urlscan.io logo urlscan.io
SecurityTrails logo

apple-cart.trybandoo.com Open in urlscan Pro
2606:4700:3108::ac42:2bd5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apple-cart.trybandoo.com/
Effective URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Submission Tags: @phishunt_io
Submission: On November 08 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 1 countries across 20 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3108::ac42:2bd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is apple-cart.trybandoo.com.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.
This is the only time apple-cart.trybandoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:310... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.96.102.137 396982 (GOOGLE-CL...)
1 34.144.207.37 396982 (GOOGLE-CL...)
1 13.33.251.140 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
11 151.101.194.133 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.2.133 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:33::10 8075 (MICROSOFT...)
5 184.28.190.9 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.130.133 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
62 26
3    2606:4700:3108::ac42:2bd5 (United States)

ASN13335 (CLOUDFLARENET, US)
apple-cart.trybandoo.com
4    2606:4700::6812:a075 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    34.144.207.37 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 37.207.144.34.bc.googleusercontent.com
cdn.node33.ai
1    13.33.251.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-251-140.jfk50.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
11    151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
fast.a.klaviyo.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4504479358124032.ingest.sentry.io
3    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-tracking.klaviyo.com
2    2607:f8b0:4006:806::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
5    184.28.190.9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-190-9.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-forms.klaviyo.com
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c09::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:36::35 (United States)

ASN15169 (GOOGLE, US)
timetoloadv2-f2ow6o2dfq-uc.a.run.app
Apex Domain
Subdomains		 Transfer
16 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3421
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3995
fast.a.klaviyo.com — Cisco Umbrella Rank: 4576
static-forms.klaviyo.com — Cisco Umbrella Rank: 4254
87 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 817
137 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
617 B
4 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6168
119 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
3 gstatic.com
fonts.gstatic.com
123 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
247 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
9 KB
3 trybandoo.com
apple-cart.trybandoo.com
3 KB
2 run.app
timetoloadv2-f2ow6o2dfq-uc.a.run.app
132 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
551 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
74 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
144 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 12143
63 B
1 sentry.io
o4504479358124032.ingest.sentry.io
300 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
32 KB
1 node33.ai
cdn.node33.ai
169 KB
1 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2896
1 KB
62 20
Domain Requested by
10 static.klaviyo.com apple-cart.trybandoo.com
static.klaviyo.com
www.googletagmanager.com
5 analytics.tiktok.com apple-cart.trybandoo.com
analytics.tiktok.com
4 www.facebook.com apple-cart.trybandoo.com
4 static-tracking.klaviyo.com static.klaviyo.com
4 cdn.prod.website-files.com apple-cart.trybandoo.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
apple-cart.trybandoo.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com apple-cart.trybandoo.com
www.googletagmanager.com
3 apple-cart.trybandoo.com 1 redirects cdn.node33.ai
2 timetoloadv2-f2ow6o2dfq-uc.a.run.app cdn.node33.ai
2 analytics.google.com cdn.node33.ai
2 connect.facebook.net apple-cart.trybandoo.com
connect.facebook.net
2 www.google.com www.googletagmanager.com
2 fonts.googleapis.com ajax.googleapis.com
client
2 unpkg.com apple-cart.trybandoo.com
1 www.google.ca apple-cart.trybandoo.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static-forms.klaviyo.com cdn.node33.ai
1 fast.a.klaviyo.com cdn.node33.ai
1 o4504479358124032.ingest.sentry.io cdn.node33.ai
1 static.cloudflareinsights.com apple-cart.trybandoo.com
1 d3e54v103j8qbb.cloudfront.net apple-cart.trybandoo.com
1 cdn.node33.ai apple-cart.trybandoo.com
1 dev.visualwebsiteoptimizer.com apple-cart.trybandoo.com
1 ajax.googleapis.com apple-cart.trybandoo.com
62 26

This site contains no links.

Subject Issuer Validity Valid
apple-cart.trybandoo.com
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
prod.website-files.com
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
cdn.node33.ai
WR3		 2024-09-16 -
2024-12-15		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
unpkg.com
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
static.klaviyo.com
R11		 2024-09-09 -
2024-12-08		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-03 -
2025-07-29		 10 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
static-tracking.klaviyo.com
R10		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-17 -
2024-11-15		 3 months crt.sh
fast.a.klaviyo.com
R10		 2024-09-09 -
2024-12-08		 3 months crt.sh
static-forms.klaviyo.com
R10		 2024-10-17 -
2025-01-15		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.ca
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.a.run.app
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Frame ID: F09149412DFB22210A5B306A576E0003
Requests: 60 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapple-cart.trybandoo.com
Frame ID: 65FA48121E3BD40A707823BC2D8EE2D9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-M1BVHWVHCN&gacid=1998602144.1731028933&gtm=45je4b70v886639480z8849249172za200zb849249172&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629&z=1060844886
Frame ID: 639924DEE5DADDB7131F300960ADEFA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bandoo - Cleansing Foot Patches

Page URL History Show full URLs

  1. https://apple-cart.trybandoo.com/ HTTP 302
    https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • klaviyo\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

68 %
IPv6

20
Domains

26
Subdomains

26
IPs

1
Countries

1173 kB
Transfer

3616 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple-cart.trybandoo.com/ HTTP 302
    https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
apple-cart.trybandoo.com/
Redirect Chain
  • https://apple-cart.trybandoo.com/
  • https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0e34d7703d7f3101e525ce45ddfe4ed3cc1ea2bd1dc75b74ff0bfac526d68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8df1c0267f1641d2-EWR
content-encoding
br
content-type
text/html
date
Fri, 08 Nov 2024 01:22:11 GMT
last-modified
Fri, 08 Nov 2024 01:22:11 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=31536000
surrogate-control
max-age=2147483647
surrogate-key
apple-cart.trybandoo.com 66daa3f7bd5bb57572ccb7fb pageId:66daa3f7bd5bb57572ccb7fd
vary
Accept-Encoding
x-cluster-name
us-east-1-prod-hosting-red
x-lambda-id
6eb20d3a-34a6-4475-9515-2e830a315a56

