 KB 26ms
26ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c0752b37b4f74e2e83dd5c1a8dda11d5f3a0534d857ea7a50a7e87530270d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s06YHKP82cEFC6ripSzfLA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 22909
x-fb-rlafr: 0
x-fb-debug: 64gPmDV/Ha9cQCJouaNZyZN1HNMrcJvdaHKIaaEC7bAcTo3Dz/dG3LAiiUDLfG3x4AaGBEH+nNQrGb32rbB66Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H3 200 s2GsfEzFgLQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 78CD 21 KB
7 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/s2GsfEzFgLQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97086e03343c6995a1f10f4fd6bcee26a26fcf5f94ad48a19f88bcb7d73cb59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qvvAroZd2phd9jbIdj0DBg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 6965
x-fb-rlafr: 0
x-fb-debug: mlLV4FvJqCqed0Mlpp1tfM9Oji1KQd3HD2AUpEc+zF0iYbJjnCjDM3kTOXqb4IYMN39nsWOmH6B98WhM+sAhSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H3 200 CWJINsGKrOS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 78CD 18 KB
6 KB 27ms
27ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/CWJINsGKrOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4rHnUh0ztUMBselfW2HUmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 5946
x-fb-rlafr: 0
x-fb-debug: EF9mUbNthLq5VU0z9gPdecN5YPb2v82MmWXa+tCdWVERkAPr/VOoE/xB/bYA62EbTDesrIA93q+P5Yiy4qQWmw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Dec 2022 15:01:56 GMT

GET
H3 200 cN-N4Eu_deZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 78CD 7 KB
2 KB 28ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XkHzn1WHKMxOAJmWI3FJ7A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2277
x-fb-rlafr: 0
x-fb-debug: mkevL23y9t7hKYJg61D9YkklW/rGlnPXasW0e3qn6+0VVt1QTu53waXrBxL4vK0YHCY1JEJNmEzJI83HPzK5Lg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Dec 2022 14:33:24 GMT

GET
H3 200 adkjEBzu5_0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yx/l/en_US/ Frame 78CD 56 KB
16 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/yx/l/en_US/adkjEBzu5_0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6383fbd9c9377155aec82349de48bb6c9e09066c3ccb361a9a7a403001e47614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: n5bMU0fWuXK16juUMTSdYg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 16507
x-fb-rlafr: 0
x-fb-debug: zVH57C4IqjtrNMXFSz1b4NzCExoM/lAj3tkKhMiqJb8Hc6D9ipMRQXzJ4+eZDCmcerPE2CkPfSGothzjjS9nxw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Dec 2022 15:27:16 GMT

GET
H3 200 zDWsfSIJBmh.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 78CD 4 KB
2 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/zDWsfSIJBmh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4f00910898d52a5c3d43c47e6234d9bd6a1fbde7d85a1a0203fb861bae16470

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vkh9n+8QoOwJ/6bbvMTzfQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1485
x-fb-rlafr: 0
x-fb-debug: dQipHe4U556GfWBJsW39SdqVVPfDw2V4YwhbrX2jC9r42d/FTcxtE5LgDHuGBiJhYQqWKvfnat6Rrp6AyT3u1Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Dec 2022 07:43:54 GMT

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 370 KB
115 KB 1078ms
1078ms Script
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=be00e2eb&applicationId=6898

Requested by

Host: client-builds.production.gorgias.chat
URL: https://client-builds.production.gorgias.chat/new_bundle/gorgias-chat-bundle-loader.js?applicationId=6898&ignore=/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a42898b0f631a4f9625aa36cb6cfe4f4459fa3fb9e43c52611b3852922f5a5e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:38 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c85f-zlq2DP9Qor91EQVsz8hyOUaDmk4"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, s-max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
sourcemap: gorgias-chat-bundle.js.map
cf-ray: 6c54c3593d5aecea-YUL

GET
H2 200 linkifyjs-html.js
assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/ 0
12 KB 39ms
26ms Other
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/linkifyjs-html.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=be00e2eb&applicationId=6898
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 2344
x-guploader-uploadid: ADPycdvN9tmvvkKRaeU9-2qfthlJRFCLE6sl-T8rwRXBCTa190I_aqq8qu3LiYe5tJBmYghh45GmX_cqF_C7ACDwSZs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 24 Dec 2021 09:27:03 GMT
server: cloudflare
etag: W/"6dc90d80fdf77e9f7b2551fc808c2d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/edUyQ==, md5=bckNgP33fp97JVH8gIwteA==
x-goog-generation: 1640338023439507
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 12077
cf-ray: 6c54c360ad7fecea-YUL
expires: Wed, 29 Dec 2021 21:31:38 GMT

GET
H2 200 gcmw.js
assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/ 0
114 KB 50ms
38ms Other
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/gcmw.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=be00e2eb&applicationId=6898
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 2344
x-guploader-uploadid: ADPycduHnTEiI9Tkq9IqqECyo-UTyyoWEFp-p008TTBVw_fvGnfO2SMUF2lB3wVOjMGViOb1Mqgtr1TsRBINUIh1thonJh0WoQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 24 Dec 2021 09:27:03 GMT
server: cloudflare
etag: W/"6d31a318fdd388a40744c439d12ed153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=aZmS9A==, md5=bTGjGP3TiKQHRMQ50S7RUw==
x-goog-generation: 1640338023659492
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 117889
cf-ray: 6c54c360ad7decea-YUL
expires: Wed, 29 Dec 2021 21:31:38 GMT

GET
H2 206 notification-chat.97cd95d2.mp3
assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/media/ 4 KB
4 KB 21ms
21ms Media
audio/mpeg 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/media/notification-chat.97cd95d2.mp3
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73

Request headers

Referer: https://offthegridsurplus.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 29 Dec 2021 17:31:38 GMT
cf-cache-status: HIT
age: 2928
x-guploader-uploadid: ADPycduAzOLMyfWDxG4gZkiwV9DZr7kMUdVwus1dlIuGAhxpmN3sYAK8HIhsoWNzyBsJDOYlUhLN6eBk64SlhBuDltw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: audio/mpeg
Content-Length: 3660
Content-Range: bytes 0-3659/3660
last-modified: Fri, 24 Dec 2021 09:27:04 GMT
server: cloudflare
etag: "97cd95d28b187ffc0c8455c08a688eef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RoEABg==, md5=l82V0osYf/wMhFXAimiO7w==
x-goog-generation: 1640338024468657
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 3660
cf-ray: 6c54c360ad88ecea-YUL
expires: Wed, 29 Dec 2021 21:31:38 GMT

GET
H2 200 collector.js Show response
analytics.getshogun.com/ 54 KB
17 KB 45ms
12ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.getshogun.com/collector.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 3c370d894a4e5946cb161e6603763984c5d7b4f2b80a4ebd0fe9635834a5d558

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
age: 1562
x-cache: HIT, HIT
content-encoding: gzip
content-length: 16556
x-served-by: cache-lga21929-LGA, cache-yul12822-YUL
last-modified: Wed, 07 Apr 2021 15:01:18 GMT
server: Cowboy
x-timer: S1640799099.086273,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 403, 319

GET
H/1.1 200
OK redirect-app.js Show response
easy-redirects.s3-eu-west-1.amazonaws.com/ 15 KB
15 KB 465ms
124ms Script
application/javascript 52.218.29.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-redirects.s3-eu-west-1.amazonaws.com/redirect-app.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.29.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b07d28a62fadeee2a1e118b23f9706eb02418e05d1e1498af5624fc7200c66f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 17:31:40 GMT
Last-Modified: Thu, 18 Nov 2021 11:54:01 GMT
Server: AmazonS3
x-amz-request-id: 34FQKW1DX2RPC6YE
ETag: "97455a1c77cbd4f5612c3a6c28e3eb37"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 15322
x-amz-id-2: v3uY208gdHBlRRkIiUaAqcDTvn3FoUSNLYw9AK9FDzZo9NlzWkgajAR7Tv8Hkb3DwUOWtIjwpxA=

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 3 KB
1 KB 77ms
26ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 357d614c20b8d22757fa3ea0410063eb441553a40e32a8027a6cc89f207528dc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
age: 275
x-cache: HIT, MISS
access-control-max-age: 86400
content-length: 992
x-served-by: cache-lga21955-LGA, cache-yul12826-YUL
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1640799099.105501,VS0,VE14
etag: W/"a1e29b186f03055a2ef947b219fabadf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 0