Redirect headers

cf-ray
8df1c025de0a41d2-EWR
content-length
0
date
Fri, 08 Nov 2024 01:22:11 GMT
location
https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
server
cloudflare
vary
Accept-Encoding
bandoo-cart-staging-155b08a65b801f1e8b6.d2de516a9.min.css
cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/css/ 		280 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/css/bandoo-cart-staging-155b08a65b801f1e8b6.d2de516a9.min.css
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecabf396531beef7f6c20e533a26edb5ef5bb12879d30d191035ad2524191d4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"363db4af7f464647de735b5c9d29b6df"
x-amz-version-id
zJIZ9CI57tRutXzUbZHONhxMsrqthNJr
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
text/css
last-modified
Mon, 16 Sep 2024 10:37:02 GMT
vary
Accept-Encoding
x-amz-id-2
b9peipaeTPhQlrFKVmbCJxvdhYAFRQr0VBbciM+ypr/h00+XTol5BsRu1PEhtlfw8PwCAJFlYtk=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
R6YEGNNKS20NXWPC
cf-ray
8df1c0294a0218d0-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
42717
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
age
20194
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 19:45:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 19:45:38 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
581801.js
dev.visualwebsiteoptimizer.com/lib/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/lib/581801.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
26543e143e98cd9274d627eb3b593454d37faf0dfc23b6bff93b5f682297ced2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407

Response headers

cache-control
no-cache,max-age=0, public, max-age=0
content-encoding
gzip
etag
W/"1730972878"
via
1.1 google
x-computed
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime
0.003141000001051
date
Fri, 08 Nov 2024 01:22:11 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
gnv1
main.js
cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/ 		551 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.144.207.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.207.144.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d41ac0e18c3aacf5c39976ab50fd877ff0fec9720f022d7d082a1527333116cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=QtPX/g==, md5=gPDnPy8BUL/MIH0S6WVJjQ==
content-encoding
br
age
0
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
563717
date
Fri, 08 Nov 2024 01:22:12 GMT
last-modified
Wed, 19 Jun 2024 13:51:28 GMT
vary
Accept-Encoding
content-type
text/javascript
x-guploader-uploadid
AHmUCY1KFvKxKKYCyXwiuBe5EkfgcGbovM1QDVELT5F7qUsV3BDly3haR5_G_LjGFBlRPprziGAl-OxH7g
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1718805088182657
content-length
172277
server
UploadServer
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66daa3f7bd5bb57572ccb7fb
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.251.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-251-140.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
19387
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
LfdV9pG5dlokfQmTiB2x5weSvw729oGlnJ4-hz90_rMFqpulMOUk-Q==
date
Thu, 07 Nov 2024 19:59:06 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
accept-encoding
cache-control
max-age=84600, must-revalidate
via
1.1 4118eb7b967838562b3ffdc0051e0fb8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P10
server
AmazonS3
bandoo-cart-staging-155b08a65b801f1e8b6.0f150a781.js
cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/js/ 		187 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/js/bandoo-cart-staging-155b08a65b801f1e8b6.0f150a781.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e149dbb616bedddb3a5f9cd6d923d14e52cf7fbdc077660f7321148498c90a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"7ce518a31e70960ffca588fc262dcc5d"
x-amz-version-id
8acxEypY0Fgv82i.s7sa3d79ydnF96i9
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
text/javascript
last-modified
Mon, 16 Sep 2024 10:37:02 GMT
vary
Accept-Encoding
x-amz-id-2
5Ve22SUptcWc/iAruCj/Kuyr8DO2VBHTlhabzp2KmKCNSVTJDEaumxvW0qgsaV7R3dRWd0vRh7E=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
R6YDH6SDJTSBWDMY
cf-ray
8df1c0294a0118d0-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
65941
server
cloudflare
x-amz-server-side-encryption
AES256
polyfills.js
unpkg.com/webp-hero@0.0.2/dist-cjs/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/webp-hero@0.0.2/dist-cjs/polyfills.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e971227d19899f22600856ab962b99eb2be1bd48c094cb48edf01120bd15f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c77-yaBs1pA5mveNzFBZf3vjHoLZaT8"
age
1328800
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JAX2JWSW2TGX35ZKZ9827MQT-lga
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8df1c02bdae1de97-EWR
access-control-allow-origin
*
server
cloudflare
webp-hero.bundle.js
unpkg.com/webp-hero@0.0.2/dist-cjs/ 		339 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/webp-hero@0.0.2/dist-cjs/webp-hero.bundle.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefeb3811e0512c505a4c5ddd9e743dd178375fa655c4884321679c4d4094c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"54c96-JAu9sYDENEw/mFuwU6fwQcWfMM0"
age
20680713
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB5BN99CNEEPS4Q9A5BMN1-lga
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8df1c02bdae4de97-EWR
access-control-allow-origin
*
server
cloudflare
klaviyo.js
static.klaviyo.com/onsite/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2f6093e31d13c5eb54f547be4ee7456c5a93bb49118ce8d73ee0f69fba8a95f
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"adee0bd35c15ee19d2ba9d36c38254be"
age
5598
access-control-allow-methods
GET
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript
x-served-by
cache-lga21930-LGA, cache-yul1970073-YUL
x-cache-hits
18, 0
access-control-allow-headers
vary
Accept-Encoding
content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
cache-control
max-age=1, stale-while-revalidate=10800, stale-if-error=86400
x-timer
S1731028933.622247,VS0,VE1
access-control-allow-credentials
true
allow
GET, OPTIONS
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
2356
content-language
en-us
server
nginx
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8df1c02c8e4a7d11-EWR
access-control-allow-origin
*
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa37b2e4408c24dc06ecd25bc9ffbbddecd19269d96a5b2cf9743528292fd97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 01:22:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 08 Nov 2024 01:22:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
o4504479358124032.ingest.sentry.io/api/4505713674485760/envelope/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504479358124032.ingest.sentry.io/api/4505713674485760/envelope/?sentry_key=135a4f701a55187598a73518350aee23&sentry_version=7&sentry_client=sentry.javascript.browser%2F8.9.2
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://apple-cart.trybandoo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
gtm.js
www.googletagmanager.com/ 		394 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb341781c7330fb28bb6b0592be730f2464bdc94c166264717b410c609365fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 08 Nov 2024 01:22:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 00:32:27 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
120279
x-xss-protection
0
server
Google Tag Manager
66daa3f7bd5bb57572ccb87e_footer_logo.webp
cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/66daa3f7bd5bb57572ccb87e_footer_logo.webp
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d776af740fa7a0e7c0cb158bf32142169b1dc7fc9fb0f5e6e75e2d14865e727e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

cf-cache-status
EXPIRED
etag
"c26af85ca2c27f58fd47e4517720ef70"
x-amz-version-id
Cfkw1gss85JZ2jDPxOUSninfiFFt_nPU
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
image/webp
last-modified
Fri, 06 Sep 2024 06:40:57 GMT
vary
Accept-Encoding
x-amz-id-2
SaOrFzcmmFcJpbRZz1ktEcBe8R3utp6Mnz7uWkb+6XYOgILW8I8fMRYpKk7FBpGTAWVHkCs/MvE=
cache-control
max-age=84600, must-revalidate
x-amz-request-id
R6Y3C9AZFQP7KEZR
cf-ray
8df1c02b9cdc18d0-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
8770
server
cloudflare
x-amz-server-side-encryption
AES256
f21bb746-875a-4aa7-9057-c7608e7c97ea
https://apple-cart.trybandoo.com/ Frame 		0
0
truncated
/ 		58 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://fonts.googleapis.com/

Response headers

age
109528
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 18:56:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 18:56:44 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v29/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://fonts.googleapis.com/

Response headers

age
108493
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 19:13:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 19:13:59 GMT
last-modified
Wed, 06 Nov 2024 17:30:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39608
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://fonts.googleapis.com/

Response headers

age
73028
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 05:05:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 05:05:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
fender_analytics.04ab38f130b37e59f5d2.js
static-tracking.klaviyo.com/onsite/js/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.04ab38f130b37e59f5d2.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e913234e3123ba8a5d535706253505bf4e1c5260f4a28ea8c31fbcfcb6b8aaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"c00d53f438ea65f2db1f84c264cf714c"
x-amz-version-id
yzchsteEWmJB1oIUQ2WGXYi9VgiVet_U
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Thu, 07 Nov 2024 17:02:38 GMT
content-type
application/javascript
x-served-by
cache-lga21925-LGA, cache-yul1970049-YUL
x-cache-hits
86, 2311
x-amz-id-2
rb0zTsZTl5gTXbNvDZL7prz7pcUmFGLgbfSy+Tp81J20+VWkJDUZPOpbYfumFsq/BQ8LkGkP9VVOS8BqbNXNchozjR3hASMC
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
aaa4b6085cbd632503eaf0997667570ce306da01
x-amz-request-id
B9FVX2T845KAFC4H
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
12403
server
AmazonS3
x-amz-server-side-encryption
AES256
static.8d136cd44b74e8189276.js
static-tracking.klaviyo.com/onsite/js/ 		495 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.8d136cd44b74e8189276.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eaa7d84867f4a3f58d1cff2d44b4d4adfcc58072a48d761fe092b7e6172b253

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"264b8a3f80d7760ba761881fd76641fb"
x-amz-version-id
6zlTE8Co7OjOY9GYezYqIio1d6NroU4.
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Sun, 27 Oct 2024 19:37:22 GMT
content-type
application/javascript
x-served-by
cache-lga21975-LGA, cache-yul1970049-YUL
x-cache-hits
10, 2084
x-amz-id-2
14Qf/sarMCfZ/KOrGLmbQwQ6hufraCUQXzA+i7KyoiQIPxYOSg3RFAB2pGFJ3/z8hDtOLE9UsAACMOB/LHX2SA==
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
2b402f8568bcce13fb51a14008ebe3527f498a90
x-amz-request-id
FSBWPMGA65HMDDGR
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
280
server
AmazonS3
x-amz-server-side-encryption
AES256
runtime.1ccc035988c65d5c6d30.js
static.klaviyo.com/onsite/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.1ccc035988c65d5c6d30.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
266aee1c7ddee3befe8e5c15229a34e7355ffe603f6e707a3321457879bf750b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"c1fcb38dc8b43126422b0bf217dbfe5e"
x-amz-version-id
an61YSOnZU3OJw4kHz4hmjBRgznYPC_H
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Thu, 07 Nov 2024 22:11:51 GMT
content-type
application/javascript
x-served-by
cache-lga21935-LGA, cache-yul1970073-YUL
x-cache-hits
94, 2280
x-amz-id-2
kabi2Ra+wOPRE/TcKFF2JwBHqMGxZn8+nVF+C6diFfRlTFSytB9U3OFtJHpFHO3pBFR/YJ79V7l9puAdOR+JnxyQRKi73zpd
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
998293b58dc5634df1f42182517896dc6755c2d4
x-amz-request-id
3884Y2MKZ0Z853YR
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
7832
server
AmazonS3
x-amz-server-side-encryption
AES256
sharedUtils.5c9dd35782316441d37b.js
static.klaviyo.com/onsite/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.5c9dd35782316441d37b.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c62f3218c0b289ec5709c615aa14974fa3d88cbe64534ac0cca52cca51c3ac32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"547aeff69454f5cf9c3bb7e0a8021dfe"
x-amz-version-id
D0_fAy6ataiLh1WPb8vjPZl8RAeHpW7I
age
5622
x-cache
MISS, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Thu, 07 Nov 2024 21:33:49 GMT
content-type
application/javascript
x-served-by
cache-lga21963-LGA, cache-yul1970073-YUL
x-cache-hits
0, 2281
x-amz-id-2
ulpB4hYk1v1rsi54r5P1wzN2+GgyTkwBkn1QwbZ2AP2RgHq96LA5bfPc89Uf15YJ96d9jQu3Z23THy9vseNVZQ==
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
9c9d4648388573789d56c980b867a7f28da8a438
x-amz-request-id
X8ZDS83GN9PBMS96
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
18359
server
AmazonS3
x-amz-server-side-encryption
AES256
vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js
static.klaviyo.com/onsite/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"bcbe97b98d6018eab1657c41ede222ec"
x-amz-version-id
koU66rAhxgXV9cTy9.T7JVXvuE.g_oHk
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Sun, 27 Oct 2024 19:37:23 GMT
content-type
application/javascript
x-served-by
cache-lga21975-LGA, cache-yul1970073-YUL
x-cache-hits
291890, 1624
x-amz-id-2
XwZWa0BeyyyYvqwyW43AzUM+6G1V0Fs40PqlJIw6ohCKa1+26NjsaM0c2EJxss9wqKxSlc+wXaJZjSjrxvJuDg==
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
2b402f8568bcce13fb51a14008ebe3527f498a90
x-amz-request-id
FSBNM07V12EKMZ4P
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
4100
server
AmazonS3
x-amz-server-side-encryption
AES256
vendors~signup_forms~client_identity~onsite-triggering.a5132836f59bf0572cba.js
static.klaviyo.com/onsite/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~client_identity~onsite-triggering.a5132836f59bf0572cba.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d702707f2225f15e41a83292f1ae349fabeb590c257526b64abaeaf53c76357