GET
H2 200 source.js Show response
files-shpf.mageworx.com/productoptions/ 238 KB
69 KB 200ms
149ms Script
application/javascript 2606:4700:20::681a:731
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files-shpf.mageworx.com/productoptions/source.js?mw_productoptions_t=1637342856&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:731 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813b228bfb997d61c1f33c8ed07cdcd92888efa200c5c2c95a2f1c2c9f18d368

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 07 Jul 2020 11:58:13 GMT
server: cloudflare
cache-control: max-age=14400
etag: W/"5f046355-3b9d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWMnbGmJsYEvcnWjtlIQrGVi85vO2CC2ndElmJ%2BAi7%2Br53X5mlF5WaRzcvq0oaDtLK%2BNp0UNnx6TRoqNWZCc8HGeXddvBLqiOWRRmyd43EgtnqtXq5dPFq2QxUMu%2FXmjvhXs%2BWkyj2uL55jCXobbP34TPd9s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: CF-IPCountry, IP-Region
cf-ipcountry: CA
cf-ray: 6c54c3616a704bcb-YUL

GET
H2 200 shopify.js Show response
app.octaneai.com/79afenry9euxsfec/ 356 KB
88 KB 711ms
661ms Script
application/javascript 2606:4700:10::6816:22f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.octaneai.com/79afenry9euxsfec/shopify.js?x=J1N1ikKL3jrQKcyu&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:22f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01763cfabcc78df1a60aebad4eecee440a0f596379c4439811e3ee0c31329ee

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 29 Dec 2021 13:54:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 6c54c36168ee7138-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 20149_1608398514.js Show response
app.backinstock.org/widget/ 98 KB
25 KB 74ms
23ms Script
text/javascript 2606:4700:3030::ac43:d2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/widget/20149_1608398514.js?v=6&shop=otgsurplus.myshopify.com

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03261fbbc905682630e5aa65bbadbcc06c525bf853844b015e02a3fddf385ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 57504
p3p: CP="Not used"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFHgPQCr0UI7BcEwOamadHL7q5fNoG0tS7gEBvzAkWnLukEPRD4PZmbjp8ys9O3%2B3JdII7dcK2PXPKLXBRZ2rM5KUh%2F00CMzG0mbBOjm2aiRgt1y9nRsYisM%2BhmqdhUA%2BJvwmg4h4eij1lUotjBA5g69"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9a1b0d19-0519-4921-8913-5a1df4cf2122
x-runtime: 0.042864
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Dec 2020 17:21:54 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"1d6ea081b1a095101bf15453ba4602d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2629746
cf-ray: 6c54c3616e7cecea-YUL

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 89 KB
26 KB 19ms
17ms Script
text/javascript 2620:1ec:bdf::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 92cb1d5813aa2552b90961426870a4b29be2518a7353082bf19f726483420f9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 17:31:38 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 09:21:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yjvFhLKLCvM8k51+QGf8yg==
etag: 0x8D9AB3DF5225B5C
x-azure-ref: 0e5vMYQAAAAC4Rg1wKcwyQquoGdznJIC1WU1RMDFFREdFMDkyMQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 2e178215-701e-0114-749e-fc105e000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0spDMYQAAAAAUrD8sePKRTIAi6AJtGMWfU04xRURHRTIxMTcAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj

GET
H2 200 launcher.js Show response
cdn.verifypass.com/seller/ 4 KB
2 KB 116ms
66ms Script
text/javascript 2606:4700:3034::6815:4436
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.verifypass.com/seller/launcher.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4cbd80926d06eb9cb19c1498ef0a86446f65fc46fe8180230fcc7a43950c78f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R8QWSTGVXS196TH3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: pKnhRH0jrZDiRfae+PiDFA5E+aYBvwOwy6LuCywjJ1YHf2aqJ4IQgEI8X+BbQHdAcmW9gAXMRII=
last-modified: Fri, 27 Mar 2020 21:01:29 GMT
server: cloudflare
etag: W/"3de9072d7f2266e960535f403bf00e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awlKA6l6OPcPLpjxBR4%2F8cxTshocYOVWfvGQjUVszRApjknlMWs2oMCQ0rl%2FfyrOY0Mtd6bhGRjxRSvKViJS7yCsZJ37TTU3pR0byCQGCYGDfB7cwn%2Fx2vdV3IzpjUCurIufGnUf7sN5bL83w2w9czI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6c54c3616ac3713e-YUL

GET
H2 200 shopify-scevent-init.js Show response
intg.snapchat.com/shopify/ 10 KB
4 KB 95ms
21ms Script
application/javascript 2600:9000:210b:4a00:7:67fb:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=85b9b802-6e2e-4926-a484-f63f172d2bf0&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:4a00:7:67fb:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e754ac6a863e9650b4432de68b0cbc5deef2495a1573bbbc0ac607f35295b2ec

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:43:17 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 02:43:00 GMT
server: AmazonS3
age: 53303
etag: W/"586e29f264cb912cd3ab8c1f8908ec65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: tOivmkbiyUfMa9mPDlAcS1YsiInPlEcGXyAcEAC4zl7iPg0cRfnJTQ==

GET
H2 200 shopify.js Show response
manychat.com/static/js/ 155 KB
58 KB 199ms
198ms Script
application/javascript 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 81f7da941a82546d2f6d2e09319016668484769b4586f698e171f57c9cf464dd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
cache-control: public, max-age=600
last-modified: Fri, 24 Dec 2021 10:28:39 GMT
server: openresty/1.19.3.2
content-encoding: gzip
etag: W/"61c5a0d7-26a05"
content-type: application/javascript; charset=utf-8

GET
H2 200 route-widget-shopify-stable-v2.min.js Show response
cdn.routeapp.io/route-widget-shopify/v2/ 119 KB
35 KB 108ms
26ms Script
application/javascript 2600:9000:210b:cc00:16:4701:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.routeapp.io/route-widget-shopify/v2/route-widget-shopify-stable-v2.min.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:cc00:16:4701:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 098bfe70ca961917756a266f53c4bac68f64dbf6d2f310ae45cb423883b79568

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 23 Dec 2021 23:23:28 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 23:23:24 GMT
server: AmazonS3
age: 497292
etag: W/"d1297ff8de06ba96bf234484b3724044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: GZJ.AFfiwwPrc9D3jK4NOYFIxxFMP0A0
via: 1.1 121f18299e6385d2cf97a45a6dcf2c8d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
content-type: application/javascript
x-amz-cf-id: TJxpHmJztOa0aaPhBZlbitL2kdT7p0VV_eH6rQaIahTxyMzGWmUq7w==

GET
H2 200 rebuy.js Show response
cdn.rebuyengine.com/onsite/js/ 4 KB
2 KB 117ms
43ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=otgsurplus.myshopify.com

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

85498129ec04880c8586191f63f549149f84f0e467c03adc6337366aadff879b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1672
x-cache: HIT, MISS
content-length: 1542
x-served-by: cache-mdw17375-MDW, cache-yul12829-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Dec 2021 04:56:38 GMT
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640799099.133669,VS0,VE24
etag: "f29-5d3c9103eed80-gzip"
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 2, 0

GET FALL19-3_300x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 0
0

GET
H2 200 FALL19-3_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 51 KB
51 KB 35ms
35ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_540x.jpg?v=1575534171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

72bc6a16fd01a83a282469da132926215c7cb24923d7b273ee3dfa1b3ea2d4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=21.552,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 52092
x-xss-protection: 1; mode=block
x-request-id: da010179e6eef3e910f0a13f126c9373
x-served-by: cache-lga13622-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.208802,VS0,VE22
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 no-image-2048-5e88c1b20e087fb7bbe9a3771824e743c244f437e4f8ba93bbf7b11b53f7824c_360x.gif
cdn.shopify.com/shopifycloud/shopify/assets/ 3 KB
3 KB 14ms
14ms Image
image/gif 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/no-image-2048-5e88c1b20e087fb7bbe9a3771824e743c244f437e4f8ba93bbf7b11b53f7824c_360x.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

5d162d486c81f04d872d17a0986ec27287959c1b62daf98b811c3f56b440b59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.933,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 3156
x-xss-protection: 1; mode=block
x-request-id: aea5f83045443c78d49e35f826a1fbfb
x-served-by: cache-lga21967-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.208886,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/no-image-2048-5e88c1b20e087fb7bbe9a3771824e743c244f437e4f8ba93bbf7b11b53f7824c_360x.gif>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Old_Fashioned_Tee_Charcoal_Front_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 16 KB
17 KB 23ms
23ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioned_Tee_Charcoal_Front_Off_The_Grid_Surplus_360x.jpg?v=1608332935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