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"ca61644148c891b88f740e4084dd00a5"
x-amz-version-id
rky2meUvBQZRBDGwcKWjl.QEunSIr5Tb
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Sun, 27 Oct 2024 19:37:23 GMT
content-type
application/javascript
x-served-by
cache-lga21985-LGA, cache-yul1970073-YUL
x-cache-hits
110, 1611
x-amz-id-2
/du7lw3sWxW4iCeu99RT2Wm2bp28gfHTxaRO+oMZnTXd5Es135M9ZjkWRFQ/hJmFpz4hffanOW4=
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
2b402f8568bcce13fb51a14008ebe3527f498a90
x-amz-request-id
NEKBQCR9MPH3AR4B
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
2922
server
AmazonS3
x-amz-server-side-encryption
AES256
vendors~signup_forms.ffb16c5d33241b7ebc9d.js
static.klaviyo.com/onsite/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.ffb16c5d33241b7ebc9d.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea56502693fda98428697c457b61f6b75a251aa229033d1986cb06f50b5b4c09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"2637231e0e24a8380341f0ec27de82ac"
x-amz-version-id
ys0_DApHDTe2ir3uV9komSzwXUUPhmO_
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Sun, 27 Oct 2024 19:37:23 GMT
content-type
application/javascript
x-served-by
cache-lga21948-LGA, cache-yul1970073-YUL
x-cache-hits
120, 1624
x-amz-id-2
GFi8mF0REMmLlSYD5meULpLekltUETgOF4pbX5dgRftTowBRvqzPb2Hse6ezz5d1M3U+8pTjmAE=
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
2b402f8568bcce13fb51a14008ebe3527f498a90
x-amz-request-id
W087T5HQQB8A65KG
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
4339
server
AmazonS3
x-amz-server-side-encryption
AES256
default~signup_forms~onsite-triggering.98637825d23e18eabe70.js
static.klaviyo.com/onsite/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.98637825d23e18eabe70.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80686478b4c8c1b518171ecf44218201d1a2cc3ef3aee22d06525e9ff3c99548

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"7f6ca8dd688c3138a0a113083a986dee"
x-amz-version-id
LR2idmLOmMYi4QiTW96rknCtaPTgE4i9
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Tue, 05 Nov 2024 15:57:38 GMT
content-type
application/javascript
x-served-by
cache-lga21965-LGA, cache-yul1970073-YUL
x-cache-hits
29, 1671
x-amz-id-2
dnd184xdpQfdGY1a31XGf/VoiDmYKyhMlLgnfi8vvuq+/0OIKBuQusNyRWD0lR/nfmK77OBlgnkDezILTmd2Iw==
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
13dc0d4857c93b5b6eaa0e4d1e2b586ac721669d
x-amz-request-id
MQECY6VSADADMNQA
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
9366
server
AmazonS3
x-amz-server-side-encryption
AES256
signup_forms.c5c0a39f907df95b48a8.js
static.klaviyo.com/onsite/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.c5c0a39f907df95b48a8.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392d5aad64f7a762e0222160d14841dc36b6717d4c03fa4386648bf4615c13d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"ac8cf36f4e6091dc87b8131837d62940"
x-amz-version-id
zClWZHlqfLUreEn4O.Zp3nhcK0_25tTt
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Thu, 07 Nov 2024 15:49:50 GMT
content-type
application/javascript
x-served-by
cache-lga21961-LGA, cache-yul1970073-YUL
x-cache-hits
12, 1788
x-amz-id-2
HdmnXGFL/inHzzsWSHWSoCh+/QnDtiXyVBdQz6/COzv9Jk0WXhDOFo68lMk8NZgz5hq/hRwLB+FDGkv7eM3R24m3lAS690Gj
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
96eb55c3c3de692d7ac5c9c82586433750b69448
x-amz-request-id
Y6PSJR3DT2FZ41SK
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
5981
server
AmazonS3
x-amz-server-side-encryption
AES256
vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js
static-tracking.klaviyo.com/onsite/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"bcbe97b98d6018eab1657c41ede222ec"
x-amz-version-id
koU66rAhxgXV9cTy9.T7JVXvuE.g_oHk
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Sun, 27 Oct 2024 19:37:23 GMT
content-type
application/javascript
x-served-by
cache-lga21920-LGA, cache-yul1970049-YUL
x-cache-hits
111220, 778
x-amz-id-2
aRF/htqjsdAAuDQKGHzquBc2ERwgh9RhEWEKJivfxYuvH4oFgssnHJl5WNFyOLWaOWCAxuqVLb8=
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
2b402f8568bcce13fb51a14008ebe3527f498a90
x-amz-request-id
M3VQ7R1C9YDM5PS9
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
4100
server
AmazonS3
x-amz-server-side-encryption
AES256
post_identification_sync.25bbd42d84d87eea8dd5.js
static-tracking.klaviyo.com/onsite/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/post_identification_sync.25bbd42d84d87eea8dd5.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f1d7538c02e5a34b6edfbf1849f3241d15db80198b63efa85a9c3827cf07c18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://apple-cart.trybandoo.com
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
etag
"b0f1595b4ac8f67fb17eb2cf0838b70a"
x-amz-version-id
D9rjbJsB.NpSYg8B2kmMKgk6sso63jFx
age
5622
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Wed, 30 Oct 2024 12:16:29 GMT
content-type
application/javascript
x-served-by
cache-lga21991-LGA, cache-yul1970049-YUL
x-cache-hits
48, 793
x-amz-id-2
o76P4W2SzHdA/HHoeDtMiBqN2b6FRqBK2v5RtA+KzuSGklIiB+mrgX8IXK3BkjNignPW4tcfW6DvkCo46eiOpECsF0jv0O+7viGbzXlBwXY=
vary
Accept-Encoding
cache-control
max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash
187d1fe4b0d8d2111d30ffa95cb2dad534f034ae
x-amz-request-id
ZJQF7WFR658JHVZ9
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
fender-asset
content-length
2830
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1786494436.1731028933&auid=391613481.1731028933&npa=0&gtm=45He4b70v849249172za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&tft=1731028932693&tfd=1455&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers
js
www.googletagmanager.com/gtag/ 		403 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M1BVHWVHCN&l=dataLayer&cx=c&gtm=45He4b70v849249172za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a2ac6898cc689437d91360eb8098f5e04a8796e2daa813fce0637ffee952a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 08 Nov 2024 01:22:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
131568
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BD44002076DF4426BA6C0365E0FD3481 Ref B: YMQ01EDGE0417 Ref C: 2024-11-08T01:22:12Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Fri, 08 Nov 2024 01:22:11 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI8L7B3C77U2H86MCB2G&lib=ttq
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aa748eabf3314f9dfe31aac7d15c69e4b650bc892d7364f3dcf66f08926d99bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
expires
Fri, 08 Nov 2024 01:22:13 GMT
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=2, origin; dur=17
x-cache
TCP_MISS from a184-28-190-55.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
6430f47
x-tt-trace-host
01fe0945b7805a8414fe7f3a78dd5027ed999a4f4bd978b209d0c453c215669c00deb3b6cc19bc2bada214df7fe45d3db5ec75db26788805754c0ed7b513bf770c79abe88d55fe9e6387da49395692b13cf74b7895ec813cec40d7406a58734fe7
x-origin-response-time
17,184.28.190.55
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241108012213513CB0698A8B8CDAFDC2-00E2C2CD4F82D086-00
content-length
1955
x-tt-logid
20241108012213513CB0698A8B8CDAFDC2
server
nginx
klaviyo.js
static.klaviyo.com/onsite/js/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2f6093e31d13c5eb54f547be4ee7456c5a93bb49118ce8d73ee0f69fba8a95f
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"adee0bd35c15ee19d2ba9d36c38254be"
age
5598
access-control-allow-methods
GET
x-cache
HIT, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript
x-served-by
cache-lga21930-LGA, cache-yul1970073-YUL
x-cache-hits
18, 0
access-control-allow-headers
vary
Accept-Encoding
content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
cache-control
max-age=1, stale-while-revalidate=10800, stale-if-error=86400
x-timer
S1731028933.622247,VS0,VE1
access-control-allow-credentials
true
allow
GET, OPTIONS
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
2356
content-language
en-us
server
nginx
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-KRM8JZPk' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-KRM8JZPk' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=5675, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
SBLWofkIvi4f0KnLB+0geQ2tkEKJyWvSiR2n3buxMusgLU1yiCaTULIr4UlEbMBqZuKiQ/uA19Pu+CFloFnvAg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 65FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fapple-cart.trybandoo.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 01:22:12 GMT
expires
Sat, 08 Nov 2025 01:22:12 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
klaviyo.js
static.klaviyo.com/onsite/js/ 		8 KB
213 B 		Other
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2f6093e31d13c5eb54f547be4ee7456c5a93bb49118ce8d73ee0f69fba8a95f
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-max-age
86400
content-encoding
br
etag
"adee0bd35c15ee19d2ba9d36c38254be"
age
5598
access-control-allow-methods
GET
x-cache
HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript
x-served-by
cache-yul1970045-YUL
x-cache-hits
1
access-control-allow-headers
vary
Accept-Encoding
content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
cache-control
max-age=1, stale-while-revalidate=10800, stale-if-error=86400
x-timer
S1731028933.927806,VS0,VE1
access-control-allow-credentials
true
via
1.1 varnish
allow
GET, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
2356
content-language
en-us
server
nginx
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=SDA3si
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01b5440b23341e3d74b51e853f3f48f18763d7aff604839d93ca2b470daeacec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
age
205988
access-control-allow-methods
GET
x-cache
MISS, HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-bos4680-BOS, cache-yul1970058-YUL
x-cache-hits
0, 0
access-control-allow-headers
strict-transport-security
max-age=900
vary
Accept-Encoding, Accept-Language, Cookie
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; report-uri /csp/
cache-control
max-age=10
access-control-allow-credentials
true
allow
GET, HEAD, OPTIONS
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
490
content-language
en-us
server
nginx
full-forms
static-forms.klaviyo.com/forms/api/v7/SDA3si/ 		57 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-forms.klaviyo.com/forms/api/v7/SDA3si/full-forms
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3cf7f8dcb0a8c00bf0a6d7169030898336dbc3d1e89cc1051dae8f276794366e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-expose-headers
client-geo-continent, client-geo-country
content-encoding
gzip
etag
"4c96ee119225b120e15a6e9ef523950b"
x-amz-version-id
dpcJLpX9nPnU_mUifN7HWwJySCYAVPiQ
age
227858
x-cache
HIT
date
Fri, 08 Nov 2024 01:22:12 GMT
x-amz-meta-surrogate-control
max-age=31536000
last-modified
Wed, 11 Sep 2024 14:06:27 GMT
content-type
application/json
x-served-by
cache-yul1970053-YUL
x-cache-hits
0
x-amz-id-2
ZM3R1cPR+SJU4RGgiIrRzCvlnIG5KwdSJJkui4XNlSq5MBrMTbiRWAIv301pqy3DYV0H68GS3wo=
vary
Accept-Encoding
cache-control
max-age=5
client-geo-continent
NA
x-timer
S1731028933.961220,VS0,VE3
client-geo-country
CA
via
1.1 varnish
x-amz-request-id
WD8C7XXF1Q6Q0W07
accept-ranges
bytes
access-control-allow-origin
*
x-amz-meta-surrogate-key
full-forms/shared full-forms/SDA3si custom-fonts/SDA3si
content-length
7049
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=user_id_update&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1786494436.1731028933&auid=391613481.1731028933&npa=0&ga_uid=G-M1BVHWVHCN.e116c030-9d6f-11ef-8a9d-99c881b96407&gtm=45He4b70v849249172za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&tft=1731028932879&tfd=1641&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers
collect
analytics.google.com/g/ 		0
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M1BVHWVHCN&gtm=45je4b70v886639480z8849249172za200zb849249172&_p=1731028932381&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1998602144.1731028933&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAACA&_s=1&uid=e116c030-9d6f-11ef-8a9d-99c881b96407&sid=1731028932&sct=1&seg=0&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&dt=Bandoo%20-%20Cleansing%20Foot%20Patches&en=page_view&_fv=1&_nsi=1&_ss=1&ep.full_url=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&ep.resolution=1600x1200&tfd=1647
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://apple-cart.trybandoo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
551 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M1BVHWVHCN&cid=1998602144.1731028933&gtm=45je4b70v886639480z8849249172za200zb849249172&aip=1&uid=e116c030-9d6f-11ef-8a9d-99c881b96407&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1BVHWVHCN&l=dataLayer&cx=c&gtm=45He4b70v849249172za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://apple-cart.trybandoo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 6399 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-M1BVHWVHCN&gacid=1998602144.1731028933&gtm=45je4b70v886639480z8849249172za200zb849249172&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629&z=1060844886
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1BVHWVHCN&l=dataLayer&cx=c&gtm=45He4b70v849249172za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 01:22:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M1BVHWVHCN&cid=1998602144.1731028933&gtm=45je4b70v886639480z8849249172za200zb849249172&aip=1&uid=e116c030-9d6f-11ef-8a9d-99c881b96407&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629&tag_exp=101823848~101925629&z=1665332685
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 08 Nov 2024 01:22:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
163538869183395
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/163538869183395?v=2.9.176&r=stable&domain=apple-cart.trybandoo.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b8fe725382e9b30bf4a56c53ea440f603c0f769e9eafad24e815d2799a8c2f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-8ToJkQHx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-8ToJkQHx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=76, mss=1232, tbw=71467, tp=66, tpl=0, uplat=125, ullat=0
pragma
public
x-fb-debug
fyOu62zNUWBSIcHK+MdKa+uVOAY3ZrhficGmOjXIYYFZ4G5VdXCBMcLPKhP7ywKjHi3oQaKNBeP4ppOcjtH0qg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
97038584.js
bat.bing.com/p/action/ 		364 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97038584.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EB7F2F3D7F4A4ED28AA7ECCD4FB4635F Ref B: YMQ01EDGE0417 Ref C: 2024-11-08T01:22:13Z
x-cache
CONFIG_NOCACHE
date
Fri, 08 Nov 2024 01:22:12 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Roboto:ital,wght@0,400&family=Roboto+Serif:ital,wght@0,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bed741d493758c7e5643d18e62f868fef27c4ce052c8acb63e299f9789090f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 01:22:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 08 Nov 2024 01:22:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97038584&tm=gtm002&Ver=2&mid=9c981b70-7cbf-4717-8ab5-d8ffb559a880&bo=1&sid=e20c17709d6f11efb0ce21ae0b86e3b5&vid=e20c25a09d6f11efa2795be21ad01fb3&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Bandoo%20-%20Cleansing%20Foot%20Patches&p=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&r=&lt=1379&evt=pageLoad&sv=1&cdb=AQAQ&rn=779179
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 14C34205CEE1406082246806B0E4843E Ref B: YMQ01EDGE0417 Ref C: 2024-11-08T01:22:13Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 08 Nov 2024 01:22:12 GMT
main.MWQ2ODQwNTg2MA.js
analytics.tiktok.com/i18n/pixel/static/ 		335 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI8L7B3C77U2H86MCB2G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