787666ab2e064009031ebafb0ee9fa78e89f536041b9b6a288ff71731c761603

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.492,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.185,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.213,cdnOriginTTLB;dur=10.042
content-length: 16878
x-xss-protection: 1; mode=block
x-request-id: c23e435a1ab999eb25055b11081f9d59
x-served-by: cache-lga21933-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.209070,VS0,VE10
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioned_Tee_Charcoal_Front_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 global.1640235389.js Show response
cdn.rebuyengine.com/onsite/js/ 553 KB
143 KB 15ms
15ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/global.1640235389.js

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=otgsurplus.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

a4a4a715624396db26d9da24f5d9df223c0d3834616ec994f53d2bc4c70cc355

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1674
x-cache: HIT, HIT
content-length: 146135
x-served-by: cache-mdw17357-MDW, cache-yul12829-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Dec 2021 04:56:38 GMT
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640799099.214099,VS0,VE0
etag: "8a582-5d3c9103eed80-gzip"
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1, 26

GET
H2 200 global.min.1640235389.css
cdn.rebuyengine.com/onsite/css/ 1 MB
104 KB 56ms
55ms Stylesheet
text/css 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/css/global.min.1640235389.css

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=otgsurplus.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

16a2b7bd2888b4082a8dc33e0444e42c6aab20dc6178f523643339412c9c0683

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1671
x-cache: HIT, HIT
content-length: 106122
x-served-by: cache-mdw17380-MDW, cache-yul12829-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Dec 2021 04:56:39 GMT
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640799099.214181,VS0,VE0
etag: "115bdf-5d3c9104e2fc0-gzip"
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 2, 110

GET
H2 200 fender_analytics.db3669266fa4cd10d26a.js Show response
static-tracking.klaviyo.com/onsite/js/ 22 KB
8 KB 78ms
17ms Script
application/x-javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.db3669266fa4cd10d26a.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3faeefff776eca6ab54add715a54b3a4eda55a78109e1b0618531dad79e1ebfa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: IPiHBJtJRym_h0TIkEdi7ilxuADHhYbL
content-encoding: gzip
age: 280
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7505
x-amz-id-2: Mipv+UJs4NEna9H0BUfU+Tm5lW23vWaBExOWLRw6mTlFN7ZRwjmEHTh22/fH8Q1kIrT5PaNh/5g=
x-served-by: cache-lga21949-LGA, cache-yul12830-YUL
last-modified: Wed, 29 Dec 2021 17:25:42 GMT
server: AmazonS3
etag: "1d9cc3539654ae671f1fb68051a3990b"
vary: Accept-Encoding
x-amz-request-id: N9D59CQJKVDXM2H3
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 1, 516

GET
H2 200 static.0903591c79652db3b806.js Show response
static-tracking.klaviyo.com/onsite/js/ 13 KB
6 KB 80ms
19ms Script
application/x-javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.0903591c79652db3b806.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91e8ca1b3c98985246ed00a756c863bcdabd5a791cb3d59b6c2f142b09469ca3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 0bXfofVSDtzEu4iHW.T9e3..t3LqokGP
content-encoding: gzip
age: 280
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5504
x-amz-id-2: xIEuK+U7IodvqV+3fXNxLyniNq5Upqn7m9X5gNsd9Zd98GTnbazrclSB5xA3zYoS7nygT1+kEww=
x-served-by: cache-lga21975-LGA, cache-yul12830-YUL
last-modified: Wed, 29 Dec 2021 17:25:42 GMT
server: AmazonS3
etag: "a03de5e5df3b622cc7ad64dd551f90cd"
vary: Accept-Encoding
x-amz-request-id: N9D5N0F11ZZSMRFJ
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 2, 514

GET
H2 200 sharedUtils.22225e8be8c773a192b5.js Show response
static.klaviyo.com/onsite/js/ 35 KB
9 KB 19ms
19ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.22225e8be8c773a192b5.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eac6b6ca0df419caa2b1951fef60f59bd036969221bc6d3d9784c5ba5d9a062

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: uAWDN8TletfdM1QPtUw2IWcHeHUdCEp7
content-encoding: gzip
age: 282
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9322
x-amz-id-2: D8jZOShmILYaB1VrsASVMCg19B6qq7b1x3pV9cRB9pWIR2DjlKti4OwVRAD28UZcQL03fMpsp/I=
x-served-by: cache-lga21962-LGA, cache-yul12826-YUL
last-modified: Thu, 23 Dec 2021 21:04:52 GMT
server: AmazonS3
etag: "19a7fdd374429418b6912c2497585cae"
vary: Accept-Encoding
x-amz-request-id: SD6FV2W0VB9S0KNX
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 1, 391

GET
H2 200 sentry.3770b81f534eb4a7afe1.js Show response
static.klaviyo.com/onsite/js/ 40 KB
14 KB 19ms
18ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.3770b81f534eb4a7afe1.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5053567e6cb48aeb3cde3c48c745ef891dd0ea20ee643561facd301d24c9085

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: MMe1cNs52EUXdlJ8QD3kUGocQDfZvqeR
content-encoding: gzip
age: 279
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13798
x-amz-id-2: BF55xDnR1QzBCABTwDfPpWGrmp9ReeZkxY1yQXSDTpqeykWMUZmDyNDkZBR75UNxD4//xyImOTY=
x-served-by: cache-lga13621-LGA, cache-yul12826-YUL
last-modified: Thu, 23 Dec 2021 21:04:52 GMT
server: AmazonS3
etag: "ed55aff052cb09a4e554b42b64e82183"
vary: Accept-Encoding
x-amz-request-id: SD61K7Q186JNZY72
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 2, 317

GET
H2 200 vendors~signup_forms.27613a61353eaaf70e64.js Show response
static.klaviyo.com/onsite/js/ 87 KB
26 KB 18ms
18ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.27613a61353eaaf70e64.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94f4618c97d30aa5542f8893d9ddb92bbc311471edc2754ad55e594d2be8bd86

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: rFCYnMdkFk4.cpnpn_xQ1Qzy_efy_7Ds
content-encoding: gzip
age: 279
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 26682
x-amz-id-2: QHV5Qboo883KNea3UBXCgmGKP2Dzw0i9yhXPXdaHad+TXm5wBTxnXhot5NWNMHOyE8aRB+ICOJ0=
x-served-by: cache-lga21948-LGA, cache-yul12826-YUL
last-modified: Wed, 29 Dec 2021 17:25:43 GMT
server: AmazonS3
etag: "2251fd03536e2615aaae94fc73e4cd5f"
vary: Accept-Encoding
x-amz-request-id: 35VFFWVYD0NEHVT0
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 1, 418

GET
H2 200 signup_forms.4363d703e363112be9b1.js Show response
static.klaviyo.com/onsite/js/ 122 KB
32 KB 38ms
38ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.4363d703e363112be9b1.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa7aa65a5e482203dccbdeb361737e99b6702f87f6c8e4b36ef5fd7b1e19bcc3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: jj5KLYLCSicfIkdjgY1QEU8f2.sYrPxD
content-encoding: gzip
age: 279
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 32222
x-amz-id-2: zO61txTlkm3252j4jvWDonp5oVzSm/mNxzApn1zVLwmHjxnk02FreDd4EbhrtnRk45NBl+ZT70I=
x-served-by: cache-lga21921-LGA, cache-yul12826-YUL
last-modified: Wed, 29 Dec 2021 17:25:42 GMT
server: AmazonS3
etag: "c5bcf12e112cd54dd002bbd005eb1d6f"
vary: Accept-Encoding
x-amz-request-id: 35V1J0A7X5PXP3C2
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 1, 403

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 82ms
30ms Script
application/javascript 13.225.63.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: intg.snapchat.com
URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=85b9b802-6e2e-4926-a484-f63f172d2bf0&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-75.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 00:05:28 GMT
content-encoding: gzip
age: 62772
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 42d3518040c55e24793897f7f5d5f342.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: 8CWWt2uWMttkgnF7QVpIGus6z5ma4O8dW2hrqH0hgb8SfpnQ8mydNg==

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
479 B 53ms
53ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: d2b07029-2036-439d-9404-72c8dc6cbdfc

GET
H2 200 Destroyer-Navy-offthegridsurplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 56 KB
56 KB 22ms
19ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer-Navy-offthegridsurplus_360x.jpg?v=1637187141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