x-cache
TCP_HIT from a184-28-190-55.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
x-tt-trace-id
00-24110712561544BD3A07A12C85955CCC-7754CA8D268A4558-00
content-length
95110
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024110712561544BD3A07A12C85955CCC
server
nginx
x-akamai-request-id
6430fd9
x-tt-trace-host
01101b857bc401c633612386994cb4ede3f4dfdbcb97b6b8186ba1d36cb2963f231875a380a42bef9814a96a3c1f072c1128e0536db1c32c84b34f170eafe3ab4d1df7607381fc1d627daf9e61f153534480736d25122dc11c3bc6ee2de158d074
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=163538869183395&ev=PageView&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&rl=&if=false&ts=1731028933173&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731028933171.10105349873555671&ler=empty&cdl=API_unavailable&it=1731028932989&coo=false&rqm=GET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=2947, tp=-1, tpl=-1, uplat=1, ullat=1
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163538869183395&ev=PageView&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&rl=&if=false&ts=1731028933173&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731028933171.10105349873555671&ler=empty&cdl=API_unavailable&it=1731028932989&coo=false&rqm=FGET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434712657597759829"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ytY970iRPD0OLLxFtO1yN4Umjx3Dbn79KIN9AGzcbnAR6Voy/EWrhgjiGy5did+HCAU5BMyEj5pVH7mc/yHqFA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434712657597759829", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1392, tbw=6891, tp=-1, tpl=-1, uplat=108, ullat=1
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=163538869183395&ev=ViewContent&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&rl=&if=false&ts=1731028933175&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1731028933171.10105349873555671&ler=empty&cdl=API_unavailable&it=1731028932989&coo=false&rqm=GET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=2947, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163538869183395&ev=ViewContent&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&rl=&if=false&ts=1731028933175&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1731028933171.10105349873555671&ler=empty&cdl=API_unavailable&it=1731028932989&coo=false&rqm=FGET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434712657398524057"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe7405d05da964372","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["4244189262336025"]},"debug_reporting":true,"debug_key":"2272224564814970589"}
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
pTrNbq072V5q9SbDgaXOulOwgrixQs2viDT/IXD6Wu8HB8MekuvajHYsvz0Xfh1XyuQvGRB0XdlIU33NL7R+rQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434712657398524057", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1392, tbw=3368, tp=-1, tpl=-1, uplat=82, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

x-cache
TCP_MEM_HIT from a184-28-190-55.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id
00-240830022524D643E883E955D7849F3F-0DCC6A18438E6732-00
content-length
39500
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240830022524D643E883E955D7849F3F
server
nginx
x-akamai-request-id
6431086
x-tt-trace-host
01cad7a044193c13018231a410d7c9e91e4a851bed04eaed96c8c7eddaf9fd90df896b3fb2b4e2ed0d5f0a2975210150900007eb2d321d07150fecaf5e8221781a29b107969faba354fc947ec0deee5f3c7b17429e253ed90d388104cc38b477f3
pixel
analytics.tiktok.com/api/v2/ 		0
720 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Fri, 08 Nov 2024 01:22:13 GMT
server-timing
inner; dur=30, cdn-cache; desc=MISS, edge; dur=10, origin; dur=40
x-cache
TCP_MISS from a184-28-190-55.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Fri, 08 Nov 2024 01:22:13 GMT
x-akamai-request-id
64310ad
access-control-allow-headers
Authorization,*
x-tt-trace-host
01fe0945b7805a8414fe7f3a78dd5027ed999a4f4bd978b209d0c453c215669c00c772be87d8575881146e90f5a8c5ab615e25c3f16b8ebb186d7b6baede6777085e646a932e36d0f4d9ac670d8facd6ac2421dbbd5ed5b3f1d9558a9ad5d3670f
x-origin-response-time
40,184.28.190.55
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241108012213E9B968417CFA727DF124-3D46DD877F634F4F-00
content-length
0
x-tt-logid
20241108012213E9B968417CFA727DF124
server
nginx
/
timetoloadv2-f2ow6o2dfq-uc.a.run.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://timetoloadv2-f2ow6o2dfq-uc.a.run.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://apple-cart.trybandoo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://apple-cart.trybandoo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 08 Nov 2024 01:22:13 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
x-cloud-trace-context
93d3be44c84b9e05f42744e230ea98e1
/
timetoloadv2-f2ow6o2dfq-uc.a.run.app/ 		15 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://timetoloadv2-f2ow6o2dfq-uc.a.run.app/
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-allow-origin
https://apple-cart.trybandoo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
81e7a1285a7a198dfff4ad99ce0e3b31
rum
apple-cart.trybandoo.com/cdn-cgi/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apple-cart.trybandoo.com/cdn-cgi/rum?
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://apple-cart.trybandoo.com/?utm_auid=e116c030-9d6f-11ef-8a9d-99c881b96407

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8df1c032df4741d2-EWR
access-control-allow-origin
https://apple-cart.trybandoo.com
date
Fri, 08 Nov 2024 01:22:13 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
652e99399279323219230549_favicon-32x32.png
cdn.prod.website-files.com/6523b9e503029a11dfd90b3a/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/6523b9e503029a11dfd90b3a/652e99399279323219230549_favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a075 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2d887c39d033ccf5055bec6432e013d3ef1a6fc512a2ac2dfcd997a0d65183

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

cf-cache-status
HIT
etag
"818614e02f1a27143ec8cd5c00316bed"
x-amz-version-id
1whbsvf2j75RzJ3rvjb.hA21KY2mV9FR
age
217
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 01:22:13 GMT
content-type
image/png
last-modified
Tue, 17 Oct 2023 14:24:58 GMT
vary
Accept-Encoding
x-amz-id-2
Lyf1FbB57cHYJ6mabf5J3f2uhQWMurlqvB/JJlF0zwsQD3ECsZUBT8ZkItkZ+vCrKkgtq7JIl8Q=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
ZGXWY8WDNZBR3C1S
cf-ray
8df1c032dcbe18d0-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2047
server
cloudflare
x-amz-server-side-encryption
AES256
act
analytics.tiktok.com/api/v2/pixel/ 		0
717 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.190.9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-190-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://apple-cart.trybandoo.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Fri, 08 Nov 2024 01:22:13 GMT
server-timing
inner; dur=27, cdn-cache; desc=MISS, edge; dur=10, origin; dur=37
x-cache
TCP_MISS from a184-28-190-55.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Fri, 08 Nov 2024 01:22:13 GMT
x-akamai-request-id
64311a6
access-control-allow-headers
Authorization,*
x-tt-trace-host
01fe0945b7805a8414fe7f3a78dd5027ed999a4f4bd978b209d0c453c215669c00c772be87d8575881146e90f5a8c5ab61aff648eef0823c19f84c02ae28a5d225bd35b465f3704fc46cccf7ec9f37c744e7c5dba66aeceefdb2f7a1b83b81f0f6
x-origin-response-time
38,184.28.190.55
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241108012213374A66FC910383825915-6AC9B82C46BC5284-00
content-length
0
x-tt-logid
20241108012213374A66FC910383825915
server
nginx
collect
analytics.google.com/g/ 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M1BVHWVHCN&gtm=45je4b70v886639480z8849249172za200zb849249172&_p=1731028932381&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1998602144.1731028933&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&uid=e116c030-9d6f-11ef-8a9d-99c881b96407&sid=1731028932&sct=1&seg=0&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&dt=Bandoo%20-%20Cleansing%20Foot%20Patches&en=page_view_homepage&ep.full_url=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3De116c030-9d6f-11ef-8a9d-99c881b96407&ep.resolution=1600x1200&_et=41&tfd=6698
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://apple-cart.trybandoo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://apple-cart.trybandoo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 01:22:17 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apple-cart.trybandoo.com
URL
blob:https://apple-cart.trybandoo.com/f21bb746-875a-4aa7-9057-c7608e7c97ea

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| WebFont number| _vis_opt_cookieDays object| _VWO string| _vwo_mt object| _sentryDebugIds function| get function| sleep function| waitFor function| loadScript function| waitForCondition object| pageProducts object| pageSubscriptions string| BRAND string| _FALLBACK_VERSION object| __SENTRY__ function| Errors object| dataLayer object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery function| tram object| Webflow function| ES6Promise object| webpHero object| __cfBeacon function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| KLAVIYO_JS_REGEX function| logFailedKlaviyoJsLoad object| _learnq string| __klKey object| google_tag_manager object| google_tag_data string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| webpackChunk_klaviyo_onsite_modules object| _klOnsite object| klaviyo function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_f138c92b5c object| uetq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| __sentry_instrumentation_handlers__ object| _jelly_sdks