4dc7f2eb67f9b4b4b32f2c1bb5f6585176af28787145a03908311536989e7cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.007,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 57336
x-xss-protection: 1; mode=block
x-request-id: b327604166c8946b32419ce3fc288ace
x-served-by: cache-lga21972-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.278653,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer-Navy-offthegridsurplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Heather_Grey_Front3_OffTheGridSurplus_9ae88a17-89b2-4d97-8184-47c873688244_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 39 KB
39 KB 35ms
32ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Heather_Grey_Front3_OffTheGridSurplus_9ae88a17-89b2-4d97-8184-47c873688244_360x.jpg?v=1637187125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

119ac1755a81c44cdc6980a700ed8edb6b4e1c996f33fa3b53ea610825205430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.255,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 39714
x-xss-protection: 1; mode=block
x-request-id: 47fba64d3bbebffa53e1dadb048f06cc
x-served-by: cache-lga21949-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.278722,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Heather_Grey_Front3_OffTheGridSurplus_9ae88a17-89b2-4d97-8184-47c873688244_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Destroyer_Flannel_Army_Green_Front5_OffTheGridSurplus_f24956da-e2bd-4c17-8ee1-fed3a7722edd_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 38 KB
39 KB 33ms
30ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Army_Green_Front5_OffTheGridSurplus_f24956da-e2bd-4c17-8ee1-fed3a7722edd_360x.jpg?v=1637187190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

7b88697dc203489446e7ee760be08c7ae7a319290c19f871e30c9401e98711c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.068,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 39266
x-xss-protection: 1; mode=block
x-request-id: 308f706eb17b24db52e0d974bfd9f7ab
x-served-by: cache-lga21980-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.278801,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Army_Green_Front5_OffTheGridSurplus_f24956da-e2bd-4c17-8ee1-fed3a7722edd_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 711 B
1 KB 52ms
13ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=KLTimw

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

772775a8afe578b1d78779fe067fc20f252b86ca9deeed3750478974c01a8590

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 572435
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 711
x-served-by: cache-bos4628-BOS, cache-yul12826-YUL
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v5/KLTimw/ 85 KB
10 KB 59ms
14ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v5/KLTimw/full-forms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ae4b9635bca9a1055428b68cbcf464dc86ca0cfbfa523f00f3324bc859fbc27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: nEQUMmyyhlD45D2u3VAAfVpVZo9CGtZR
content-encoding: gzip
age: 534305
via: 1.1 varnish
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/KLTimw custom-fonts/KLTimw
content-length: 9874
x-amz-id-2: rjqU0VPCEQqTB4eTL7wtgOZQ2oQkZEKsTMLJUOLYfuza07DDg/wHbPjM1NUv/SXyxVV7s1+lnXE=
x-served-by: cache-yul12822-YUL
client-geo-country: CA
last-modified: Thu, 23 Dec 2021 03:09:04 GMT
server: AmazonS3
x-timer: S1640799099.350338,VS0,VE1
etag: "9fa294753db58f49d1a095cd6dfbe150"
vary: Accept-Encoding
x-amz-request-id: QECSS1S7Y6ANST0F
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
date: Wed, 29 Dec 2021 17:31:39 GMT
x-cache-hits: 1

GET
H2 200 config Show response
cdn.rebuyengine.com/api/v1/user/ 623 B
768 B 83ms
42ms XHR
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/api/v1/user/config?shop=otgsurplus.myshopify.com

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

32d2a0a69e21d30ef5896266ee205a44cddf2b0215b125eb64468d5daad6adca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 900
x-cache: HIT, MISS
content-length: 414
x-served-by: cache-mdw17381-MDW, cache-yul12823-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640799099.390851,VS0,VE22
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=1800, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1, 0

GET
H2 200 config.js Show response
apps.mageworx.com/app/productoptions/config/otgsurplus.myshopify.com_1637342856/ 7 KB
3 KB 193ms
143ms XHR
application/json 2606:4700:20::681a:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.mageworx.com/app/productoptions/config/otgsurplus.myshopify.com_1637342856/config.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b70fc64b906a4a39809e011dc9783099231c58c948a5d02d86a81419638dcd9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 29 Dec 2021 13:54:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IycrcKw4GOsKEmDOXxT6SJH1T3DoOvu9nvh3iZjpd57zM4JpQLO92%2FcVk5XmIl8i1TXXgAMpF4aw%2FY3qYSmhI0QgI3dS0XiBJYpD9inoAmeR45d4ACEdZpdtfjehffhwVkg0oStkprWaMAQ3kAzi"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ipcountry: CA
access-control-expose-headers: CF-IPCountry, IP-Region
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c54c3636e424bca-YUL

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
656 B 43ms
42ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

284640950d838451759afd9e4bb7e9569e8a5fee43105c87c8cd34aa57fa4b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 16:06:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 17:31:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 17:31:39 GMT

GET
H3 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
61 B 63ms
44ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=85b9b802-6e2e-4926-a484-f63f172d2bf0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

fcd0e1cc60c87c8b844e2203e61394ce838b4b020b5ad26ecc1a3aadd849d903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

POST
H3 200 shopify
tr.snapchat.com/scs/ 0
0 60ms
45ms Fetch
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/scs/shopify

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/no-image-2048-5e88c1b20e087fb7bbe9a3771824e743c244f437e4f8ba93bbf7b11b53f7824c_360x.gif

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-filter.js?v=649470522005690111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

5d162d486c81f04d872d17a0986ec27287959c1b62daf98b811c3f56b440b59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.123,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 3156
x-xss-protection: 1; mode=block
x-request-id: aea5f83045443c78d49e35f826a1fbfb
x-served-by: cache-lga21967-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.484731,VS0,VE0
date: Wed, 29 Dec 2021 17:31:39 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/no-image-2048-5e88c1b20e087fb7bbe9a3771824e743c244f437e4f8ba93bbf7b11b53f7824c_360x.gif>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Destroyer_Flannel_Red3_OffTheGridSurplus_b230fda1-223e-41ba-8956-113ced084502_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 43 KB
44 KB 15ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Red3_OffTheGridSurplus_b230fda1-223e-41ba-8956-113ced084502_360x.jpg?v=1637187113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

57e2eb64984035dad80abb8383388398896739e52fdb66174b04dfac3eed32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.934,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 44400
x-xss-protection: 1; mode=block
x-request-id: 6bbd8628863b8bd363fbd754f558aff9
x-served-by: cache-lga13624-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.485220,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Destroyer_Flannel_Red3_OffTheGridSurplus_b230fda1-223e-41ba-8956-113ced084502_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 34525_f_fl_360x.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 10 KB
11 KB 25ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/34525_f_fl_360x.png?v=1636026860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

6a845eb7d88fe54948f3fb6eae481cf57a2b7a4bbeda43d6bb35970011abca37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.845,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 10546
x-xss-protection: 1; mode=block
x-request-id: 172640a14fbcdee5a4a648bb2e8aa46f
x-served-by: cache-lga21959-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799099.485305,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/34525_f_fl_360x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 stylesheet
cdn.rebuyengine.com/api/v1/user/ 11 KB
2 KB 33ms
32ms Stylesheet
text/css 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/api/v1/user/stylesheet?shop=otgsurplus.myshopify.com&cache_key=1640289373

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

440f5c6f628d0b1dba7a3009f7f9b3937abf754c9b649ec8b161336db199b4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 277
x-cache: HIT, MISS
content-length: 1870
x-served-by: cache-mdw17375-MDW, cache-yul12829-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640799099.489573,VS0,VE18
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: text/css; charset: UTF-8;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1, 0

GET
H2 200 templates Show response
cdn.rebuyengine.com/api/v1/user/ 69 KB
6 KB 34ms
33ms XHR
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/api/v1/user/templates?cache_key=1640289373&shop=otgsurplus.myshopify.com

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

0ce7b8ab76accede35d76c6d14a3a3f250081ece1344009a0262cec182a86a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 900
x-cache: HIT, MISS
content-length: 6261
x-served-by: cache-mdw17381-MDW, cache-yul12823-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640799099.491098,VS0,VE18
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1, 0

GET
H2 200 geolocation Show response
rebuyengine.com/api/v1/customers/ 238 B
460 B 153ms
90ms XHR
application/json 2606:4700:10::ac43:c7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rebuyengine.com/api/v1/customers/geolocation?cache_key=1640289373&key=vDZL1FJJlM7JKGv5OYNfB72iIT6dFpNW7qIx33mDLhNFW3RAAdSP1lUzkzxHOSwTwwPbR7x1BBv1vJIhQTX%2BIg%3D%3D
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:c7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ccce4f091a6d13da4fe1cbfa53e0e896f56c95a1f632bdd7617fb012555bb5d

Request headers

Accept: */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6c54c36488a4ca67-YUL
access-control-allow-headers: Content-Type

GET
H3 200 cart.json Show response
offthegridsurplus.com/ 283 B
1 KB 88ms
87ms XHR
application/json 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/cart.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

009ff8df09f4da6dcf081ca36a6fe08ba1085e1d3804da120462769231a0bd0e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
content-type: application/json; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 25921126454
x-request-id: b9956b13-596d-4077-be59-c0c7b206f03f
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 6c54c3643c777157-YUL
x-sorting-hat-podid: 53
x-cartjs-updatedat: 0

GET
H2 200 Willys_Tee_Navy_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 7 KB
7 KB 29ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Navy_Off_The_Grid_Surplus_360x.jpg?v=1624469365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

4dd73adb9c49eb0e3909817c421a75756e0fa55baccb4e9579e7b6b0a2909fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=0.845,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=11.827,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=10.784,cdnOriginTTLB;dur=11.752
content-length: 6670
x-xss-protection: 1; mode=block
x-request-id: 9ed5e515efbcf1a9cebb58294dd5b24b
x-served-by: cache-lga21977-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799100.666714,VS0,VE12
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Willys_Tee_Navy_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Stacked_mens_Tee_Athletic_Heather_Front_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 23 KB
24 KB 33ms
32ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_mens_Tee_Athletic_Heather_Front_Off_The_Grid_Surplus_360x.jpg?v=1620492763

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

d28e6655dbe8511d924a3a42641b948d47072647e81e9b8ab7fc0354bc806ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=1.026,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=17.620,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=11.080,cdnOriginTTLB;dur=17.542
content-length: 23850
x-xss-protection: 1; mode=block
x-request-id: 90da275332e5884e4293ceb6fd4c24b9
x-served-by: cache-lga21963-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799100.666753,VS0,VE18
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Stacked_mens_Tee_Athletic_Heather_Front_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Lightning_Bolt_Short_Sleeve_Pocket_Army_Green_Offthegrid_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 47 KB
48 KB 16ms
16ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Pocket_Army_Green_Offthegrid_360x.jpg?v=1614972298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

4d0e97fed87be5da022b5307725e690b7a567621b0d16c8b57e17d88d9baf39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.985,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 48506
x-xss-protection: 1; mode=block
x-request-id: 7ad37e4d0be4526dd4bf7b07cc01d027
x-served-by: cache-lga21947-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799100.666818,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Pocket_Army_Green_Offthegrid_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 A_Train_Tee_Army_Green_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 12 KB
12 KB 26ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A_Train_Tee_Army_Green_Off_The_Grid_Surplus_360x.jpg?v=1608332037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

c74a82341e55b424c8bdb377e7fe1e02fc6abe3b21721572ac89b0aa2ccf93cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.210,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=12.023,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=11.176,cdnOriginTTLB;dur=11.943
content-length: 12318
x-xss-protection: 1; mode=block
x-request-id: 234b51e80757f64c877813cc96c34c76
x-served-by: cache-lga13626-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799100.786380,VS0,VE12
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/A_Train_Tee_Army_Green_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Solid-Logo-USA-MADE-TEE---OFF-THE-GRID-SURPLUS_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 34 KB
34 KB 15ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid-Logo-USA-MADE-TEE---OFF-THE-GRID-SURPLUS_360x.jpg?v=1620490279

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

25c12368ed9cca148c5bac208a60a9102172ad856e865f7650ce0317152a8724

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.881,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 34816
x-xss-protection: 1; mode=block
x-request-id: e0ca91bf653a270dd2d509ccb2fa13db
x-served-by: cache-lga21958-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799100.786618,VS0,VE1
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Solid-Logo-USA-MADE-TEE---OFF-THE-GRID-SURPLUS_360x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Old_Fashioed_Tee_Charcoal_Back_Off_The_Grid_Surplus_360x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 18 KB
19 KB 29ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioed_Tee_Charcoal_Back_Off_The_Grid_Surplus_360x.jpg?v=1608409715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12820-YUL /

Resource Hash

e4e2dbe31e130648810513b6e421a5d098e269af02efcb7c067561f80167b86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=1.452,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=14.671,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=13.760,cdnOriginTTLB;dur=14.597
content-length: 18568
x-xss-protection: 1; mode=block
x-request-id: 8982297e5aaca5abeac35a38a5f82cfb
x-served-by: cache-lga21971-LGA, cache-yul12820-YUL
server: cache-yul12820-YUL
x-timer: S1640799100.786692,VS0,VE15
date: Wed, 29 Dec 2021 17:31:39 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Old_Fashioed_Tee_Charcoal_Back_Off_The_Grid_Surplus_360x.jpg>; rel="canonical"
x-cache-hits: 1, 0

OPTIONS mens-tops
offthegridsurplus.com/collections/ 0
0

POST
H3 200 79afenry9euxsfec Show response
app.octaneai.com/get_user_info/ 90 B
345 B 126ms
105ms XHR
application/json 2606:4700:10::6816:22f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.octaneai.com/get_user_info/79afenry9euxsfec
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:22f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe64de9c05d3f4ccbd302e2072d1ae56015678c72682d69ec6ac80c97666a455

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Dec 2021 17:31:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: *
cf-ray: 6c54c3663a14ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 79afenry9euxsfec Show response
app.octaneai.com/get_user_info/ 70 B
292 B 103ms
102ms XHR
application/json 2606:4700:10::6816:22f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.octaneai.com/get_user_info/79afenry9euxsfec
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:22f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90e5aee64ab9195d640649ec7b2e8d7c8d08439e427cfb9a3ee4b7eee577e23

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Dec 2021 17:31:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: *
cf-ray: 6c54c3672b64ecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 otgsurplus.myshopify.com Show response
shopify.route.com/v1/merchant-info/ 78 B
346 B 91ms
22ms XHR
application/json 2600:9000:21ea:4800:11:4cd0:7f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify.route.com/v1/merchant-info/otgsurplus.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:4800:11:4cd0:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 06b17fd2aa84c6e306fb5367d95f6ef2519cdaa1402fd09e06309c1cdd9cca05

Request headers

Accept: application/json, text/plain, */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:42:46 GMT
via: 1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
age: 53334
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: EWR50-C1
content-length: 78
x-amz-cf-id: iZmO1zBJiBmMCQ2zwVPDEwvdqsuwkF7SWBYKKSGj-Yf-JOk2CCmtIg==

GET
H2 200 protect.core.js Show response
protection-widget.route.com/ 165 KB
166 KB 96ms
26ms Script
application/javascript 2600:9000:210b:ea00:2:3d40:da40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protection-widget.route.com/protect.core.js?shop=otgsurplus.myshopify.com
Requested by: Host: cdn.routeapp.io
URL: https://cdn.routeapp.io/route-widget-shopify/v2/route-widget-shopify-stable-v2.min.js?shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:ea00:2:3d40:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3e8afc7c4e74d0e002c6bc764e86d32ae1d21edbbccf0dc1eae17285c52fc5c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: OTZLhVNqfjH6GRcWcqQhAOj8KtDxk_4D
via: 1.1 df1151801209e878a7d395961b098b21.cloudfront.net (CloudFront)
etag: "dcfaa7edb222bf2cbbb5a5dfa972dd23"
last-modified: Wed, 15 Dec 2021 19:18:54 GMT
server: AmazonS3
age: 73901
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 28 Dec 2021 21:00:00 GMT
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-length: 169223
x-amz-cf-id: Q52-8VYv3ptL1IrJOhQiHRhZEzxq9RugH7hiU9QHcgWWaHFY3-gSXg==

GET
H2 200 index.html Show response
cdn.routeapp.io/route-analytics/ Frame 45EE 1 KB
929 B 21ms
20ms Document
text/html 2600:9000:210b:cc00:16:4701:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.routeapp.io/route-analytics/index.html
Requested by: Host: cdn.routeapp.io
URL: https://cdn.routeapp.io/route-widget-shopify/v2/route-widget-shopify-stable-v2.min.js?shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:cc00:16:4701:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb7853461b30af5f2b92346fa97fdfbf22f07c34f01a8d8a574587535c175d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

content-type: text/html
date: Thu, 16 Dec 2021 14:43:46 GMT
last-modified: Fri, 25 Oct 2019 22:19:29 GMT
etag: W/"4defc6d67c29e491df920f430c8be0cd"
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 121f18299e6385d2cf97a45a6dcf2c8d.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: MzEGZdyBhW2ChaAAXoZi3kDCLT7TRnPls4GxeI-ADg6EGnli6c852Q==
age: 1133275