16 Cookies

Domain/Path Name / Value
.prod.website-files.com/ Name: __cf_bm
Value: iaF_OWI8aLt_mstmGpIBE4Hd5kouZCkylAav_FEQd7Y-1731028932-1.0.1.1-CnHfYToXF_uru4EhtMfb355WBGmUHeZ7Ld9zo138mkUGUxhKCVkP9BYo1uOZ9fyPBbO5fQQIJeM.aDLLiiyurA
apple-cart.trybandoo.com/ Name: initialJsTimestamp
Value: 1731028932372
.trybandoo.com/ Name: _gcl_au
Value: 1.1.391613481.1731028933
.trybandoo.com/ Name: _ga
Value: GA1.1.1998602144.1731028933
.trybandoo.com/ Name: _ga_M1BVHWVHCN
Value: GS1.1.1731028932.1.0.1731028932.60.0.0
apple-cart.trybandoo.com/ Name: __kla_id
Value: eyJjaWQiOiJObUpoWm1KaVpUVXRZbVZoTnkwMFpXUmhMV0l3WXpRdFl6ZzNaVEUxT1ROa05XVTQiLCIkcmVmZXJyZXIiOnsidHMiOjE3MzEwMjg5MzMsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYXBwbGUtY2FydC50cnliYW5kb28uY29tLz91dG1fYXVpZD1lMTE2YzAzMC05ZDZmLTExZWYtOGE5ZC05OWM4ODFiOTY0MDcifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MzEwMjg5MzMsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYXBwbGUtY2FydC50cnliYW5kb28uY29tLz91dG1fYXVpZD1lMTE2YzAzMC05ZDZmLTExZWYtOGE5ZC05OWM4ODFiOTY0MDcifX0=
.trybandoo.com/ Name: _uetsid
Value: e20c17709d6f11efb0ce21ae0b86e3b5
.trybandoo.com/ Name: _uetvid
Value: e20c25a09d6f11efa2795be21ad01fb3
.tiktok.com/ Name: _ttp
Value: 2oXvrYc8DLId0KoqN0Aexd1mHs7
.bing.com/ Name: MUID
Value: 1DE542A6F4146EC00F765797F5C26F23
.bat.bing.com/ Name: MR
Value: 0
.trybandoo.com/ Name: _fbp
Value: fb.1.1731028933171.10105349873555671
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.trybandoo.com/ Name: _tt_enable_cookie
Value: 1
.trybandoo.com/ Name: _ttp
Value: qYx76R4pVZ0EHbCV1J56sz9QAGD
apple-cart.trybandoo.com/ Name: pageInteractiveTimestamp
Value: 1731028933533

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
analytics.tiktok.com
apple-cart.trybandoo.com
bat.bing.com
cdn.node33.ai
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
dev.visualwebsiteoptimizer.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
o4504479358124032.ingest.sentry.io
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.cloudflareinsights.com
static.klaviyo.com
stats.g.doubleclick.net
td.doubleclick.net
timetoloadv2-f2ow6o2dfq-uc.a.run.app
unpkg.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
apple-cart.trybandoo.com
13.33.251.140
151.101.130.133
151.101.194.133
151.101.2.133
184.28.190.9
2001:4860:4802:36::35
2001:4860:4802:38::181
2606:4700:3108::ac42:2bd5
2606:4700::6810:5049
2606:4700::6811:f8cb
2606:4700::6812:a075
2607:f8b0:4004:c09::9d
2607:f8b0:4006:806::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2003
2620:1ec:33::10
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.120.195.249
34.144.207.37
34.96.102.137
01b5440b23341e3d74b51e853f3f48f18763d7aff604839d93ca2b470daeacec
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0e913234e3123ba8a5d535706253505bf4e1c5260f4a28ea8c31fbcfcb6b8aaa
1b8fe725382e9b30bf4a56c53ea440f603c0f769e9eafad24e815d2799a8c2f5
26543e143e98cd9274d627eb3b593454d37faf0dfc23b6bff93b5f682297ced2
266aee1c7ddee3befe8e5c15229a34e7355ffe603f6e707a3321457879bf750b
392d5aad64f7a762e0222160d14841dc36b6717d4c03fa4386648bf4615c13d1
3cf7f8dcb0a8c00bf0a6d7169030898336dbc3d1e89cc1051dae8f276794366e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e149dbb616bedddb3a5f9cd6d923d14e52cf7fbdc077660f7321148498c90a0
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
5a2ac6898cc689437d91360eb8098f5e04a8796e2daa813fce0637ffee952a3d
6eaa7d84867f4a3f58d1cff2d44b4d4adfcc58072a48d761fe092b7e6172b253
6f1d7538c02e5a34b6edfbf1849f3241d15db80198b63efa85a9c3827cf07c18
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7f2d887c39d033ccf5055bec6432e013d3ef1a6fc512a2ac2dfcd997a0d65183
80686478b4c8c1b518171ecf44218201d1a2cc3ef3aee22d06525e9ff3c99548
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8a0e34d7703d7f3101e525ce45ddfe4ed3cc1ea2bd1dc75b74ff0bfac526d68d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d702707f2225f15e41a83292f1ae349fabeb590c257526b64abaeaf53c76357
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
99e971227d19899f22600856ab962b99eb2be1bd48c094cb48edf01120bd15f4
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
aa748eabf3314f9dfe31aac7d15c69e4b650bc892d7364f3dcf66f08926d99bb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
bed741d493758c7e5643d18e62f868fef27c4ce052c8acb63e299f9789090f73
c2f6093e31d13c5eb54f547be4ee7456c5a93bb49118ce8d73ee0f69fba8a95f
c62f3218c0b289ec5709c615aa14974fa3d88cbe64534ac0cca52cca51c3ac32
cb341781c7330fb28bb6b0592be730f2464bdc94c166264717b410c609365fa9
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01
d41ac0e18c3aacf5c39976ab50fd877ff0fec9720f022d7d082a1527333116cf
d776af740fa7a0e7c0cb158bf32142169b1dc7fc9fb0f5e6e75e2d14865e727e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605
ea56502693fda98428697c457b61f6b75a251aa229033d1986cb06f50b5b4c09
ecabf396531beef7f6c20e533a26edb5ef5bb12879d30d191035ad2524191d4c
eefeb3811e0512c505a4c5ddd9e743dd178375fa655c4884321679c4d4094c7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa37b2e4408c24dc06ecd25bc9ffbbddecd19269d96a5b2cf9743528292fd97e
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514