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 45EE 90 KB
35 KB 67ms
35ms Script
application/javascript 2607:f8b0:4006:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148920417-1

Requested by

Host: cdn.routeapp.io
URL: https://cdn.routeapp.io/route-analytics/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c618309a894c1818a4d74df4ed52f8d886b8d04ea7f64556165b7d220d51fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.routeapp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 17:31:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36193
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 17:31:40 GMT

GET
H3 200 cart.js Show response
offthegridsurplus.com/ 283 B
1 KB 94ms
94ms XHR
text/javascript 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/cart.js?timestamp=1640799100768

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

cbf9318cbc1487feb2fdd683a681696924ce063791d874654a8cb428ad3ecea5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS
checkoutToken
shopifyCheckoutAuthorizationToken
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
shop: otgsurplus.myshopify.com

Response headers

date: Wed, 29 Dec 2021 17:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 25921126454
x-request-id: 0df3b9da-5553-4e2f-a53a-35fb0c7e708c
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 6c54c36bd83b7157-YUL
x-sorting-hat-podid: 53
x-cartjs-updatedat: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 45EE 49 KB
20 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148920417-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.routeapp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3041
date: Wed, 29 Dec 2021 16:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 18:40:59 GMT

GET
H2 200 assets Show response
api.route.com/v1/protect/merchants/merch_rKR3pISx3ubAyhPkBLtH/ 2 B
308 B 134ms
45ms XHR
application/json 52.23.99.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.route.com/v1/protect/merchants/merch_rKR3pISx3ubAyhPkBLtH/assets

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.99.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-99-5.compute-1.amazonaws.com

Software

Caddy / Strapi <strapi.io>

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 3ms
date: Wed, 29 Dec 2021 17:31:40 GMT
vary: Origin
server: Caddy
x-powered-by: Strapi <strapi.io>
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2
x-request-id: 12b9f5ff-faa4-4df3-81f0-6f61a2b042db

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_300x.jpg?v=1575534171

Domain: offthegridsurplus.com
URL: https://offthegridsurplus.com/collections/mens-tops?utm_source=ALL%20USERS

Verdicts & Comments Add Verdict or Comment

302 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 23:48:05	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
offthegridsurplus.com/	1970-01-20 08:32:15	Name: secure_customer_sig Value:
offthegridsurplus.com/	1970-01-20 00:06:48	Name: localization Value: CA
offthegridsurplus.com/	1970-01-20 00:06:48	Name: cart_currency Value: USD
.offthegridsurplus.com/	1970-01-20 00:06:48	Name: _orig_referrer Value:
.offthegridsurplus.com/	1970-01-20 00:06:48	Name: _landing_page Value: %2Fcollections%2Fmens-tops%3Futm_source%3DALL%2520USERS
.offthegridsurplus.com/	1970-01-20 08:32:15	Name: _y Value: c017aec3-6510-434d-9c25-ef5f800bb985
.offthegridsurplus.com/	1970-01-19 23:46:40	Name: _s Value: 79cd4b94-04ad-4660-b49e-588c8952b804
.offthegridsurplus.com/	1970-01-20 08:32:15	Name: _shopify_y Value: c017aec3-6510-434d-9c25-ef5f800bb985
.offthegridsurplus.com/	1970-01-19 23:46:40	Name: _shopify_s Value: 79cd4b94-04ad-4660-b49e-588c8952b804
.offthegridsurplus.com/	1970-01-20 01:56:15	Name: _gcl_au Value: 1.1.568739921.1640799096
.offthegridsurplus.com/	1970-01-19 23:46:40	Name: _shopify_sa_t Value: 2021-12-29T17%3A31%3A36.127Z
.offthegridsurplus.com/	1970-01-19 23:46:40	Name: _shopify_sa_p Value: utm_source%3DALL%2520USERS
offthegridsurplus.com/	1970-01-19 23:46:42	Name: shopify_pay_redirect Value: pending
.offthegridsurplus.com/	1970-01-20 17:17:51	Name: _ga Value: GA1.2.1858008651.1640799096
.offthegridsurplus.com/	1970-01-19 23:48:05	Name: _gid Value: GA1.2.1174306788.1640799096
.offthegridsurplus.com/	1970-01-19 23:46:39	Name: _gat Value: 1
.offthegridsurplus.com/	1970-01-20 09:16:25	Name: _scid Value: 4fb63afb-7721-4edf-9dd3-9c3f82b09f96
.offthegridsurplus.com/	1970-01-20 01:56:15	Name: _fbp Value: fb.1.1640799096567.1936642933
.doubleclick.net/	1970-01-20 17:17:51	Name: IDE Value: AHWqTUkkX7Zgp7soXi3XdzBx6hahg3Y1oACWlKSLZ9_DFUOkOEPSW_M0fTPlLLVB
.facebook.com/	1970-01-20 01:56:15	Name: fr Value: 0jZNFdpWQpOtqO2mA..BhzJt4...1.0.BhzJt4.
.snapchat.com/	1970-01-20 09:08:15	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwRHAIAgEwIqYOQk5QroBHKuweL/ua71Zc7nKCkBMqVKVLvo1n+SLztjD8A8aPALBfRUHvcjwlkAAAAA=
.tapad.com/	1970-01-20 01:13:03	Name: TapAd_TS Value: 1640799096789
.tapad.com/	1970-01-20 01:13:03	Name: TapAd_DID Value: 19c5c036-a346-46ad-8715-b55c302d4539
.tapad.com/	1970-01-20 01:13:03	Name: TapAd_3WAY_SYNCS Value:
.offthegridsurplus.com/	1970-01-20 09:16:25	Name: _sctr Value: 1\|1640736000000
offthegridsurplus.com/	1970-01-19 23:46:40	Name: _shg_session_id Value: 7e41c55a-d7c0-4437-a44e-27357528b3bf
offthegridsurplus.com/	1970-01-21 19:34:39	Name: _shg_user_id Value: 1d86fe5d-2e92-487e-b614-105a4655ceea
offthegridsurplus.com/	1970-01-20 17:17:51	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NDA3OTkwOTksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vb2ZmdGhlZ3JpZHN1cnBsdXMuY29tL2NvbGxlY3Rpb25zL21lbnMtdG9wcz91dG1fc291cmNlPUFMTCUyMFVTRVJTIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjQwNzk5MDk5LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL29mZnRoZWdyaWRzdXJwbHVzLmNvbS9jb2xsZWN0aW9ucy9tZW5zLXRvcHM/dXRtX3NvdXJjZT1BTEwlMjBVU0VSUyJ9fQ==
offthegridsurplus.com/	1970-01-19 23:46:40	Name: _rsession Value: 855d62ca434605a3
offthegridsurplus.com/	1970-01-21 02:03:27	Name: _ruid Value: eyJ1dWlkIjoiOGU0YmExMWQtZmIwMi00M2VmLWI4YjktNjBmNTBkYmI0NDk5In0%3D
offthegridsurplus.com/	1970-01-19 23:46:40	Name: _rutm Value: eyJ1dG1fc291cmNlIjoiQUxMIFVTRVJTIn0%3D
offthegridsurplus.com/	1970-01-23 15:22:39	Name: octane%2Fshopify%2Fuid Value: 15ed731f856d7e84a53b0f3ab3afc254528932cb2b5e6001948eb850fb41b930fdc7e0f6a402782a7cf634e0bf027441f9173ba93de63b6fe68dd52d

205 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/Oro0V7LQ5Wx9d83N.js Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

796512322.privacysandbox.googleadservices.com
analytics.getshogun.com
api.route.com
app.backinstock.org
app.octaneai.com
apps.mageworx.com
assets.gorgias.chat
cdn.avmws.com
cdn.rebuyengine.com
cdn.routeapp.io
cdn.shopify.com
cdn.verifypass.com
cdn1.stamped.io
cdn2.stamped.io
client-builds.production.gorgias.chat
config.gorgias.chat
config.gorgias.io
connect.facebook.net
easy-redirects.s3-eu-west-1.amazonaws.com
fast.a.klaviyo.com
files-shpf.mageworx.com
fonts.googleapis.com
fonts.gstatic.com
fonts.shopifycdn.com
googleads.g.doubleclick.net
intg.snapchat.com
manychat.com
mccdn.me
monorail-edge.shopifysvc.com
offthegridsurplus.com
pixel.tapad.com
protection-widget.route.com
rebuyengine.com
reginapps.com
sc-static.net
services.mybcapps.com
shop.app
shopify.route.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tr.snapchat.com
unpkg.com
widget.manychat.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
cdn.shopify.com
offthegridsurplus.com
104.198.248.251
107.178.246.49
13.225.63.100
13.225.63.75
142.251.40.162
142.251.40.194
151.101.130.133
151.101.194.132
151.101.194.133
151.101.2.133
151.101.66.217
18.185.191.84
23.227.38.33
23.227.38.65
2600:9000:210b:4a00:7:67fb:be80:93a1
2600:9000:210b:cc00:16:4701:e4c0:93a1
2600:9000:210b:ea00:2:3d40:da40:93a1
2600:9000:21ea:4800:11:4cd0:7f80:93a1
2606:4700:10::6816:22f2
2606:4700:10::ac43:c7d
2606:4700:20::681a:631
2606:4700:20::681a:731
2606:4700:20::681a:e87
2606:4700:3030::ac43:d2f8
2606:4700:3034::6815:4436
2606:4700::6810:7aaf
2606:4700::6812:1cb4
2606:4700::6812:1db4
2607:f8b0:4006:807::2008
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::2003
2607:f8b0:4023:1407::9d
2620:1ec:46::70
2620:1ec:bdf::70
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:a00::268
35.186.226.184
52.218.29.24
52.23.99.5
52.88.109.193
67.205.138.90
000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e
009ff8df09f4da6dcf081ca36a6fe08ba1085e1d3804da120462769231a0bd0e
03261fbbc905682630e5aa65bbadbcc06c525bf853844b015e02a3fddf385ab9
04c4578362c0c9da6a4cc6b6adb7af9d7e358494cb4e1f5ac6f0094f8454ea78
04d7ca922b067aabd6a958b6bfc780390d9b6df764c1ca1b27f1639303726cec
06b17fd2aa84c6e306fb5367d95f6ef2519cdaa1402fd09e06309c1cdd9cca05
0728780b4b82349f776f0a02453f90b2b9927bd838c501d4b83794dc53f84381
07c1d5e470cfce1de724cf121822b91bb691496f00b43a92126a8bd46e7e25f5
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
098bfe70ca961917756a266f53c4bac68f64dbf6d2f310ae45cb423883b79568
0ce7b8ab76accede35d76c6d14a3a3f250081ece1344009a0262cec182a86a9e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119ac1755a81c44cdc6980a700ed8edb6b4e1c996f33fa3b53ea610825205430
126904f2376de8b9f8e3862bbed7ca39cd9304c738a4167e4ec7594ec2df56f6
12b8f46d36c08ebd4b8b3727043d3be59ae9bc616dd0c1ce814e319727b4c0ac
12c32726157ba0336b4c3ed889cc847c1f1e4d4db7c6ea1d02903957f1abbf63
14fc7825102f0dc6cf11734a114ea27eb98e0783c2d907d8843ac720b7eb1475
16a2b7bd2888b4082a8dc33e0444e42c6aab20dc6178f523643339412c9c0683
18754e2fd15b48c74422a969233fbf8a6a0dcbf128964539dc88571b9cae165a
1ae5e315d9a282e45e5c7f1515f05482eebd4be770acfb7579168f2c466c327c
1b70fc64b906a4a39809e011dc9783099231c58c948a5d02d86a81419638dcd9
210f80b61e1976137c421022760989a5f915d4fcd1c6f80a2513f9d4d18db40e
214762c449322bc1e6937fbb85062c4cd6dcbe12bd43ffa98ece1b72b212998a
23555278462a12a92d6ca5838bf005032ba0be3d348e66e31673e98c42e22f62
23c50cb52b7a844d64106e8d4b8ff612a9d1fe60e5f98dcec7ee3005b41f2886
25c12368ed9cca148c5bac208a60a9102172ad856e865f7650ce0317152a8724
284640950d838451759afd9e4bb7e9569e8a5fee43105c87c8cd34aa57fa4b52
28fbf3b536dee83b18754f754eb2cbb33c3a4e3cd1592c37fade9b4d7c7e281e
2af2b7f88ab3e6576c237c1fdedf3283b91913a8b57a88a4706cf6046342daac
2deee13a48ba2fddd9440dd1b711193236285f8cc73ed5692055527a100cb35b
2e1af76b32424786d5f7c29d536a46040b1d80f4480d71d5956a80abbe65df59
32340fee25d1a7886b385adccc9f7fa08cdb2b3dab04c734f81cf77003d9689e
32d2a0a69e21d30ef5896266ee205a44cddf2b0215b125eb64468d5daad6adca
357d614c20b8d22757fa3ea0410063eb441553a40e32a8027a6cc89f207528dc
369486ccabc778f274609c968be0dec7417f815c887db9b1ef6fab0d6a1e64da
3767b20b36502d9e11f6cd5e6005679fcbfa50447d358bd5296b4ae4eb892df2
392f73589721cf428857976d649a537a783a4a5efb1ccae6ca6cfd7d5d528f58
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3adf315100cc7bc9c2745077441147d9d10fdea4e915911b0a1831fad357b71a
3c370d894a4e5946cb161e6603763984c5d7b4f2b80a4ebd0fe9635834a5d558
3ccce4f091a6d13da4fe1cbfa53e0e896f56c95a1f632bdd7617fb012555bb5d
3eac6b6ca0df419caa2b1951fef60f59bd036969221bc6d3d9784c5ba5d9a062
3faeefff776eca6ab54add715a54b3a4eda55a78109e1b0618531dad79e1ebfa
440f5c6f628d0b1dba7a3009f7f9b3937abf754c9b649ec8b161336db199b4fe
442e79c2635c1adb9c77d3c375f35df5ab745da630e7e306905c980249ff9b53
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66
4c0752b37b4f74e2e83dd5c1a8dda11d5f3a0534d857ea7a50a7e87530270d21
4d0e97fed87be5da022b5307725e690b7a567621b0d16c8b57e17d88d9baf39d
4dc7f2eb67f9b4b4b32f2c1bb5f6585176af28787145a03908311536989e7cc0
4dd73adb9c49eb0e3909817c421a75756e0fa55baccb4e9579e7b6b0a2909fee
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
53362d8dc2432d62569537c9e3e74f63faeb6c6c3cb504e2117fed3c729136eb
53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0
546ab4b073e1f9c80d12d5ab38315399fdb41240430ee24173a7d6c53c92e69f
55bfef53c0f1364e940a613be14eaeddd95641a48710b51b2456271d570dd0a3
57e2eb64984035dad80abb8383388398896739e52fdb66174b04dfac3eed32bc
5be5b9b53afe130122b4acc8748c5cf17225eb0f2dc5850c7111eca37e8afd48
5d162d486c81f04d872d17a0986ec27287959c1b62daf98b811c3f56b440b59f
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61f22f4fcb3beaf7ceed8d48827a9b505351ca31318ba468ec98e33f190f7e6c
627769b33c02240b8125d37b8cb27eb06e15e158e60b89e3cba5547d9ac9a002
6383fbd9c9377155aec82349de48bb6c9e09066c3ccb361a9a7a403001e47614
643bd02ad14ba953146cf016d6781ad6320e694214bbb3c455ad1b0f383c4915
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6a845eb7d88fe54948f3fb6eae481cf57a2b7a4bbeda43d6bb35970011abca37
6b07d28a62fadeee2a1e118b23f9706eb02418e05d1e1498af5624fc7200c66f
6e7c72159cc27c709e5cd6857eb1ec68a7ab4935a791b076d59eb52f30e025cf
6ed035221de592eca192ee5188314f9879f9516ba6be35c782510c9964be6fe9
72bc6a16fd01a83a282469da132926215c7cb24923d7b273ee3dfa1b3ea2d4af
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
772775a8afe578b1d78779fe067fc20f252b86ca9deeed3750478974c01a8590
787666ab2e064009031ebafb0ee9fa78e89f536041b9b6a288ff71731c761603
79885c42f306535793fe4985a6e7ad95e81f1c7cd6eed6cd487dd979c296b718
7b88697dc203489446e7ee760be08c7ae7a319290c19f871e30c9401e98711c4
7b90244307a6ab8c4cc068e4afc74ed01128c2592c1783368eac106529c004c3
7bd4d468b438f2707631042f0650b5627be90b48a90b527ebd29cf5d8a056d58
7c1e6a9ba802ea841ae37cf17c683478c8175ed42f0852ccb7c603ef8b3a33e1
7c618309a894c1818a4d74df4ed52f8d886b8d04ea7f64556165b7d220d51fd2
7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af
7eb561c2cafef5ecec6ee529c1563d0cd43db7e2fcc3efcc958425ad870b9a1e
80ecdc5ea27ad0b02e22221601221ddd61b0492e09a122808b151b8013af7314
813b228bfb997d61c1f33c8ed07cdcd92888efa200c5c2c95a2f1c2c9f18d368
81f7da941a82546d2f6d2e09319016668484769b4586f698e171f57c9cf464dd
8299e7fed6a486f5288d1669989742db5e3bb247aa4651169b0d3bc7c6268d14
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85498129ec04880c8586191f63f549149f84f0e467c03adc6337366aadff879b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
8af58e90172230facb650303601db667ed8bb7e149e842384415638fb0b3c70a
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
91e8ca1b3c98985246ed00a756c863bcdabd5a791cb3d59b6c2f142b09469ca3
92cb1d5813aa2552b90961426870a4b29be2518a7353082bf19f726483420f9e
94f4618c97d30aa5542f8893d9ddb92bbc311471edc2754ad55e594d2be8bd86
95c1f4870b98942e5b675c5c70f103dd5bcbc1c8098b2c5580291452557f945a
9629c5ec5688788c0b42eb2b9ba3b9c5fc17e54f641cbd48a176e01b55342c2d
96b38302cfbad43622521e7e10577027299bc0070b50c2f0ab29afb927fa4f26
97086e03343c6995a1f10f4fd6bcee26a26fcf5f94ad48a19f88bcb7d73cb59f
981d749dfea45279e6980db98c3578386fdcee15377afcb7fe27b7c3622bf46f
9a29ba0f6932eb8739dd912132b404719aee8a8506e428f4395fd7816f8312cc
9ae4b9635bca9a1055428b68cbcf464dc86ca0cfbfa523f00f3324bc859fbc27
9b24aa83d9a2fdd11b220589363528e3f6022811e0fa140177ff91fa7f0956fe
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9c503c9a47449bfe285503dbd9987ab6f8dad57d340b50baa9f397f12a2737d3
9cb727cf2682c975a79366d9b2a86dbae1709904c579a19e4270f02e56ac0fd0
9d7d00fa3933186713cab4f9bb9889b25bdfc52f4a6629c1268b234a4c140bf5
9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c
9eb7853461b30af5f2b92346fa97fdfbf22f07c34f01a8d8a574587535c175d6
9efdec42c1791c4bf61a58fe45fb959e475944316465d67aafccd2967052a458
a01763cfabcc78df1a60aebad4eecee440a0f596379c4439811e3ee0c31329ee
a0b9959b58ce19a6cb1023d60b40a23216f2ce95996e50f3b8e7e177b65e8a9e
a0fb3fa8869c0f8ed9cc4c170d50e2f4c7d377e78b2e03d8e25735085194ef9c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a3e8afc7c4e74d0e002c6bc764e86d32ae1d21edbbccf0dc1eae17285c52fc5c
a4210ade60d5b7d00769d91619148e738767108818212e45edbf32996c9adf00
a42898b0f631a4f9625aa36cb6cfe4f4459fa3fb9e43c52611b3852922f5a5e7
a4a4a715624396db26d9da24f5d9df223c0d3834616ec994f53d2bc4c70cc355
a4cbd80926d06eb9cb19c1498ef0a86446f65fc46fe8180230fcc7a43950c78f
a4f00910898d52a5c3d43c47e6234d9bd6a1fbde7d85a1a0203fb861bae16470
a5053567e6cb48aeb3cde3c48c745ef891dd0ea20ee643561facd301d24c9085
a688b2f6a4f1192454b282c3c48eceef618d23c7d8e5e50fd9c814397c2a2730
aa7aa65a5e482203dccbdeb361737e99b6702f87f6c8e4b36ef5fd7b1e19bcc3
ad56135c8709b7aa95518e30ba3bf70697ccaa6aad01b7d154f16f45f752e1e6
afdb988e1e395fd09e6db7b8c07a13acaf3aab7cea668159573c73907155b6b0
b05a23e1e7b9cb24f820034e79b75822dc585533a91d6a34faa47cd3e3088a87
b09f95c67a1eeb461621224361d070461774ac807df1110cd23614d217f1beec
b1785d5d792bf4a89a05b874067db9ce766a324be2031adb48dca6c000cbbee5
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b53fe824d949cf67350f05e471946b50432a5ccbe8223e01c01379760056dc99
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b64c860968abd8c89c202b115db4768b5d97422c9bfadd51ef2a8c64db4a4c5a
b75e2eaf064cf7619e6e397cb613befd6b3490714b02f4e8071646b26389b83d
b8cd11c961a4abc8d9211c50fa4e3c93e11752b14c529a3a09ae25432b3fdd85
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc933bda55f83479e438bcdc85b0c408b5575e61b52cfab78faa76739646d528
be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3eb4175a08fcf646254c229c413f13ad74519b71c0a1c83040d4065c310ccd7
c47aee1e311f6815ef6af5b97db497cca533522f5b76218174eeac0c825c3fd9
c6b297b1797d720234e19a4d5208f10120afc9cb8eda8db02b55ea8fa1e7b3cf
c74a82341e55b424c8bdb377e7fe1e02fc6abe3b21721572ac89b0aa2ccf93cf
cbf9318cbc1487feb2fdd683a681696924ce063791d874654a8cb428ad3ecea5
cc0471d6ed70bbf70f3ea7c0d4d0237544907cd43f6259b0c239720dbd3cbba7
d0fef5189d5f409384831d0a7878d155f1aa3caf0ef510e0f05bcaf2463cf453
d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73
d28e6655dbe8511d924a3a42641b948d47072647e81e9b8ab7fc0354bc806ead
d4d5fb1161305d7d2ddf97dcdc67ad850ccbf4f50623f2a2033255d98619dec2
d72990add621f49f021a0e527a7f91be7ec71570c024c55eab5d14dfd5b2c4c1
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d90e5aee64ab9195d640649ec7b2e8d7c8d08439e427cfb9a3ee4b7eee577e23
db25d19f94b4e7d012f94d05bcc6e276b65b4d40701bbf16bfa06a585248ab6f
db5a1af6805feccb072ef3f8f4b0fd2de21422dcf655e34208782d411b03c22d
decadbf784d4b18cb48d1d98ac47344173662f4a62eb4f6552e3487aec1ac1b9
e0e7a66791325527c20e666694fc3c1dbbf4056420b5b28eb775b15ad0dd5002
e304bd3f1e292076d36fc6bd4f82dfa1168a2d3e1c3121705f7f27e5a89581a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e2dbe31e130648810513b6e421a5d098e269af02efcb7c067561f80167b86b
e5c092e95f38248ca06af625b3acb600ed031ed46274bf1050f78c11787bc34d
e754ac6a863e9650b4432de68b0cbc5deef2495a1573bbbc0ac607f35295b2ec
e7a6d0d9baf1317fa11a820ed536426566a6df1b427239ccaac8b47228cb88f4
e83049ad4d62a3d853e19ee2bcf30b7695582e92793b173719723eeae428628a
ebcf92a57322f2cc58e0e0866c10b32364b592d60ae0703a3ab8f7cbe9e41eb0
ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305
edd6d17801d56024162590291490d1560ef06d1831ed0721d2191841367a74b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18ffe3c0db4fb9f98235581ffc3020d6388fc6a1df8a9f51051c107c8ada786
f33c6ba574d801c2090a4e8027e6a551dfc17d5fd5c08f9ea59a5fee7a4cd359
f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840
f915d80c2c9926d77acfacd0a3ea95c4c7eaf0381797051f4b3319e7c4e584a3
fad12d868b24d7ebc093481e6cd8fce73cd3baa3b7108fd1512ad24b04c9c8cc
fbe5c6d5f501249b3a91381155a58a017883450ea5483688a98014a16963066a
fcd0e1cc60c87c8b844e2203e61394ce838b4b020b5ad26ecc1a3aadd849d903
fe64de9c05d3f4ccbd302e2072d1ae56015678c72682d69ec6ac80c97666a455
ffe5ded2b2f74a469739ae0672374c397de9c5a11acd3eaf29f496bbe681eb52

offthegridsurplus.com Open in urlscan Pro 23.227.38.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

225 Requests

98 %HTTPS

59 %IPv6

38 Domains

52 Subdomains

46 IPs

4 Countries

3512 kBTransfer

9882 kBSize

33 Cookies

8 Outgoing links

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offthegridsurplus.com Open in urlscan Pro
23.227.38.65 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

98 %
HTTPS

59 %
IPv6

38
Domains

52
Subdomains

46
IPs

4
Countries

3512 kB
Transfer

9882 kB
Size

33
Cookies

225 HTTP transactions
4 data transactions